This is an experiment in publishing a weekly recap, capturing things that I worked on, was interested in, etc. I’ve been getting a lot better about taking notes regularly, but I want to work on synthesizing those notes and making them more useful, so I thought doing a recap would be a nice way to review what I’ve done for the week.

Digital Puttering

I spent a lot of my time this week working on cleaning up my Obsidian vault and cleaning up my website. One of the things that I’ve really been enjoying is the concept of Digital Gardening, which Maggie Appleton has a great article on. But in this article, she also describes “Digital Puttering,” the act of cleaning up one’s digital space.

I’m still very interested in the digital gardening aspect of things, and I’m slowly interested in trying to turn my website into a digital garden rather than just a chronological collection of posts. But I’ve actually always really enjoyed cleaning up my digital space. It’s a very therapeutic activity, especially when combined with my data hoarding tendencies.

Knowledge Management

I’ve tried to use Obsidian in various ways since first discovering it in 2021. I originally started just shoving everything into a random folder structure. I didn’t put much effort into this, and it quickly became unruly. Then I discovered the PARA method, and I tried to organize according to it. But this also seemed not very actionable for me. It seemed almost too abstract for the way I was taking notes.

In the past couple weeks, I’ve started to use Obsidian Dataview, Templater, and Meta Bind to create pages to track meetings, people, books, as well as make my daily note system more useful. I got a lot of influence in these systems from Dann Berg’s recent YouTube videos. I also started using Obsidian Web to clip pages into my vault for easier cross-referencing and offline access.

One area I’m still exploring in knowledge management is the Johnny Decimal system. This is effectively a manual index system, similar to how books are organized in a library according to the Dewey Decimal system. I haven’t spent a ton of time investing in this, but have been keeping a brainstorming document of all the different areas and categories that I would use if I was going to implement a Johnny Decimal system. I think I would probably keep a separate section for temporal notes (such as daily notes and weekly retro notes).

Website Improvements

As part of my digital puttering, I made a number of improvements to my website this past week. I fixed my theme switching after reading Bryce Wray’s “It’s tri-state switch time.” This required rewriting the whole way my hugo theme’s color schemes worked to support CSS media queries, but ended up producing a nicer experience for users. I also was able to use Aleksandr Hovhannisyan’s “The Perfect Theme Switch” to optimize my page loading to avoid flashing unstyled content, which was something that was annoying me but I didn’t really know how to solve.

I also enabled a Content Security Policy and enabled compression for delivery over the wire, which improves the performance for visitors. I also swapped all my external images for first-party hosting in my git repo, which allows the Hugo Images mod to automatically use lazy loading, convert images to webp, and provide content-addressable image urls. I also added a few strategic <noscript> tags to help clean up the behavior of the site for users who visit without javascript enabled.

I wrote and published the colophon for my website, which also highlights a lot of the things in this section.

(Alleged) AT&T Data Breach

The talk of the proverbial town, the past week or two, has been the alleged AT&T breach. I was able to obtain this breach and reasonably authenticate it. I didn’t find anything that definitely says it was AT&T, but I was able to find my own data, as well as the data of many other friends and family who are or were AT&T customers. I was also able to check against some family who became AT&T customers in 2022 and were not in the data dump. This would correlate with the timeline of the alleged breach happening in 2021.

I’d recommend that anyone who may have even potentially been impacted by this breach go ahead and freeze their credit at TransUnion, Equifax, and Experian. This will help to mitigate the identity theft risks of leaked name/date of birth/social security number combinations. I’ve had my credit frozen for about 10 years and the most it’s given me problems is maybe an hour or two when trying to figure out who someone wants to use to check my credit.

New Django Web App

I also began working on a new Django web application for a private community that I help organize. I was able to make use of cookiecutter-django to quickly get up and running, but I did run into some really annoying things that are probably unique to my use case.

In particular, I wanted the only way to login to this app to be via a “Sign In With Slack” button that requires signing in with our community slack. Since this is an invitation-only community, I couldn’t just have open registration, and my previous explorations in standing up my own IDP were overwhelming. Sign in with slack made sense, since everyone already had the slack account to be part of the community. But django-allauth, which cookiecutter-django uses for authentication, doesn’t really like the idea of social-only authentication, so I ended up having to override a bunch of the code it provides, and manually include only the urls that I need to support the Slack sign-in.

Even still, I can see a personalized variation of cookiecutter-django becoming very useful for quickly getting projects setup.

Docker Optimizations

I haven’t written up a full post on this yet, but last Sunday I did write a brief thread on Twitter about optimizing docker builds. This is an area that I’ve inadvertently become rather skilled in, in my professional desire to produce builds that are as reproducible and deterministic as possible. I’ll probably expound more on this in the next week or two, along with diving into my philosophy on dependency management.

What I’m Reading

Sienna got me signed copies of Cory Doctorow’s new book, The Bezzle, along with Red Team Blues and The Internet Con. I decided I’d start reading Red Team Blues first, since it came out before The Bezzle, even though The Bezzle is a prequel of sorts.

I’m about halfway through it and I’ve been really enjoying it so far. It’s definitely not about “red team” in the infosec adversary emulation sense, but that’s perfectly fine by me, since I’m not a huge fan of the way the infosec industry has tried to corrupt the meaning of red team.

Interesting Links

• Erase Your Darlings - An absolutely unhinged way of running a laptop. Just the type of unhinged that I really want to try. As my friend Adam put it, “That looks exactly like the kind of type 3 fun I like to have.”
• Historical Trails - A fascinating dive into the pattern of providing historical trails for where you’ve been. I have a note in my vault from maybe a year ago about the idea of a browser extension that keeps track of my navigation history and allows me to package it up and send someone the exact journey I went on, so that they can literally walk through the same steps I took.
• Bryce Wray - I found Bryce’s blog posts while searching for how to do things in Hugo that I wanted to do. I referenced it earlier in the work I did on my site’s theme switcher. But he also has a post on JSON feed, which I used to add my own JSON feed, as well as a post on Pagefind; I’ve been toying with the idea of adding a search to my site for a while. I found myself entranced in his writings on a wide variety of things that also interest me. I didn’t expect to relate so much to a 68 year old retiree.
• Contrast Triangle - Since I was improving my site, I was also looking at how to improve accessibility and found this tool. It’s very cool, but also shows just how difficult it is to appease the contrast algorithms.
• Death of the Follower & the Future of Creativity on the Web - This was a SXSW 2024 Keynote by Ryan Conte, the founder of Patreon. It was a very interesting exploration of the evolution of creator culture, and how he thinks we’ll move forward. I also appreciated how passionate he was for the topic, always a delight to see speakers who practiced.

Upcoming Projects

• I am working on a talk idea that I’d like to submit to BSides Las Vegas. (Due: 2024-04-21)
• I am toying with the idea of submitting a training around docker and dependency management to OWASP Global AppSec. (Due: 2024-05-06)
• I am interested in applying for the Defcon 32 Call for DJs to do a nerdcore show at Defcon this year. (Due: 2024-06-01)
• I am working on a new song, produced by Mikal kHill. (Due: N/A)