Shawn Webb @lattera@bsd.network
- Pronouns
- He/Him
- lattera@gmail.com
- Open to employment
- False
- Tor-ified Signal
- +1 (303) 901-1600 / shawn_webb_opsec.50
HardenedBSD cofounder, Emerald Onion Advisory Board member, all around infosec wonk.
Joined Jan 2018
Pinned post
This is Shawn Webb from The HardenedBSD Project. I use the bsd.network Mastodon
instance. This message is cryptographically signed with GPG by me.
My GPG public key can be found here: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
-----BEGIN PGP MESSAGE-----
owGbwMvMwMH4Xy99UfmPh78Y1zL6JYnlJhaX5Kfk5+mWpRZlplXqGhjqlVSUJGeY
LgrJyCxWAKLgjMTyPIXw1KQkhbSi/FyFkIxUBY/EopTUvNQUp2AXhYCi/KzU5BI9
BU+F0uJUhRKgdFJxil5eakl5flG2gi/UAq7MvOKSxLzkVD0FsMm5qcXFiempIBuS
iyoLSvLTixILMjKTE3NyKhWKM9OBpiuUZ5ZkKLgHuCskVQLV63Fx+VaCuQWlSTmZ
yQrZqZUKyYl5CkmpCmn5pXkpChmpRalWChklJQXFVvr66ZklehlQh4JclF+Uro/E
1weaAjShWF9XvyixXB8UEKlF+mDfxoN8q29g7Gji7OTq5GRh5Opo6mhm7mLpZmxh
auzmZuRqZu5oZG7uZuFq6OaoBzRIL7E4mauTyZiFgZGDQVZMkYV5yenXO/SWLqud
bxEMC3FWJlC4MnBxCsBEvBj5f7N6cu+IKbu0W9lzaq5JetLVD0ey12mlHj/msqfr
uMmbBZ2rOf6eiDQ12V/pp1l/w0Ju+qff7rKnLq8qjH8Y2HftWnv1m9DK8/uSXk9J
/NQl9a9e51utUPdGNZGFvBUXbGX5P+7f+XL6ogtGJjf0Jk24c1P5e2bWNwfOA29l
Kz236GmtXXjaJunG0S12P8z6+CXiTdeJnFeW4Fp0yr3sor7ZBc1LCnZ+ukIzsoUW
r1885eyr9fsvcagHKLIuMn17yULsYECJdOBR6d3FW56kuav+e9UYqsFffvXUAY0Q
k2sdUbu+v2mpuaid7R0mu+QTg2WXb1haZjzP+qU35nxPOciRX6ctoXTrTXPwlAs3
d22bFTjllBPfffYbUx5Oc9lcuP6Sj+QWzxfv/i+N++nAc/Ndk8zHfdrfd6pqb345
b/F5lo+eBf8bb+rN/Ow6YdaFp9ElyUcVOnR0Xe28jxdM32v/trTjM+P27fqmZtJG
mROK/z3I/JuwZMHy0ysTr9rUB29d+PFK7ELzvPSKG+uZJxzNnblu08lT4S6mLK3H
/5wSvKvUz6Sd0XEt4JEA55qrbEon1SfuO6xVI3Uju8trfkRYLtPZ4x+kth++quT8
NG7qhe87tu2pNee4Pj30vGXotRtnjlbcn270NSj0A2u4y87LgqyTlOxuam+M/Xwx
753l+S9yCjoi1TevTP81R+xzQrpdcsO0Zz4qH5Qr3adfAwA=
=E4qi
-----END PGP MESSAGE-----
Shawn Webb
boosted
Which of these computing devices do you have and use? (RT for sample size)
That tower system on the bottom: that's #HardenedBSD's first ever crowd-funded system for the project. That system is a decade old and still in use :-)
Inspector came today. We passed inspection! The job is now 100% complete.
As a bonus post, here's a few photos of the server room: https://photos.app.goo.gl/iPTJGg3KHKVF8rfu8
Yes, I suck at cable management when it comes to hobbyist stuff. And yes, I do plan to create custom ethernet cables of the proper lengths.
I long for the day when we at #HardenedBSD can switch to #Radicle as our code forge.
Today is a good day for #MONO: https://youtu.be/1h5Ky5cBwA8
Shawn Webb
boosted
Now that it's official, I can announce it - although I may have dropped a few hints earlier! 😉
My talk "Why (and how) we’re migrating many of our servers from Linux to the BSDs" has been accepted, and I’ll be honored to present it in June at BSDCan in Ottawa.
The joy of meeting BSD friends in person again (and those I haven’t had the chance to meet live yet) will be immense, and the honor of sharing my story in Canada is truly beyond measure, especially considering the level of other talks and all the people attending.
Of course, I’ll be bringing various BSD Cafe gadgets with me!
For more information, here’s @mwl 's post with further details: https://blog.bsdcan.org/2025/03/18/bsdcan-2025-talks-tutorials-and-registration/
Shawn Webb
boosted
I'm celebrating my 50th year of using UNIX!
Sometime in spring of '75, my friend Peter (sysadmin for the PDP-11/45) came around shouting "UNIX is Here! UNIX is Here!"
I asked "What's a UNIX?" and he showed me the 1974 CACM article about UNIX.
#HardenedBSD goal for this weekend: Deploy two servers that have been gathering dust.
First server will be one that we can provide signed test images for when we need to bisect the codebase for bugs.
The second server will be for other experiments.
The electrician completed his work. Both of the new 20A circuits are working. The #HardenedBSD infrastructure has now been moved to the new circuits. Zero downtime. :-)
Shawn Webb
boosted
JUST IN: Minnesota GOP Senator Justin Eichorn arrested after trying to meet up with a 16-year-old girl.
Eichorn was arrested just hours after co-authoring a bill to recognize "Trump Derangement Syndrome" as a mental illness.
The electrician will be here shortly. I plan to keep the #HardenedBSD dev/build infrastructure online unless the electrician needs me to power it off.
This merge conflict was resolved yesterday.
True story: I used #Ghidra to help determine what was going on.
Shawn Webb
boosted
Shawn Webb
boosted
Amazing that it took them this long. The new product lineup from #Synology for this year only accepts Synology branded drives.
If you happen to own an older Synology and are looking to replace: consider moving towards a more standardized platform. Like the Zimacube. Or if you are feeling a bit more adventurous: build your own.
Don't switch to #QNAP, #Asustor or whatever - they'll be the next brand to enshittify after Synology.
There is some fantastic and open software available. I personally prefer #HardenedBSD with #ZFS - but there is so much more!
The dogs are finally tired. Now I can take care of some #HardenedBSD stuff, starting with the libc/csu/rtld related merge conflict in our 14-stable branch.
#FreeBSD enables the full suite of #llvm compiler toolchain components for the base operating system: https://cgit.FreeBSD.org/src/commit/?id=1cae7121c667d9caf205832cf45fd02af3157e6f
Great to see.
Goal for this weekend: Resolve the #HardenedBSD 14-STABLE merge conflict with upstream #FreeBSD.
This involves the libc/csu/rtld issues from before. I gotta re-learn and apply what I did on 15-CURRENT.
I migrated the #HardenedBSD #Vaultwarden instance from one host to another.
Today, I'm grateful for vm-bhyve and #ZFS.
On the original host:
# zfs snapshot tank/bhyve/vaultwarden-01@2025-03-13
# zfs send tank/bhyve/vaultwarden-01@2025-03-13 | ssh sync@second-host:/path/to/sync/storage/vaultwarden-01.2025-03-13.zfs
Then on the new host:
# zfs recv < /path/to/sync/storage/vaultwarden-01.2025-03-13.zfs
# vm config vaultwarden-01
[editor brought up to change network0_switch to the proper value for the new host]
# vm start vaultwarden-01
And I have the zfstools package performing auto-snapshots of the entire VM's storage every 15 minutes, hour, day, week, month, and year.
That way, if the VM is compromised, I can simply rollback the entire VM to the last known good state.
- Pronouns
- He/Him
- lattera@gmail.com
- Open to employment
- False
- Tor-ified Signal
- +1 (303) 901-1600 / shawn_webb_opsec.50
HardenedBSD cofounder, Emerald Onion Advisory Board member, all around infosec wonk.
Joined Jan 2018
Shawn Webb's choices:
