{"@attributes":{"version":"2.0"},"channel":{"title":"shellsharks Life Content","description":"Writings on infosec, technology and life","link":"https:\/\/shellsharks.com","language":"en-us","managingEditor":"mike@shellsharks.com (Shellsharks)","webMaster":"mike@shellsharks.com (Shellsharks)","pubDate":"Mon, 20 Apr 2026 02:45:22 -0400","lastBuildDate":"Mon, 20 Apr 2026 02:45:22 -0400","image":{"title":"shellsharks Life Content","url":"https:\/\/shellsharks.com\/assets\/img\/avatar.png","link":"https:\/\/shellsharks.com"},"generator":"Jekyll v4.3.4","item":[{"title":"Useful Pok\u00e9mon","description":"<p>Inspired by <a href=\"https:\/\/www.threads.com\/@solojimmyyy\/post\/DVvyo-cDSD9?xmt=AQF0UO85eu-fcWI2Aj3V4iGnF9UdguUPrmLC4JW5P7lCuLd3VfxYT2wLyxucto4g-0IvIzY&amp;slof=1\">this post on Threads<\/a>, I thought about which <a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/List_of_Pok\u00e9mon_by_National_Pok\u00e9dex_number\">Pok\u00e9mon<\/a> would be the most useful to me in <em>real<\/em> life. Here\u2019s what I came up with (in index order)\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Jigglypuff_(Pok\u00e9mon)\">Jigglypuff<\/a> is a fluffy li\u2019l guy who can help put my kids to sleep when it\u2019s time. \ud83d\ude06<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Diglett_(Pok\u00e9mon)\">Diglett<\/a> would be a great helper for my <a href=\"https:\/\/shellsharks.com\/gardenlog\">gardening<\/a> tasks\u2014tilling soil, digging, etc\u2026<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Meowth_(Pok\u00e9mon)\">Meowth<\/a> can literally produce coins\/money, can talk, is playful, and hunts around at night finding treasures to bring back to me. All wins there.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Poliwrath_(Pok\u00e9mon)\">Poliwrath<\/a> seems like a good bro to have around. Strong swimmer and can be a useful, amphibious body guard.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Machoke_(Pok\u00e9mon)\">Machoke<\/a>\u2019s are chill and can help with stuff around the house.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Chansey_(Pok\u00e9mon)\">Chansey<\/a>\u2019s got eggs that are nutritious and delicious.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Lapras_(Pok\u00e9mon)\">Lapras<\/a> is a gentle chap that can ferry me around.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Meganium_(Pok\u00e9mon)\">Meganium<\/a> can legit bring dead plants back to life\u2014need that given my not-so-green thumb.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Miltank_(Pok\u00e9mon)\">Miltank<\/a> can produce tasty, nutritious and healing milk. I\u2019m sure it\u2019s protein packed too.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Blissey_(Pok\u00e9mon)\">Blissey<\/a> brings good luck and healing powers. Gotta have one in your corner.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Gardevoir_(Pok\u00e9mon)\">Gardevoir<\/a> is a zealous protector and could also lift stuff with its mind which could be useful around the house.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Latias_(Pok\u00e9mon)\">Latias<\/a> seems like a good option for flying and is gentle and can understand humans.<\/li>\n  <li><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Rayquaza_(Pok\u00e9mon)\">Rayquaza<\/a> could be useful from time to time on bad weather days\u2014though it seems a bit intense to have around\u2026<\/li>\n<\/ul>\n\n<p><strong>NOTE<\/strong>: I\u2019m only really familiar with Pok\u00e9mon up through <em>Gen III<\/em> so this list doesn\u2019t consider anything beyond that.<\/p>\n","pubDate":"Thu, 12 Mar 2026 11:10:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2026\/03\/12\/useful-pokemon","guid":"https:\/\/shellsharks.com\/notes\/2026\/03\/12\/useful-pokemon","category":["life","pokemon"]},{"title":"Conflagration","description":"<p>I don\u2019t think I really know when <u><i>it<\/i><\/u> happened\u2014the \u201c<strong>burnout<\/strong>\u201d. It\u2019s not something that happens all at once. Maybe you see it coming, you start to spot the signs. Or, if you\u2019re like me, you don\u2019t know it\u2019s happened until months or <em>years<\/em> after being mired in the after-effects. I would <em>slip<\/em>\u2026 <em>in<\/em>\u2026 and out, of the conscious realization that I was indeed <em>burned out<\/em>. There were times I found myself very lucid, entirely aware of how burned out I had become. Through other spans of time I managed to disassociate entirely. <em>How long was I there?<\/em> I can\u2019t honestly say. The entire lifecycle from burning out, to burned out, to realizing I was burned out, to recovery, is not a straight path, and not one that has some known, or widely-accepted timescale. Come to think of it, I really haven\u2019t seen many accounts of severe burnout. I suppose that\u2019s because those who experience it are likely too burned out to write about it. So, am I back? <em>Hah<\/em>! It\u2019s not that simple unfortunately. But I <em>am<\/em> in a place where I feel that I can share my experience.<\/p>\n\n<div class=\"containbox\"><u>Notice<\/u>: This is a particularly personal accounting of my real-life experience with burnout, and everything that comes with it.<\/div>\n\n<p><em>Look<\/em>, I\u2019m not going to lie to you. I haven\u2019t come here to say that I\u2019ve unequivocally \u201crecovered from burnout\u201d. A nasty thing about burnout is that it isn\u2019t some obvious, precipitous decline. It isn\u2019t necessarily marked by some singular, triggering event. What <a href=\"#burnout-causes\">causes<\/a> burnout from one person to the next is never the exact same, and each of our paths can look wildly different and result in varying levels of burnout\u2014the <a href=\"#burnout-symptoms--manifestations\">manifestations<\/a> of which can also be quite variegated. Similarly, the path <em>out<\/em> is not straightforward. It is not an extrapolatable line upward and outward. <u>This<\/u> is an upswing for me, <em>sure<\/em>\u2014writing this post. But I\u2019ve been here before. I first thought about and started drafting this post nearly two years ago, around early May of 2024. This too would have been sometime <em>well after<\/em> I first realized I was \u201cburnt out\u201d\u2014when I finally had enough energy to even give the notion of writing about it some thought. I can\u2019t point to a day, or to a moment, or to a thing-that-happened and say \u201cthat\u2019s when the burnout began\u201d. However, <em>I suspect<\/em> that my own case of burnout began accelerating in early 2022, with \u201cfull burnout\u201d finally happening in mid 2023 when my daughter was born, at which point I stepped away from it all on leave. I\u2019ve been torched ever since.<\/p>\n\n<p>How did it happen? <em>Gah<\/em>, I don\u2019t know. There\u2019s any number of things I can point to and say were contributing factors. The pandemic, too much work, not enough recognition at work, friendships lost, parenting stress, stress from the world at large, stretching myself too thin with side projects, the list goes on\u2026 We\u2019re all conditioned to work, work, work. Reach higher, stretch into that role, stretch for those goals, get a better title, get more money, post our travel photos online, more, more, more! It\u2019s just kinda\u2026 exhausting, <em>y\u2019know<\/em>? In those 18 months from early 2022 to July 2023 I was pretty busy. I was in a demanding role at well-known big tech company, I had some side projects going on, I was publishing this blog + my <a href=\"https:\/\/shellsharks.com\/podcast\">podcast<\/a>\u2014all while doin\u2019 the parenting thing. I pushed and pushed to do more and more, and did so in a way that was in hindsight, entirely aimless. Yes, I <em>did<\/em> a lot of things, but to what end? Were they in pursuit of something specific? Did those things make me happy? When my daughter was born I was just, <strong>tired<\/strong>. It was time to step away from the work and focus on those early months with a new baby. Eventually, I came back to work. But I didn\u2019t really come back\u2014not entirely. I had lost the drive and the motivation. Things that once interested me no longer did, and I\u2019m not just talking about work stuff. I wasn\u2019t as active on the blog, a lot of my hobbies just completely died, I was in battery-saving mode\u2014just doing the bare minimum. I did what I <em>had to<\/em> at work, I ate, I went to the gym, I played with my kids and I slept. There were other hours in the day, but I\u2019m not sure what I did with them.<\/p>\n\n<p>I don\u2019t want to misrepresent things here either. I didn\u2019t spend my days doing \u201cjust the essentials\u201d, keeping the lights on, and doing them <em>well<\/em>. <em>No, no, no<\/em>. In my haze, I\u2019m not sure I did anything with the focus and enthusiasm that it deserved. My time spent at work was unfocused, often unproductive, and from my perspective, entirely meaningless and unfruitful. I got things done sure, but they didn\u2019t seem to matter. No one said \u201cgood job\u201d. I never felt accomplished. I could go days, or even a week or more without talking to a single person. I didn\u2019t feel like I was learning <em>anything<\/em>. I felt that what I did there didn\u2019t matter. That <em>I<\/em> didn\u2019t matter. No one needed me and I had nothing to offer. While I stood alone and still, everyone else seemed busy, effective\u2014happy. I would see proud messages of others in my team and across the company achieving promotions, or completing highly-visible, impactful projects. Sometimes I was jealous, but more often I felt <em>nothing<\/em>. I wasn\u2019t inspired, I just continued on. At first it was just a month lost, or a quarter lost. But eventually it became this awful gap. A year or more where I\u2019d been entirely stuck. Even if I could get moving again, look how far I\u2019ve gotten behind.<\/p>\n\n<p>My <a href=\"https:\/\/shellsharks.com\/podcast\">podcast<\/a> fell to the wayside. My blog lie unupdated and dormant for months at a time, gathering cobwebs. I had aspired to a great many other things in the larger world of \u201c<span class=\"shellsharks-com\">shellsharks<\/span>\u201d, but I forgot about all of them. I announced <a href=\"https:\/\/shellsharks.com\/sharkweek\">&gt;Shark Week<\/a> in multiple years only to completely ignore it when the time came. I never conciously \u201cgave up\u201d on the blog\u2026 I just <em>stopped<\/em>. This wasn\u2019t a purposeful attempt to reclaim time for work, or for parenting, or for my sanity. I was no longer in the drivers seat. I had simply, unpurposefully, disconnected. Sometimes I would remember it was there. I would think about writing something. Or I would catch up on a few things I wanted to update\u2014breathing a little bit of life into the site. But for a long while, it didn\u2019t amount to more than that. Folks who I came to know through my site, or through social media reached out to me. Wondering where I had gone. Wondering if I was <em>OK<\/em>. Eventually I saw the messages. I let them know that I was <em><a href=\"https:\/\/shellsharks.com\/notes\/2025\/06\/23\/its-a-lot-of-things\">fine<\/a><\/em>. Things were just busy. This was true. But it wasn\u2019t the entire truth.<\/p>\n\n<p>Even as a parent, and a full-time job-haver, I still have hobbies. Or I <em>did<\/em>. Through these darker days I still tried to go to the gym\u2026 but those sessions never got my full focus. I had projects in the yard, or around the house, but I never really got to them. If there\u2019s anything that I managed to still be kinda \u201cgood\u201d at, it was playing with and having fun with my kids. But even while doing that, I still often worried about work, never being able to fully be happy in the moment. Too often I sacrificed time I should have spent with my wife or family because I felt guilty about work. Then at work I felt circularly miserable about a perceived degraded home life. <em>Vicious<\/em>, some say.<\/p>\n\n<p>That feeling of being behind on things, of feeling unfocused, of feeling unneeded, of feeling unimportant, bled into every corner of my life. I wasn\u2019t just useless at work. I also started to see myself fail at home\u2014and forget about my friendships, these had seemingly entirely disintegrated. I felt at this point, universally alone.<\/p>\n\n<p>Burnout is one of those things that you try to shrug off. Everyone is burned out right? Everyone has any number of things stressing them out at any one time. Sure I may feel \u201cburned out\u201d, but it isn\u2019t anything especially problematic! I found myself routinely ignoring or trivializing these feelings. I chalked them up to the routine stresses of the world, rather than fully appreciating the gravity of the state I was in. Because the difference between chronic burnout and run-of-the-mill stress is that with burnout you just can\u2019t find your way back to a healthy \u201cnormal\u201d. You stay unproductive and uneffective. It takes a more concerted effort to pull yourself out of the rut.<\/p>\n\n<p>You see, I knew I was \u201cburned out\u201d, and looking back now, it\u2019s easy to see I had become depressed too, thanks in part to the burnout. Some days I would manage to pop my head above the clouds with proclamations of how I was going to \u201cget serious\u201d, or \u201clock in\u201d, or some other way of crawling out of this quagmire. But as some of my friends and family can attest, those words were either empty or simply did not provide adequate propulsion. I fell right back into the bad habits\u2014that same fog. In some ways, I\u2019m still trying to really understand what I <em>want<\/em>. I think having a clear idea of what you want is key. Only then can you try and reverse engineer the steps to get there, prioritize, and make time for everything. As it turns out, there\u2019s just not enough time in the day for everything. Compromises, or full-on sacrifices have to be made. This is the reality.<\/p>\n\n<p>So am I through it now? Am I <em>OK<\/em>? Am I no longer \u201cburned out\u201d. I don\u2019t know. Probably not. I\u2019ve been <em>kinda<\/em> here before to tell you the truth\u2014\u201cseeing the light\u201d. I have clearer vision these days I\u2019ll give you that. My hobbies have started to return, my outlook on work has improved dramatically, I\u2019m using my time much more effectively. I think I\u2019m <em>happier<\/em> these days. But it\u2019s easy to slip back. I try to catch myself, to right the ship and to stay on course, but some days it seems the margin for error is just too thin. To lose a day in pursuit of <u>everything<\/u> is to knock myself off track indefinitely. But I remind myself that I don\u2019t need to be perfect. I don\u2019t need to operate at 100% efficiency. I need to understand my goals and work towards them, and not be discouraged when I falter. Success is a grind\u2014a lot of little steps that in aggregate move us to a target destination. A step backwards, or a rest day doesn\u2019t mean I\u2019m back at the beginning.<\/p>\n\n<p><em>Oh<\/em>, and as if <em>burnout<\/em> alone wasn\u2019t enough, there\u2019s a lot of other <a href=\"#demonology-for-the-professional-world\">career-related blights<\/a> I (and I\u2019m sure many readers of this post) experience\u2014often manifesting into a devilish syzygy of occupational dilemmas. Let me talk about those for a minute too\u2026<\/p>\n\n<h2 id=\"demonology-for-the-professional-world\">Demonology for the Professional World<\/h2>\n\n<p>There\u2019s more to the fiendish nature of our \u201ccareers\u201d than <em>burnout<\/em> alone. We the workers, tend to be plagued and posessed by a great many evils. Consider the list below a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Classification_of_demons#Lanterne_of_Light\">Lanterne of Light<\/a>\u2014traditionally a classification system for (<em>actual<\/em>) demons, but in this context, the hellions of the working world.<\/p>\n\n<ol>\n  <li><a href=\"#burnout\">Burnout<\/a><\/li>\n  <li><em>Impostor Syndrome<\/em><\/li>\n  <li><em>Climbing the Ladder<\/em><\/li>\n  <li><em>Professional Vitality<\/em> (i.e. boredom, finding interesting work)<\/li>\n  <li><em>Finding Meaning\/Purpose<\/em><\/li>\n  <li><em>Maintaining Relevance &amp; Skill Erosion<\/em><\/li>\n  <li><em>Isolation<\/em> (e.g. remote work)<\/li>\n<\/ol>\n\n<p>I\u2019m sure there are more items to include on this list, but these are the ones I\u2019ve observed most, at least in my own career history.<\/p>\n\n<p>For now, this post will be limited to <a href=\"#\">my experience<\/a> with <em>burnout<\/em> alone. Perhaps one day I\u2019ll expand it with tales of other such things, or maybe they\u2019ll end up as separate posts sometime in the future. The fact is, everything in that list can contribute to burnout, and in turn, burnout and other things on that list can equally contribute to impostor syndrome. See where I\u2019m going with this? That cursed list of professional afflictions can all feed into each other. So be weary!<\/p>\n\n<h3 id=\"burnout\">Burnout<\/h3>\n\n<p>I told <a href=\"#\">my story<\/a> about burnout at the beginning of this post. Here, I want to be a bit more technical\/scientific in terms of defining what <strong>burnout<\/strong> is, what causes it, how it manifests and how to mitigate or address it.<\/p>\n\n<blockquote>\n  <p>\u201cBurnout is a syndrome conceptualized as resulting from chronic stress that has not been successfully managed. It is characterized by three dimensions: 1) feelings of energy depletion or exhaustion; 2) increased mental distance from one\u2019s job, or feelings of negativism or cynicism related to one\u2019s job; and 3) a sense of ineffectiveness and lack of accomplishment.\u201d<\/p>\n<\/blockquote>\n\n<p>Burnout is interesting, and scary. A lot of things can cause it, it can be hard to see it happening in real-time, and it\u2019s even hard to tell if you\u2019ve reached some form of final-stage \u201cburn out\u201d. <em>Like<\/em>, what does that even mean? How burnout can manifest itself, the symptoms themselves, can easily be attributed to other things, non-burnout related. How one experiences it, and what effects they experience can vary greatly from person to person. Similarly, treating, or recovering from burnout is not a known science. Some even suggest that you might <a href=\"https:\/\/drdevonprice.substack.com\/p\/you-might-not-recover-from-burnout\">never recover from burnout<\/a>. So much about how you treat it, can probably be mapped to how it happened in the first place, which again is hard to understand as burnout tends to creep up on you slowly, over a great span of time.<\/p>\n\n<h6 id=\"burnout-causes\">Burnout Causes<\/h6>\n\n<p>There\u2019s a lot of things that can trigger or ultimately contribute to \u201cburnout\u201d. Here\u2019s a list\u2026 <sup><a href=\"https:\/\/osdfir.blogspot.com\/2024\/11\/about-burnout-in-cybersecurity.html\">1<\/a>, <a href=\"https:\/\/mastodon.social\/@HuShuo\/113351141476780306\">2<\/a><\/sup><\/p>\n\n<ul>\n  <li>Unclear mission &amp; expectations<\/li>\n  <li>Lack of control<\/li>\n  <li>Opaque management<\/li>\n  <li>Resource starvation<\/li>\n  <li>Lack of agency \/ autonomy<\/li>\n  <li>Overwhelming scope<\/li>\n  <li>(Lack of) job security<\/li>\n  <li>Long hours<\/li>\n  <li>Dwindling pay<\/li>\n  <li>Lack of recognition or reward<\/li>\n  <li>Excessive workload<\/li>\n  <li>No sense of community, kinship or camaraderie<\/li>\n  <li>False urgency<\/li>\n  <li>Unfair treatment<\/li>\n  <li>Relentless change<\/li>\n  <li>Limited growth<\/li>\n  <li>No work \/ life balance<\/li>\n  <li>Micromanagement<\/li>\n  <li>Performance pressure<\/li>\n  <li>Toxicity<\/li>\n  <li>Lack of support<\/li>\n  <li>Bad communication<\/li>\n  <li>Monotonous work<\/li>\n<\/ul>\n\n<p>There\u2019s more to this list to be sure, but that\u2019s a lot already.<\/p>\n\n<h6 id=\"burnout-symptoms--manifestations\">Burnout Symptoms &amp; Manifestations<\/h6>\n\n<p>Burnout manifests itself in a myriad of ways. Each person will experience it differently and at varying levels of severity. Some things you might experience are listed below\u2026 <sup><a href=\"https:\/\/drdevonprice.substack.com\/p\/you-might-not-recover-from-burnout\">3<\/a><\/sup><\/p>\n\n<ul>\n  <li>Exhaustion<\/li>\n  <li>Activities, particularly social ones, drain you faster than usual<\/li>\n  <li>More venting \/ complaining<\/li>\n  <li>Hopelessness<\/li>\n  <li>Demotivation<\/li>\n  <li>Disengagement<\/li>\n  <li>Over-sleep<\/li>\n  <li>Feeling of never being inspired<\/li>\n  <li>Craving to work on projects but can\u2019t<\/li>\n  <li>Stress<\/li>\n  <li>Depression<\/li>\n  <li>Laziness<\/li>\n  <li>Depersonalization (i.e. loss of sense of self)<\/li>\n  <li>Physical health issues (e.g. gastrointestinal, cognitive decline, heart palpitations, pain, etc\u2026)<\/li>\n  <li>Guilt<\/li>\n  <li>Job switching<\/li>\n  <li>Procrastination<\/li>\n<\/ul>\n\n<h6 id=\"treating-and-mitigating-burnout\">Treating and Mitigating Burnout<\/h6>\n\n<p>Probably the least understood thing about burnout is how to <em>actually<\/em> recover from or treat it. Sustained <a href=\"#burnout-causes\">triggers<\/a> are simply not easy to reverse and not easy to do a root cause analysis for. And even if you could identify everything that ultimately led to being burned out, is it realistic to expect that each of these things can be removed? How do we treat burnout while often having to continue being exposed to some subset of the same triggers that caused it in the first place?<\/p>\n\n<p>One study attributed burnout, and in reverse, treating burnout to 6 main sources: <em>workload<\/em>, <em>values<\/em>, <em>reward<\/em>, <em>control<\/em>, <em>fairness<\/em>, and <em>community<\/em>. Another study suggested a framework known as \u201c<em>I Believe, I Belong, I Matter<\/em>\u201d as a path towards avoiding burnout. <sup><a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/defining-defying-cybersecurity-staff-burnout\">4<\/a>, <a href=\"https:\/\/www.darkreading.com\/cybersecurity-careers\/persistent-burnout-is-still-a-crisis-in-cybersecurity\">5<\/a><\/sup><\/p>\n\n<p>In both cases, we are directly treating the initial triggers or feelings-caused by said triggers. I don\u2019t know what works. I think these things all sound great, but what <em>actually<\/em> works\u2014who knows.<\/p>\n\n<p>I think <strong>time<\/strong> is important. Sometimes you just need to step away. But time alone isn\u2019t enough. I for example spent quite a bit of time away. Sure, I wasn\u2019t able to completely shield myself from the burnout triggers, so maybe that time away wasn\u2019t \u201cpure\u201d in the recovery sense, but I feel like the time I had was as good as anyone can really expect. Afterall, if you\u2019re a parent, or if you live in the real world, it\u2019s just not overly practical to step away from your kids, or from your job, etc\u2026<\/p>\n\n<p>An important step is (and I mentioned this earlier) to think about and solidify <em>what matters<\/em> to you. What makes you happy? What do you really want to accomplish? Once you have this down, you can start to put together some semblance of a plan for getting there. Your goals need to be the composite of tasks that are realistic and actionable which amount to achieving said goals. You also need to give yourself room to fail, so you won\u2019t be entirely discouraged if you aren\u2019t perfect. Because you won\u2019t be. You\u2019ll <u>never be<\/u>\u2014<strong>and thats OK<\/strong>.<\/p>\n\n<hr \/>\n\n<h1 id=\"the-way-forward\">The Way Forward<\/h1>\n\n<p>So what\u2019s next? Well I\u2019m still working on climbing out of the burnout hole. I have some ideas for how to <a href=\"https:\/\/shellsharks.com\/captains-log\/2026\/02\/26\/log#career\">kickstart myself professionally<\/a>, and I am working on a more defined plan for the other things in my life. It\u2019s not going to be a straight shot up and out, and burnout isn\u2019t something you \u201cdefeat\u201d. It\u2019s something you manage. I\u2019ve seen how it can <a href=\"#burnout-symptoms--manifestations\">manifest<\/a>, I understand some of my <a href=\"#burnout-causes\">triggers<\/a>, and I know a few things that can help me <a href=\"#treating-and-mitigating-burnout\">treat<\/a> and mitigate it. That\u2019s enough for now.<\/p>\n\n<p>Thanks for reading. Take care of yourself out there!<\/p>\n\n<hr \/>\n\n<h1 id=\"references--resources\">References &amp; Resources<\/h1>\n\n<ul>\n  <li><a href=\"https:\/\/osdfir.blogspot.com\/2024\/11\/about-burnout-in-cybersecurity.html\">About Burnout in Cybersecurity<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.social\/@HuShuo\/113351141476780306\">Actual Causes of Burnout<\/a><\/li>\n  <li><a href=\"https:\/\/eric.mann.blog\/burnout-prevention-through-strategic-reassignment\/\">Burnout Prevention Through Strategic Reassignment<\/a><\/li>\n  <li><a href=\"https:\/\/melanie-richards.com\/blog\/impostor-syndrome\/\">Coping with impostor syndrome<\/a><\/li>\n  <li><a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/defining-defying-cybersecurity-staff-burnout\">Defining &amp; Defying Cybersecurity Staff Burnout<\/a><\/li>\n  <li><a href=\"https:\/\/www.dutchnews.nl\/2025\/07\/experts-urge-rethink-of-burn-out-diagnosis-in-the-netherlands\/\">Experts urge rethink of burn-out diagnosis in the Netherlands<\/a><\/li>\n  <li><a href=\"https:\/\/managinginthemargins.com\/letter-to-an-insecurity-engineer-8478670fef9c\">Letter to an Insecurity Engineer<\/a><\/li>\n  <li><a href=\"https:\/\/tcm-sec.com\/overcoming-imposter-syndrome\/\">Overcoming Imposter Syndrome<\/a><\/li>\n  <li><a href=\"https:\/\/www.darkreading.com\/cybersecurity-careers\/persistent-burnout-is-still-a-crisis-in-cybersecurity\">Persistent Burnout Is Still a Crisis in Cybersecurity<\/a><\/li>\n  <li><a href=\"https:\/\/www.youtube.com\/watch?v=4XGbbrBudKM\">Preventing and Recovering From Burnout<\/a><\/li>\n  <li><a href=\"https:\/\/unionize.fyi\">The Burnout Machine<\/a><\/li>\n  <li><a href=\"https:\/\/notashelf.dev\/posts\/curse-of-knowing\">The Curse of Knowing How, or; Fixing Everything<\/a><\/li>\n  <li><a href=\"https:\/\/www.databreachtoday.com\/blogs\/understanding-imposter-syndrome-in-technology-sector-p-3624\">Understanding Imposter Syndrome in the Technology Sector<\/a><\/li>\n  <li><a href=\"https:\/\/drdevonprice.substack.com\/p\/you-might-not-recover-from-burnout\">You Might Not Recover from Burnout. Ever. | Devon Price<\/a><\/li>\n  <li><a href=\"https:\/\/geoffgraham.me\/you-might-not-recover-from-burnout-ever\/\">You Might Not Recover from Burnout. Ever. | Geoff Graham<\/a><\/li>\n<\/ul>\n\n<p>Other burnout stories from the field:<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/drewdevault.com\/2023\/05\/01\/2023-05-01-Burnout.html\">Burnout<\/a><\/li>\n  <li><a href=\"https:\/\/library.xandra.cc\/burnout\/\">Burnout.exe<\/a><\/li>\n  <li><a href=\"https:\/\/www.reddit.com\/r\/cybersecurity\/comments\/1jeavex\/burnout_stress_imposter_syndrome\/\">Burnout, stress, imposter syndrome<\/a><\/li>\n  <li><a href=\"https:\/\/drewdevault.com\/2023\/06\/29\/Burnout-2.html\">Burnout and the quiet failures of the hacker community<\/a><\/li>\n  <li><a href=\"https:\/\/www.reddit.com\/r\/cybersecurity\/comments\/xgt5f2\/is_the_burnout_really_all_that_bad\/\">is the burnout really all that bad?<\/a><\/li>\n<\/ul>\n\n<p>Fun fact! The original draft for this post was May 3, 2024.<\/p>\n","pubDate":"Mon, 09 Mar 2026 14:13:00 -0400","link":"https:\/\/shellsharks.com\/burnout","guid":"https:\/\/shellsharks.com\/burnout","category":["infosec","life","career","infosec","life","blog"]},{"title":"Museum memories","description":"<p>This month\u2019s <a href=\"https:\/\/indieweb.org\/IndieWeb_Carnival\">IndieWeb Carnival<\/a>, hosted by <a href=\"https:\/\/jamesg.blog\/about\">James<\/a> (of <a href=\"https:\/\/jamesg.blog\/\">James\u2019 Coffee Blog<\/a>), is \u201c<a href=\"https:\/\/jamesg.blog\/2026\/03\/01\/indieweb-carnival-museum-memories\">Museum memories<\/a>\u201d. I wouldn\u2019t say I\u2019m a <em>big<\/em> museum go\u2019er or anything, but I\u2019ve been to my fair share. As such, nothing immediately sprang to mind as I thought about how to respond to this particular prompt. Ultimately though, I\u2019d say my favorite, and most memorable museum is the <a href=\"https:\/\/airandspace.si.edu\/visit\/udvar-hazy-center\">Steven F. Udvar-Hazy Center (Air &amp; Space Museum)<\/a>.<\/p>\n\n<p>I don\u2019t think I really have to <em>sell<\/em> the Udvar-Hazy Center\u2014it\u2019s really friggin\u2019 cool, and a must-see for anyone <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/10\/the-best-of-nova\">visiting<\/a> or living in the Northern Virginia area. It\u2019s <em>huge<\/em>, <a href=\"https:\/\/airandspace.si.edu\/collections\/collections-on-display?title=&amp;exhibition=&amp;location=Hazy\">packed<\/a> with history, and features a lot of really amazing and thought-provoking exhibits. I mean, it\u2019s got the <a href=\"https:\/\/airandspace.si.edu\/multimedia-gallery\/image\/si2005-15151-bhjpg\">SR-71 Blackbird<\/a>, the <a href=\"https:\/\/airandspace.si.edu\/collection-objects\/orbiter-space-shuttle-ov-103-discovery\/nasm_A20120325000\">Space Shuttle Discovery<\/a> and my son\u2019s personal favorite, the <a href=\"https:\/\/airandspace.si.edu\/collection-objects\/air-tractor-400a-dusty-crophopper\/nasm_A20210562000\">Air Tractor AT-400A<\/a> (a.k.a. <a href=\"https:\/\/disney.fandom.com\/wiki\/Dusty_Crophopper\">Dusty Crophopper<\/a>)\u2014and that\u2019s just an extremely tiny sampling of what you can see there.<\/p>\n\n<p>Sure, if you\u2019re a flight geek, or a war buff, you\u2019re going to be in heaven there. But as neither of those really, I can attest to how really cool it is to walk around there regardless of your interests. I mean, how can you not gaze in wonderment at an <em>actual<\/em> spaceship, imagining the many stellar voyages it took. <em>Wondrous<\/em>. \ud83d\ude80<\/p>\n","pubDate":"Fri, 06 Mar 2026 10:50:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2026\/03\/06\/museum-memories","guid":"https:\/\/shellsharks.com\/notes\/2026\/03\/06\/museum-memories","category":["life","iwc"]},{"title":"Garden Plan 2026","description":"<p>Howdy y\u2019all \ud83e\uddd1\u200d\ud83c\udf3e! Spring is just around the corner and as such, I\u2019ve started thinking about what I\u2019m goin\u2019 to do gardenin\u2019-wise in 2026. Last year was the first time I\u2019ve ever tried to grow <em>anything<\/em>, so I wasn\u2019t <a href=\"https:\/\/shellsharks.com\/gardenlog-2\">particularly ambitious<\/a>. I grew some <a href=\"https:\/\/www.lowes.com\/pd\/Bonnie-Plants-Tomatoes-Pot-Plant-2-Pack\/5014707943\">cherokee purple<\/a> heirloom <a href=\"https:\/\/shellsharks.com\/gardenlog#tomatoes-\">tomatoes<\/a> which turned out <em>amazing<\/em>, and I harvested some blueberries from a bush that was already in the yard from before I bought the house. <em>That\u2019s it though<\/em>. This year I\u2019m planning on expanding the garden to additional zones and planting a wider variety of things. <em>Exciting!<\/em><\/p>\n\n<h1 id=\"the-plan\">The Plan<\/h1>\n\n<p>Last year I used this tiny 3ft-by-8ft (<em>ish<\/em>) area to plant a few tomatoes. This year, I\u2019m looking to expand my usable garden space into a few other <a href=\"#zones\">zones<\/a> to accommodate <em>more<\/em> stuff. But what should I grow? My decision making process here came down to, <strong>A.<\/strong> What can I grow in my <a href=\"https:\/\/planthardiness.ars.usda.gov\">zone<\/a>? (<strong>7B<\/strong>), <strong>B.<\/strong> what do I and my family like to eat, and <strong>C.<\/strong> what isn\u2019t terribly difficult to grow given my space parameters and general skill?<\/p>\n\n<p>So here\u2019s the list of things I came up with that I am going to try and bring to life\u2026 \ud83c\udf31<\/p>\n\n<ul>\n  <li>\ud83c\udf45 <strong>Heirloom Tomatoes<\/strong> (e.g. probably those <a href=\"https:\/\/en.wikipedia.org\/wiki\/Cherokee_Purple_(tomato)\">Cherokee Purples<\/a> again): These were delicious and made for great BLTs and by-the-slice-eatin\u2019.<\/li>\n  <li>\ud83c\udf52 <strong>Cherry Tomatoes<\/strong>: These will be great in a salad or dunked in hummus. If I\u2019m lucky, I might even be able to get my kids to try some.<\/li>\n  <li>\ud83e\udd52 <strong>Cucumbers<\/strong>: I\u2019ve always wanted to grow cucumbers\u2014just like my grandma did when I was growin\u2019 up. I love to dip \u2018em in ranch.<\/li>\n  <li>\ud83e\udedb <strong>Brown <a href=\"https:\/\/www.southernexposure.com\/products\/creel-crowder-southern-pea-cowpea\/\">crowder peas<\/a><\/strong> (i.e. \u201ccowpeas\u201d \/ \u201cfield peas\u201d): Now here\u2019s a crop I always enjoyed while dining at my grandmas house, but never thought I could grow here. Well it turns out maybe I can! I\u2019m not 100% sure this is the exact variety she used to grow but it looks pretty similar so I plan on giving it a shot.<\/li>\n  <li>\ud83c\udf50 <strong>Pear Tree<\/strong>: I\u2019m not 100% sure on the variety yet, but pear trees are supposed to grow pretty well in this zone and my kids LOVE them.<\/li>\n  <li>\ud83c\udf51 <strong>Peach Tree<\/strong>: Same as the pear tree. \u2b06\ufe0f<\/li>\n  <li>\ud83e\uded0 <strong>Blueberry<\/strong>: I already have one blueberry plant on the side of the house, but I have space for another and have been told that a second variety can help with cross-pollination. One problem though, is I\u2019m not sure of the variety I already have! <em>Oh well<\/em>, what\u2019re the chances I choose the exact same one??<\/li>\n  <li>\ud83e\uded1 <strong>Pepper<\/strong>: I might try to sneak a red\/green pepper plant in somewhere (as requested by my wife).<\/li>\n  <li>\ud83c\udf3b <strong>Sunflower<\/strong>: Unrelated to the back yard, but I want to plant a sunflower in the front of the house. We had one when we first moved in and loved it! Time to bring it back.<\/li>\n<\/ul>\n\n<p><em>Alright<\/em>, I\u2019ve got a handle on what I want to grow and I have taken some measurements for the areas I plan to grow this stuff in. Doing a little research I found the following recommendations for how much space to give each of these crops\u2026<\/p>\n\n<ul>\n  <li><em>Cucumbers<\/em>: Plant them 8-10 inches apart and in rows 3-5 feet apart.<\/li>\n  <li><em>Cherry Tomatoes<\/em>: Plant them 2-3 feet apart.<\/li>\n  <li><em>Heirloom Tomatoes<\/em>: Plant them 3-4 feet apart and 4-5 feet inbetween rows.<\/li>\n  <li><em>Field Peas<\/em>: Plant them 3-6 inches apart and with rows 2-3 feet apart.<\/li>\n  <li><em>Fruit Trees<\/em> (e.g. pear\/peach): Plant them with a ~10 foot radius.<\/li>\n<\/ul>\n\n<p>So with all this together, here\u2019s a concept of how things would look\u2026<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2026\/garden.drawio.png\" alt=\"Garden Plan Sketch\" \/><\/p>\n\n<p><span id=\"zones\"><\/span>\nIn this diagram I consider there to be <strong>4<\/strong> distinct zones\u2026<\/p>\n\n<ul>\n  <li><strong>Zone 1<\/strong>: In front of my screened porch is a ~14.5ft-by-6ft area that I plan on making into a net-new garden space. In here I\u2019d like to try planting the cucumbers, cherry tomatoes, field peas and peppers.<\/li>\n  <li><strong>Zone 2<\/strong>: In front of the sunroom, where I planted the heirloom tomatoes last year, I plan on doing the same thing this year.<\/li>\n  <li><strong>Zone 3<\/strong>: Where I currently have my lone blueberry bush (and <a href=\"https:\/\/shellsharks.com\/gardenlog-2\">fledgling raspberry plant<\/a>), I\u2019d like to drop another blueberry bush. (This is on the side of the house)<\/li>\n  <li><strong>Zone 4<\/strong>: Further back in the yard (away from the house) is a sunnier, and more spacious area that I\u2019d like to see if I could get some larger fruit trees goin\u2019.<\/li>\n<\/ul>\n\n<p><em>There ya have it!<\/em> A plan is born.<\/p>\n\n<h1 id=\"plan-execution\">Plan Execution<\/h1>\n\n<p>They say things are easier said than done, and in this case\u2014that is 100% true. Yeah sure, I grew some delicious tomatoes last year, but that was nothin\u2019 compared to growing all this stuff I want to do this year \ud83d\ude2c. There\u2019s a lot I need to do! I need to acquire the plants, probably grow some of them from seedlings (which requires infrastructure and know-how I don\u2019t yet possess), dig up or otherwise build new garden areas from scratch, and do plenty of research along the way. <em>Phew<\/em>!<\/p>\n\n<p><span id=\"resources\"><\/span>\nHere\u2019s some random resources I\u2019ve collected that I suspect might help me this year\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.mehrabyannursery.com\/growing-guide\/peach-trees\/when-to-plant-peach-trees\/\">Peach Growing Guide<\/a><\/li>\n  <li><a href=\"https:\/\/www.lsuagcenter.com\/topics\/lawn_garden\/master%20gardener\/home-gardening-certificate-course\">Home Gardening Class<\/a> from the <u>LSU College of Agriculture<\/u><\/li>\n<\/ul>\n\n<p><em>So yeah<\/em>, there\u2019s a lot I need to learn, figure out and then ultimately do. I\u2019ll probably get into more of <em>that<\/em> in future posts. For now though, I\u2019ve got what kinda looks like a plan. Wish me luck!<\/p>\n","pubDate":"Thu, 19 Feb 2026 00:15:00 -0500","link":"https:\/\/shellsharks.com\/garden-plan-2026","guid":"https:\/\/shellsharks.com\/garden-plan-2026","category":["life","gardening","gardenlog","life","blog"]},{"title":"Things you'll NEVER hear me say","description":"<p>A list of things you\u2019ll <em>absolutely<\/em> <u>NEVER<\/u> hear me say\u2026<\/p>\n\n<ul>\n  <li>\u201c<em>I like AI art<\/em>\u201d<\/li>\n  <li>\u201c<em>No, I don\u2019t feel like eating BBQ tonight<\/em>\u201d<\/li>\n  <li>\u201c<em>Trans women aren\u2019t women<\/em>\u201d<\/li>\n  <li>\u201c<em>Check out my Substack<\/em>\u201d<\/li>\n  <li>\u201c<em>The Rise of Skywalker is a great Star Wars movie<\/em>\u201d \ud83e\udd2d<\/li>\n  <li>\u201c<em>My knees and ankles feel 100%!<\/em>\u201d<\/li>\n  <li>\u201c<em>You definitely should roll your own crypto<\/em>\u201d<\/li>\n  <li>\u201c<em>Follow me on X<\/em>\u201d<\/li>\n  <li>\u201c<em>Pluto is not a planet<\/em>\u201d<\/li>\n  <li>\u201c<em>I\u2019m voting Republican<\/em>\u201d<\/li>\n  <li>\u201c<em>Lebron James isn\u2019t the GOAT<\/em>\u201d<\/li>\n  <li>\u201c<em>I can\u2019t eat any more boiled peanuts<\/em>\u201d<\/li>\n  <li>\u201c<em>I love having wolf spiders in my basement<\/em>\u201d<\/li>\n<\/ul>\n","pubDate":"Fri, 13 Feb 2026 15:15:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2026\/02\/13\/things-youll-never-hear-me-say","guid":"https:\/\/shellsharks.com\/notes\/2026\/02\/13\/things-youll-never-hear-me-say","category":"life"},{"title":"Intersecting Interests","description":"<p>This month\u2019s <a href=\"https:\/\/indieweb.org\/IndieWeb_Carnival\">IndieWeb Carnival<\/a> is <strong><a href=\"https:\/\/zacharykai.net\/notes\/icfeb26\">Intersecting Interests<\/a><\/strong>. After giving it some thought, I\u2019m not sure I have a particularly outstanding pair of intersecting <a href=\"https:\/\/shellsharks.com\/interests\">interests<\/a>, but there\u2019s plenty of li\u2019l junctions to speak of. Let\u2019s see what I\u2019ve got\u2026<\/p>\n\n<ul>\n  <li><strong>Travel<\/strong> <em>x<\/em> <strong><a href=\"https:\/\/shellsharks.com\/tags?tag=food\">Food<\/a><\/strong>: An obvious one sure, but I do really love to <a href=\"https:\/\/shellsharks.com\/tags?tag=travel\">travel<\/a> and I think my favorite part has always been exploring the local cuisine. Some standouts from my travels have got to be belgians cooking various stews <em>in<\/em> their legendary beers, Tiroler Gr\u00f6stl from Austria and Costa Rican casado. \ud83e\udd24<\/li>\n  <li><strong>Playing<\/strong> <em>x<\/em> <strong>Watching Basketball<\/strong>: I watch a number of different sports, but the only one I really play is basketball. I get plenty of ideas of how I might improve or tweak my game by watching what the pros are up to. Doin\u2019 my best to copy that is!<\/li>\n  <li><strong>Hiking<\/strong> <em>x<\/em> <strong>Frisbee Golf<\/strong>: These two go hand-in-hand. Especially if you\u2019re not very good at frisbee golf and end up throwing it deep into the woods every time. Turns out I do a lot of extra hiking for every round of disc golf I play! \ud83d\ude05<\/li>\n  <li><strong>Apple<\/strong> <em>x<\/em> <strong>Retro Gaming<\/strong>: I don\u2019t do much modern gaming these days, but I still like to play some of the <a href=\"https:\/\/shellsharks.com\/notes\/2011\/07\/07\/favorite-nintendo-games\">classics<\/a> from time to time. <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/22\/retro-gaming-with-delta\">Retro emulators<\/a> on the iPhone\/iPad are a great way to quickly enjoy some of these titles on the go. (<a href=\"https:\/\/shellsharks.com\/notes\/2024\/05\/08\/crystal-six\">This one<\/a> in particular)<\/li>\n  <li><strong>Blogging<\/strong> <em>x<\/em> <u><b>ANYTHING<\/b><\/u>!: Last but not least, there\u2019s my <em>blogging<\/em> interest! Turns out you can (and <a href=\"https:\/\/shellsharks.com\/just-put-it-on-your-blog\">should<\/a>) blog about literally anything. So that\u2019s what I do. I blog about all sorts of different things\u2014<a href=\"https:\/\/shellsharks.com\/tags?tag=infosec\">infosec<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=technology\">technology<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=apple\">apple<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=gaming\">gaming<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=travel\">travel<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=fediverse\">fediverse<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=music\">music<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=scifi\">sci-fi<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=gardening\">gardening<\/a> and <a href=\"https:\/\/shellsharks.com\/tags\">much more<\/a>!<\/li>\n<\/ul>\n\n<p>That\u2019s it! Thanks for reading.<\/p>\n","pubDate":"Sat, 07 Feb 2026 13:05:00 -0500","link":"https:\/\/shellsharks.com\/intersecting-interests","guid":"https:\/\/shellsharks.com\/intersecting-interests","category":["life","iwc","life","blog"]},{"title":"It's a lot of things","description":"<p>Hey everyone, I\u2019m still here. If you\u2019ve wondered where I\u2019ve been, or if everything is OK\u2014I\u2019ve been <em>around-ish<\/em> and YUP! everything is A-OK over here.<\/p>\n\n<p>There\u2019s not really one thing I can point to and say \u201c<em>that\u2019s why I\u2019ve not been online as much<\/em>\u201d. I had some vacation time, work has gotten busier, family stuff, summer, other hobbies, the world being crazy, and a bit of just <em>feeling behind on things<\/em> all kinda happened over the past month and I\u2019ve just not had the energy to get to all the things I had been doing with my blog, and with <a href=\"https:\/\/shellsharks.com\/scrolls\">Scrolls<\/a>, or with the online communities I am generally frequenting. I\u2019ve been meaning to get back into the <em>normal<\/em> swing of things but getting that engine goin\u2019 again has proved a bit harder than I first thought. But I miss it, so I\u2019ve finally got \u2018round to pushing some updates to the site that had been sitting in my editor for a while, and I\u2019ve got some other things backlogged that I\u2019m working on publishing out too.<\/p>\n\n<p>A special nod to everyone who has reached out to me privately or on social media to check in\u2014it means a lot \ud83e\udde1<\/p>\n\n<p>\u2026and that\u2019s it! See y\u2019all around the webz! \ud83d\udc4b<\/p>\n","pubDate":"Mon, 23 Jun 2025 16:10:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2025\/06\/23\/its-a-lot-of-things","guid":"https:\/\/shellsharks.com\/notes\/2025\/06\/23\/its-a-lot-of-things","category":["life","nosearch"]},{"title":"Gardenlog: Blueberries, Blackberries, Oh My!","description":"<p>OK! Checking in now on all things <em>garden-ey<\/em> from the past few weeks\u2026<\/p>\n\n<p><br \/><\/p>\n<hr \/>\n\n<h1 id=\"tomato-updates\">Tomato Updates<\/h1>\n\n<p>The <strong>Cherokee Purple<\/strong>\u2019s have really gotten tall! Some yellow flowers here and there but no sign of fruiting as of yet. Just gotta keep on waterin\u2019 \u2018em and see what they do. \ud83c\udf45<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/2025\/growing-tomatos.jpeg\" alt=\"Growing Tomatos\" width=\"400px\" \/><\/p>\n\n<h1 id=\"blueberries-blackberries-oh-my\">Blueberries, Blackberries, Oh my!<\/h1>\n\n<p>After some serious snipping, I was able to remove all of the invasive honeysuckle that had managed to grow in-between the two blueberry bushes that it turns out I have on the side of my house. Between the two of them, there seemed to be 100\u2019s of berries! They ripened at various times and it was a blast hand-picking them with the kids and eatin\u2019 them on the spot. But it\u2019s not just kids that like berries\u2014birds and squirrels do too\u2014and they came for them\u2026 So, I bought a little tulle to try and protect the berries (as shown below). Has it worked? Hard to say. I don\u2019t think I did the best job wrapping the bushes to begin with so inevitably the little critters found their way in. Now I\u2019ve just got one bush wrapped and I think it\u2019s doin\u2019 a decent job at this point. The other bush is just about picked clean.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/2025\/protected-berries.jpeg\" alt=\"Protecting Berries\" width=\"400px\" \/><\/p>\n\n<p>Next to my blueberries, I\u2019ve got this other berry plant. For a while I thought it was some kind of blackberry, but it could be a raspberry too perhaps? Take a look at the following two pictures and let me know what you think\u2026<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/2025\/maybe-raspberry.jpeg\" alt=\"Blackberry or Raspberry\" width=\"400px\" \/><\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/2025\/berry-closeup.jpeg\" alt=\"Berry Closeup\" width=\"400px\" \/><\/p>\n\n<p>Either way, delicious berries are in my future. No complaints!<\/p>\n\n<h1 id=\"other-stuff\">Other stuff<\/h1>\n\n<p>Here\u2019s some other random things to report from the garden\/yard\u2026<\/p>\n\n<p>My porch project is nearly done, and here\u2019s the current status of my future garden bed location. It\u2019s all clear of pavers! Some work will need to be done to dig it out from here and lay in some suitable soil. Haven\u2019t decided what all I want to grow here, but I think some cucumbers for sure (amongst other things).<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/2025\/future-new-garden-bed.jpeg\" alt=\"future garden bed\" width=\"400px\" \/><\/p>\n\n<p>Also, as part of the larger future layout of my yard\/gardening area, I\u2019ve put in some infrastructure for a future potting bench that would sport a working sink. Cool!<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/2025\/future-potting-bench.jpeg\" alt=\"future potting bench location\" width=\"400px\" \/><\/p>\n\n<p>I bought a pair of potted hydrangeas. Just waiting for some flowers now\u2026<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/2025\/new-hydrangea.jpeg\" alt=\"hydrangea\" width=\"400px\" \/><\/p>\n\n<p>Finally, checking in on the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Rubus_allegheniensis\">wild blackerries<\/a> I\u2019ve got out back\u2026 the fruit is struggling a bit\u2026<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/2025\/wild-blackberry.jpeg\" alt=\"wild blackberry\" width=\"400px\" \/><\/p>\n\n<p>Until next time! \ud83e\uddd1\u200d\ud83c\udf3e<\/p>\n","pubDate":"Mon, 23 Jun 2025 15:56:00 -0400","link":"https:\/\/shellsharks.com\/gardenlog-2","guid":"https:\/\/shellsharks.com\/gardenlog-2","category":["life","gardening","gardenlog","life","blog"]},{"title":"Brewlog","description":"<p>A place for me to keep record of my (coffee) <a href=\"https:\/\/shellsharks.com\/notes\/2025\/05\/13\/how-i-take-my-coffee\">cold brews<\/a>. I\u2019m no coffee tasting expert, but will add some notes as I go! \u2615\ufe0f<\/p>\n\n<style>\n  body {\n    background-color:#634832;\n  }\n  main {\n    color: #ece0d1;\n  }\n  .primarycolor {\n    color: #ece0d1;\n  }\n  article * a {\n    color: #ece0d1 !important;\n    text-decoration-line: underline !important;\n    text-decoration-color: #967259;\n  }\n  footer * span {\n    color: white !important; \n  }\n  p {\n    color: #ece0d1;\n  }\n  #titledot {\n    color: #38220f !important;\n  }\n  strong {\n    color:  white;\n    font-weight: 1000;\n  }\n  li::marker {\n    color:  #ece0d1;\n  }\n  hr {\n    border-color:  #38220f !important;\n  }\n  .prev {\n    color: #ece0d1 !important;\n  }\n  .next {\n    color: #ece0d1 !important;\n  }\n  #withlove > a {\n    color: #ece0d1 !important;\n  }\n  .ph-heart-straight {\n    color: #38220f !important;\n  }\n  .ph-magnifying-glass {\n    color: #ece0d1 !important;\n  }\n  #menuToggle span {\n    background: #ece0d1;\n  }\n<\/style>\n\n<h2 id=\"brew-logs\">Brew Logs<\/h2>\n\n<h3 id=\"time-bender\">Time Bender<\/h3>\n<p><strong>Roaster<\/strong>: <a href=\"https:\/\/weirdbrothers.com\">Weird Brothers Coffee<\/a><br \/>\n<strong>Brew Date<\/strong>: 3\/11\/26<br \/>\n<strong>Tasting Notes<\/strong>: Was OK.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/coffeelog\/time-bender.jpeg\" alt=\"Stranger Beans\" width=\"250px\" \/><\/p>\n\n<h3 id=\"stranger-beans\">Stranger Beans<\/h3>\n<p><strong>Roaster<\/strong>: <a href=\"https:\/\/weirdbrothers.com\">Weird Brothers Coffee<\/a><br \/>\n<strong>Brew Date<\/strong>: 2\/21\/26<br \/>\n<strong>Tasting Notes<\/strong>: Loved it. Very flavorful and fresh. Need to get this one again.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/coffeelog\/stranger-beans.jpeg\" alt=\"Stranger Beans\" width=\"250px\" \/><\/p>\n\n<h3 id=\"catoctin-coffee-company\">Catoctin Coffee Company<\/h3>\n<p><strong>Roaster<\/strong>: <a href=\"https:\/\/catoctincoffee.com\">Catoctin Coffee Company<\/a><br \/>\n<strong>Brew Date<\/strong>: 6\/19\/25<br \/>\n<strong>Purchase Location<\/strong>: <a href=\"https:\/\/www.trinityhousecafe.com\/\">Trinity House Caf\u00e9<\/a><br \/>\n<strong>Tasting Notes<\/strong>: Not bad.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/coffeelog\/CatoctinCoffeeCompany.jpeg\" alt=\"Catoctin Coffee Company\" width=\"250px\" \/><\/p>\n\n<h3 id=\"loan-oak-house-blend\">Loan Oak House Blend<\/h3>\n<p><strong>Roaster<\/strong>: <a href=\"https:\/\/www.loneoakcoffee.com\">Loan Oak Coffee Co.<\/a><br \/>\n<strong>Variety<\/strong>: House Blend<br \/>\n<strong>Flavor Profile<\/strong>: Africa &amp; Latin America- Sweet Cocoa, Brown Sugar, Smooth<br \/>\n<strong>Purchase Location<\/strong>: <a href=\"https:\/\/blendcoffeebar.com\">Blend Coffee Bar<\/a><br \/><\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/coffeelog\/loneoak-houseblend.jpeg\" alt=\"Lone Oak House Blend\" width=\"250px\" \/><\/p>\n\n<h3 id=\"pushing-daisies\">Pushing Daisies<\/h3>\n<p><strong>Roaster<\/strong>: <a href=\"https:\/\/www.loneoakcoffee.com\">Loan Oak Coffee Co.<\/a><br \/>\n<strong>Variety<\/strong>: Pushing Daisies<br \/>\n<strong>Flavor Profile<\/strong>: Fruity, Earthy, Floral<br \/>\n<strong>Brew Date<\/strong>: 6\/6\/25<br \/>\n<strong>Purchase Location<\/strong>: <a href=\"https:\/\/blendcoffeebar.com\">Blend Coffee Bar<\/a><br \/><\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/coffeelog\/pushing-daisies.jpeg\" alt=\"Pushing Daisies\" width=\"250px\" \/><\/p>\n\n<h3 id=\"townsman\">Townsman<\/h3>\n<p><strong>Roaster<\/strong>: <a href=\"https:\/\/www.loneoakcoffee.com\">Loan Oak Coffee Co.<\/a><br \/>\n<strong>Variety<\/strong>: Townsman<br \/>\n<strong>Flavor Profile<\/strong>: Mexico Chiapas- Dark Roast | Dark Chocolate, Molasses, Bold<br \/>\n<strong>Brew Date<\/strong>: 5\/19\/25<br \/>\n<strong>Purchase Date<\/strong>: 5\/16\/25<br \/>\n<strong>Purchase Location<\/strong>: <a href=\"https:\/\/blendcoffeebar.com\">Blend Coffee Bar<\/a><br \/>\n<strong>Tasting Notes<\/strong>: <em>Very roasty and a bit bitter. Decent but not my favorite.<\/em><\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/coffeelog\/townsman.jpeg\" alt=\"Townsman\" width=\"250px\" \/><\/p>\n\n<h3 id=\"brazil-natural-process-coffee\">Brazil Natural Process Coffee<\/h3>\n<p><strong>Roaster<\/strong>: <a href=\"https:\/\/www.caffeamouri.com\">Caff\u00e8 Amouri<\/a><br \/>\n<strong>Variety<\/strong>: Brazil Natural Process Coffee<br \/>\n<strong>Flavor Profile<\/strong>: Dark Roast | Dark Chocolate, Almond, Orange Zest, Sweet &amp; Clean<br \/>\n<strong>Brew Date<\/strong>: May 13, 2025<br \/>\n<strong>Purchase Date<\/strong>: May 12, 2025<br \/>\n<strong>Purchase Location<\/strong>: <a href=\"https:\/\/www.ridgetopcoffeeandtea.com\">Ridgetop Coffee &amp; Tea<\/a><br \/>\n<strong>Tasting Notes<\/strong>: <em>I really liked this one.<\/em><\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/coffeelog\/brazil-natural-process-coffee.jpeg\" alt=\"Brazil Natural Process Coffee\" width=\"250px\" \/><\/p>\n\n<p>* Will limit these logs to net new brews, rather than re-logging beans I have tried previously.<\/p>\n\n<h2 id=\"beforetimes\">Beforetimes<\/h2>\n<p>I had some other beans before this but had not started this log yet. So some in these beforetimes will go unrecorded!<\/p>\n","pubDate":"Mon, 19 May 2025 10:10:00 -0400","link":"https:\/\/shellsharks.com\/brewlog","guid":"https:\/\/shellsharks.com\/brewlog","category":["life","coffee","life","blog","list"]},{"title":"How I take my coffee","description":"<p>Riffing on <a href=\"https:\/\/axxuy.xyz\/blog\/posts\/2025\/coffee\/\">Axxuy<\/a> and <a href=\"https:\/\/theresmiling.eu\/blog\/2025\/05\/coffee\">Elena<\/a>\u2019s posts about how they drink coffee, here\u2019s how I take my coffee\u2026 \u2615\ufe0f<\/p>\n\n<p>As of <a href=\"https:\/\/shellsharks.com\/captains-log\/2025\/03\/27\/log#life\">March<\/a> (2025) I\u2019ve gotten into making at-home cold-brew coffee. It\u2019s delicious! I normally take 2\/3 of a pint glass with a splash of half-n-half, another splash of 2% milk, then top it off with ice (cubes). This is what I drink most of the time these days. Since I\u2019m newish to brewing my own cold brew, I\u2019m still exploring what types of beans I like most and have really been enjoying sampling different roasts and regions (speaking of, maybe I should start a sort of \u201c<strong>coffeelog<\/strong>\u201d where I can do some tasting notes \/ reviews\u2026 \ud83e\udd14). Not sure what I like the most yet, but I <em>do<\/em> know that it\u2019s far better than the french press swill I had been making before.<\/p>\n\n<p>When I\u2019m out \u2018n about and ordering coffee, I typically go with an iced latte or sometimes just an iced coffee. I like getting the latte\u2019s because I can\u2019t make them at home. I <u>never<\/u> drink hot coffee. I\u2019d rather have <strong>no<\/strong> coffee than have it hot. I just don\u2019t enjoy hot beverages. When I do happen across a Starbucks, my go-to order is their <a href=\"https:\/\/www.starbucks.com\/menu\/product\/2123431\/iced\">Iced Brown Sugar Oatmilk Shaken Espresso<\/a>, with just <strong>1<\/strong> pump of the syrup, otherwise it\u2019s too sweet for my liking.<\/p>\n\n<p>Cheers!<\/p>\n","pubDate":"Tue, 13 May 2025 09:59:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2025\/05\/13\/how-i-take-my-coffee","guid":"https:\/\/shellsharks.com\/notes\/2025\/05\/13\/how-i-take-my-coffee","category":["life","coffee","food"]},{"title":"'cause nobody hurts me better","description":"<p>My song ranking of Sleep Token\u2019s album <strong><a href=\"https:\/\/album.link\/us\/i\/1800532611\">Even in Arcadia<\/a><\/strong>. Honestly though, that top <strong>4<\/strong> is super hard for me to decide as they are all mind-blowing. Also, had to roll back into this post and drop the lyrics to my favorite parts of each song. <em>Behold!<\/em><\/p>\n\n<ol>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800534038\">Gethesmane<\/a> (<em>shoutout to that epic riff tho\u2019<\/em>)\n    <blockquote>\n      <p>and I\u2019ve learned to live beside it<br \/>\nand even though it\u2019s over now, I will always be reminded<br \/><\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800533447\">Caramel<\/a>\n    <blockquote>\n      <p>too young to get bitter over it all<br \/>\ntoo old to retaliate like before<br \/>\ntoo blessed to be caught ungrateful, I know<\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800533420\">Past Self<\/a>\n    <blockquote>\n      <p>and if this is love, then i am out of hesitation<br \/>\nwalking an inch above the pavement<br \/>\ntaking it stride by stride together<br \/>\nif this is real, then i am all up in a frenzy<br \/>\nnot like before when I was empty<br \/>\nsay that the story we tell is never ending<br \/>\ntaking it stride by stride together<\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800533191\">Emergence<\/a>\n    <blockquote>\n      <p>are you the carbide on my nano?<br \/>\nred glass on my lightbulb<br \/>\ndark light on my culture<br \/>\nsapphire on my white coat<br \/>\nburst out of my chest and<br \/>\nhide out in the vents<\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800533715\">Damocles<\/a>\n    <blockquote>\n      <p>and nobody told I\u2019d be begging for relief<br \/>\nwhen what is silent to you feels like it\u2019s screaming to me<br \/>\nand nobody told me i\u2019d get tired of myself<br \/>\nwhen it all looks like heaven, but it feels like hell<\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800532870\">Look to Windward<\/a>\n    <blockquote>\n      <p>oh and I<br \/>\nI used to know myself<br \/>\noh and you<br \/>\nyou used to know me well<br \/>\noh and I<br \/>\nI wish that I could leave myself alone<br \/>\noh and you<br \/>\nyou wish that you could make me whole<\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800533707\">Provider<\/a>\n    <blockquote>\n      <p>and our bodies converse like old friends<br \/>\nexchanging in years silence<br \/>\nwith something unsaid on both ends<br \/>\nsurely we know the difference<\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800534115\">Infinite Baths<\/a>\n    <blockquote>\n      <p>even if I\u2019m on my own<br \/>\nwhen the silcence is deafening<br \/>\nI could be stuck here alone<br \/>\nwhen even my future is threatening<br \/>\nsomething is lifting the bones<br \/>\nsomething is dancing in revelry<br \/>\nwider than oceans below<br \/>\ntaller than titans on boxsprings<\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800533693\">Even in Arcadia<\/a><br \/>\n  that final\u2026\n    <blockquote>\n      <p>have you been waiting long!!!<\/p>\n    <\/blockquote>\n  <\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1800533443\">Dangerous<\/a>\n    <blockquote>\n      <p>when\u2019s the last time you tasted blood?<br \/>\nand what will it take to stem the flood?<\/p>\n    <\/blockquote>\n  <\/li>\n<\/ol>\n","pubDate":"Mon, 12 May 2025 12:40:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2025\/05\/12\/cause-nobody-hurts-me-better","guid":"https:\/\/shellsharks.com\/notes\/2025\/05\/12\/cause-nobody-hurts-me-better","category":["life","music"]},{"title":"Gardenlog","description":"<p>It\u2019s time. I\u2019m gettin\u2019 into <strong>gardening<\/strong>. Have I grown <i>anything <u>ever<\/u><\/i>? Nope. Do I simply <strong>adore<\/strong> the taste of a garden-fresh tomato? <strong>100%<\/strong>. <em>So<\/em>, as is my custom, I\u2019m going to attempt to document the journey\u2014to include all the successes, failures, and hopefully delicious moments along the way.\n<br \/><\/p>\n\n<p>I don\u2019t know what I\u2019ll do with this \u201cseries\u201d long-term. (Hopefully) if this whole gardening thing works out, I\u2019ll have semi-routine posts about this sorta thing\u2014but what format they will come in is TBD. Maybe they\u2019ll just be regular \u201cposts\u201d (<em>as this one is<\/em>), or a recurring section in my \u201c<a href=\"https:\/\/shellsharks.com\/captains-log\">Captain\u2019s Log<\/a>\u201d. Or maybe it\u2019ll deserve its own <a href=\"https:\/\/shellsharks.com\/devlog\/collection-all-the-things\">collection<\/a> type some time into the future. Rather than obsess over that now, I\u2019m just going to make <u>this<\/u> post and see what it all <em>grows<\/em> into! (See what I did there? \ud83e\udd2d)<\/p>\n\n<hr \/>\n\n<h1 id=\"gear-up\">Gear Up<\/h1>\n\n<p>I\u2019ve never had a garden before, and besides having a house plant here and there over the years, I\u2019ve not really \u201cgrown\u201d much of anything in my life. As such, at t=0 I didn\u2019t have much <strong>gear<\/strong> to speak of\u2014and as we all know of course, ya gotta have the right gear! So I picked up a few things from the hardware store. Here\u2019s my new loadout\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.lowes.com\/pd\/Fiskars-6-25-in-Aluminum-Garden-Trowel\/5014577901\">Garden Trowel<\/a><\/li>\n  <li><a href=\"https:\/\/www.lowes.com\/pd\/Project-Source-Men-s-Leather-Rose-Pruning-Glove-Large-X-Large\/5013237213\">Gardening Gloves<\/a><\/li>\n  <li><a href=\"https:\/\/www.lowes.com\/pd\/Scotts-MG-ORGANIC-OUTDOOR-POTTING-MIX-25QT\/5015272245\">Potting Soil<\/a> (more on what I\u2019m planting in this <a href=\"#tomatoes-\">soon<\/a>)<\/li>\n  <li><a href=\"https:\/\/www.lowes.com\/pd\/33-in-Galvanized-Steel-Wire-Round-Tomato-Cage\/3430110\">Plant Cage<\/a> (here\u2019s a hint though\u2026)<\/li>\n<\/ul>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/gear.jpeg\" alt=\"Gear Check\" \/><\/p>\n\n<h1 id=\"the-garden\">The Garden<\/h1>\n\n<p>My back yard is a <em>bit<\/em> of a mess and quite \u201cin-flux\u201d right now with the ongoing screened-porch build. There is a spot I\u2019ve identified as a potentially ideal location for a \u201cgarden\u201d in the future, but as of right now, it\u2019s just not ready for <s>terraforming<\/s> garden-forming.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/future-garden-spot.jpeg\" alt=\"THE FUTURE SPOT\" \/><\/p>\n\n<p>Instead, I will be using an existing planting area to house a few things for this season. It\u2019s a good way for me to get a little practice in and can commit to something more long-term later this year or next \u201cseason\u201d entirely. Here\u2019s what that space looks like now. I need to dig up what\u2019s there and get it ready for what I <a href=\"#tomatoes-\">plan to plant<\/a>!<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/mini-garden.jpeg\" alt=\"TOMATO PLANTING SPOT\" \/><\/p>\n\n<p>What\u2019s interesting, is there\u2019s some <strong>chives<\/strong> and <strong>oregano<\/strong> already growing there. I suppose I can thank the previous owners of this house. Not sure whether I\u2019ll keep those herbs there or just remove them to make way for what\u2019s new.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/chives-oregano.jpeg\" alt=\"CHIVES &amp; OREGANO\" \/><\/p>\n\n<h1 id=\"tomatoes-\">Tomatoes! \ud83c\udf45<\/h1>\n\n<p><strong>Story time<\/strong>: I was a \u201cNavy brat\u201d growing up, and as such, lived in various places up and down the East Coast during my childhood. One constant throughout that time was visiting my grandparents (and other relatives) who lived in South Carolina (specifically, Charleston). I have very fond memories of those times. One standout element of those visits was always the <strong>food<\/strong>. My grandma made a lot of things that I only really ever had <em>there<\/em>\u2013field peas, banana pudding, pound cake, this very particular sweet tea, her pancakes, etc\u2026 But one of my favorite things was always the <strong>tomatoes<\/strong> and <strong>cucumbers<\/strong>, fresh from the garden. You <u>cannot<\/u> get tomatoes like those at the store. In my experience, I can\u2019t even get tomatoes that good at a farmers market around here. It\u2019s not just nostalgia talkin\u2019 either. I\u2019ve <em>recently<\/em> had one of grandma\u2019s tomatoes and it holds up. They\u2019re delicious &amp; entirely unmatched.<\/p>\n\n<p>I like to eat just sliced tomatoes, with a bit of salt and pepper on them. I also like them on a BLT. Unsatisfied with my options at the store, I\u2019ve long thought about growing my own. Up until recently, it wasn\u2019t <em>really<\/em> an option for me as I didn\u2019t have a place to grow them. However, since moving into a new place, I now have some space for a garden! So, the other day, I finally decided to get into it.<\/p>\n\n<p>Turns out, I know nothing about gardening. I didn\u2019t even really know much about tomatoes, aside from the fact that I like to eat them and the varieties at the store are kinda weak-sauce. So I started doin\u2019 a bit of research and came across <a href=\"https:\/\/www.theseasonalhomestead.com\/10-best-tomatoes-to-grow\/\">this article<\/a> discussing the best tomato varieties. Ultimately, I decided to pick up some <a href=\"https:\/\/www.lowes.com\/pd\/Bonnie-Plants-Tomatoes-Pot-Plant-2-Pack\/5014707943\">Cherokee Purple<\/a> plants from the store.<\/p>\n\n<p>Here they are in all their li\u2019l sprouty splendor!<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/tomato-babies.jpeg\" alt=\"Tomato Babies\" \/><\/p>\n\n<p>I\u2019d love to blast out and immediately plant these babies, but from what I\u2019ve read, maybe it\u2019s not that simple? I\u2019m still learning here, but I think I have a few things to consider before transplanting them to the chosen garden bed. First, I may need to <a href=\"https:\/\/www.almanac.com\/how-harden-seedlings\">harden<\/a> them up a bit to get them ready for the outside world. Second, the forecast is pretty dreadful for tomatoes\u2014who like water, but maybe not <em>this<\/em> much.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/forecast.jpeg\" alt=\"10-Day Forecast\" width=\"400px\" \/><\/p>\n\n<p>I\u2019m goin\u2019 to move these outside for a few hours each day to get them ready, but keep them inside to spare them from some of the heavier rain that I might be expecting.<\/p>\n\n<p>In a week or so I\u2019ll be back to chat prepping the space, installing the cages and transplanting. See ya! \ud83d\udc4b<\/p>\n\n<h1 id=\"planted\">Planted!<\/h1>\n<p><u>Update! (5\/16)<\/u>: They\u2019re in!<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/tomatoes-planted.jpeg\" alt=\"tomatoes planted\" \/><\/p>\n\n<p>Look at how beautiful it is! \ud83e\udd79<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/gardenlog\/tomato-planted-closeup.jpeg\" alt=\"tomato close-up\" \/><\/p>\n\n<p>Now to water, and maintain. I\u2019ll check back in when I have something noteworthy to report!<\/p>\n\n<hr \/>\n\n<h1 id=\"miscellaneous--resources\">Miscellaneous &amp; Resources<\/h1>\n\n<ul>\n  <li><a href=\"https:\/\/shellsharks.com\/be-weird\">Yeah<\/a>, I made it <strong>Asparagus<\/strong> (hex code: #87a96b)<\/li>\n  <li><a href=\"https:\/\/www.almanac.com\/plant\/tomatoes\">Almanac: How to Grow Tomato Plants: The Complete Guide<\/a> &amp; <a href=\"https:\/\/www.almanac.com\/how-harden-seedlings\">Hardening Guide<\/a><\/li>\n  <li><a href=\"https:\/\/www.themakermakes.com\/blog\/growing-tomatoes-for-beginners\">The Maker Makes Tomato Guide<\/a><\/li>\n  <li><a href=\"https:\/\/bonnieplants.com\/blogs\/how-to-grow\/growing-tomatoes\">Bonnie Plants Growing Tomatoes<\/a><\/li>\n  <li><a href=\"https:\/\/giantveggiegardener.com\/2013\/05\/11\/soil-temperature-is-important-when-planting-tomatoes\/\">Soil Temperature Guide for Tomatoes<\/a><\/li>\n  <li><a href=\"https:\/\/u.osu.edu\/growingfranklin\/2019\/06\/18\/keeping-tomatoes-healthy-in-wet-weather\/\">Keeping Tomatoes Healthy in Wet Weather<\/a><\/li>\n  <li><a href=\"https:\/\/www.gardentech.com\/blog\/garden-and-lawn-protection\/easy-steps-to-grow-your-own-tomatoes\">GardenTech Tomato Guide<\/a><\/li>\n<\/ul>\n","pubDate":"Fri, 09 May 2025 16:36:00 -0400","link":"https:\/\/shellsharks.com\/gardenlog","guid":"https:\/\/shellsharks.com\/gardenlog","category":["life","gardening","gardenlog","life","blog"]},{"title":"BQC: Ten Pointless Facts About Me","description":"<p>Here\u2019s a blogging challenge kicked off by <a href=\"https:\/\/forkingmad.blog\/ten-pointless-facts-about-me\/\">Forking Mad<\/a>. Here\u2019s 10 \u201cpointless\u201d questions, and their answers, from me!<\/p>\n\n<h2 id=\"do-you-floss-your-teeth\">Do you floss your teeth?<\/h2>\n<p><strong>Yes<\/strong>. Though not as routinely as I <em>used<\/em> to. You see, some time ago I had my top-back-molars on both sides of my mouth pulled. They had long bothered me\u2014I couldn\u2019t eat much of anything without food getting stuck inbetween those teeth and the set in front of them. This would cause serious discomfort which I could alleviate by flossing said food out. This meant I flossed at least once, but likely multiple times each day. Since having those teeth pulled, food does not get stuck in my teeth in the same way, so my flossing habit has suffered a bit. I still floss <em>most<\/em> days though.<\/p>\n\n<h2 id=\"tea-coffee-or-water\">Tea, coffee, or water?<\/h2>\n<p>These days, <strong>coffee<\/strong> for sure. In fact, I\u2019ve recently gotten into making my own <a href=\"https:\/\/shellsharks.com\/captains-log\/2025\/03\/27\/log#life\">cold brew<\/a>. It\u2019s delicious! I\u2019ll normally have some coffee at least once, but usually twice a day (a cup in the morning and another sometime in the afternoon). My coffee habit only started during the pandemic though (oddly enough). Before that, I was a <u>sweet<\/u> tea person all the way. I can thank my southern roots for that I suppose. But unfortunately, all the sweet tea I was drinking back in those days started to cause me some health issues so I had to change course a bit. Coffee is magical though, so not a bad replacement \u2615\ufe0f \ud83d\ude01.<\/p>\n\n<p>I do drink a lot of water though, especially on days where I am at the gym (which is most days!)<\/p>\n\n<h2 id=\"footwear-preference\">Footwear preference?<\/h2>\n<p>I tried looking for the <em>exact<\/em> shoe, but perhaps they are no longer available? <em>Anyways<\/em>, my prefered shoe are these <strong>Salomon hiking shoes\/boots<\/strong> (in black) that are kinda a hybrid \u201cregular\u201d hiking boot and sneaker. They are super comfortable, extremely versatile, waterproof, last forever and I like the way they look. I wear \u2018em everywhere!<\/p>\n\n<h2 id=\"favourite-dessert\">Favourite dessert?<\/h2>\n<p>This <em>kinda<\/em> depends on the situation\u2014or my mood. Traditionally, my favorite dessert has been <strong>cheesecake<\/strong>. But I also love <strong>blueberry cobbler<\/strong> and <strong>rum cake<\/strong>. I have a rum cake every year for my birthday in fact \ud83c\udf82.<\/p>\n\n<p>I also really love tiramisu \ud83e\udd24<\/p>\n\n<h2 id=\"the-first-thing-you-do-when-you-wake-up\">The first thing you do when you wake up?<\/h2>\n<p>I usually roll over and <strong>go back to sleep<\/strong> for a few more minutes \ud83d\ude34. Then, probably pick up my phone and check some combination of Apple News, Fedi, Email and other notifications that came in over-night.<\/p>\n\n<h2 id=\"age-youd-like-to-stick-at\">Age you\u2019d like to stick at?<\/h2>\n<p>Well for all the usual reasons it\u2019d be nice to have some of the qualities that came with youth (<strong>~mid-20\u2019s<\/strong>)\u2014back when I didn\u2019t get sleepy after one beer, had no knee pain and could recover from anything in ~48 hours. But aside from that, aging hasn\u2019t been so bad for me. It\u2019s brought me new and exciting professional challenges, I\u2019m a father to two cute little nuggets, I\u2019m in the best physical shape I\u2019ve ever been in\u2026 I dunno, things aren\u2019t so bad at this age\u2026<\/p>\n\n<h2 id=\"how-many-hats-do-you-own\">How many hats do you own?<\/h2>\n<p>Own? 6-10 maybe. How many do I actually wear? Well I\u2019m not much of a hat guy, but I do have <strong>a sun hat<\/strong>-kinda thing I\u2019ll bust out when doing yard work sometimes \ud83e\udd37\u200d\u2642\ufe0f. All my other hats are ones I\u2019ve picked up at security conferences \ud83d\ude02.<\/p>\n\n<h2 id=\"describe-the-last-photo-you-took\">Describe the last photo you took?<\/h2>\n<p>The last thing in my photos app is actually a video. It\u2019s the cutest thing really. Whenever my daughter (she\u2019s 1) wants a snack, she grabs it from the pantry and then excitedly runs over and brings it to me. After she hands it to over, she\u2019ll do this rapid fire series of <strong>li\u2019l baby jumps<\/strong>. The cute hoppy anticipation is just the best \ud83e\udd70.<\/p>\n\n<h2 id=\"worst-tv-show\">Worst TV show?<\/h2>\n<p><strong>Big Bang Theory<\/strong>. Just awful. I won\u2019t be taking questions.<\/p>\n\n<h2 id=\"as-a-child-what-was-your-aspiration-for-adulthood\">As a child, what was your aspiration for adulthood?<\/h2>\n<p>From what I remember, I had a few \u201cwhat do I want to be when I grow up\u201d phases. (In no particular order)\u2026<\/p>\n\n<ul>\n  <li>Astronaut<\/li>\n  <li>Archaeologist<\/li>\n  <li>Paleontologist<\/li>\n  <li>Doctor<\/li>\n<\/ul>\n\n<p>I\u2019m pretty sure all of these came after watching some relevant TV show or movie \ud83d\ude05.<\/p>\n","pubDate":"Fri, 02 May 2025 22:04:00 -0400","link":"https:\/\/shellsharks.com\/bqc-ten-pointless-facts","guid":"https:\/\/shellsharks.com\/bqc-ten-pointless-facts","category":["life","blogchallenge","life","blog"]},{"title":"BQC: Random Questions","description":"<p>Answering a particularly random set of <a href=\"https:\/\/beep.town\/@blog_challenge\/114412023284964853\">questions<\/a> via the <em>Blog Questions Challenge Bot<\/em>\u2026<\/p>\n\n<h2 id=\"whats-a-food-that-instantly-makes-you-feel-cozy\">What\u2019s a food that instantly makes you feel cozy?<\/h2>\n<p><strong>Boiled peanuts<\/strong>. These are my favorite food, and they just remind me of being in South Carolina as a kid and just chillin\u2019 and munchin\u2019.<\/p>\n\n<h2 id=\"describe-the-best-cloud-you-saw-recently\">Describe the best cloud you saw recently.<\/h2>\n<p>Super random question lol. <em>But!<\/em> I did see a particularly impressive <strong>cumulonimbus<\/strong> storm formation recently \u26c8\ufe0f.<\/p>\n\n<h2 id=\"what-song-is-stuck-in-your-head-right-now\">What song is stuck in your head right now?<\/h2>\n<p><strong><a href=\"https:\/\/song.link\/us\/i\/1800533447\">Caramel<\/a><\/strong> by <u>Sleep Token<\/u>. In fact, all of their songs from their <a href=\"https:\/\/song.link\/us\/i\/1800533693\">new album<\/a> have been rotating through my head of late.<\/p>\n\n<h2 id=\"if-you-could-add-one-silly-feature-to-your-phone-watch-what-would-it-be\">If you could add one silly feature to your <s>phone<\/s> watch, what would it be?<\/h2>\n<p>I changed the prompt from phone to watch \ud83d\ude05. I wish my watch could somehow \u2728magically\u2728 track my calorie intake and break it out via macros.<\/p>\n\n<hr \/>\n\n<p>I like doing these blog questions challenges\u2026 but sometimes the prompts are a little <em>too<\/em> random. Also, the provenance of these questions (AI-generated) is a little <em>ehhhhh<\/em> to me, so I\u2019m questioning whether I will really continue taking part in the weekly challenge write-up. I suppose if a particularly interesting set of questions were to pop I would do it\u2014or if I was \u201cchallenged\u201d by someone else in the larger IndieWeb community I may bite. Still haven\u2019t decided though\u2026 Honestly, I think I can come up with my own prompts. The \u201cfun\u201d of this was always meant to be having the same prompt answered by a lot of people, and I just don\u2019t know what the adoption is at this point. Is anyone else out there answering these prompts?! Let me know.<\/p>\n\n<p>Thanks for reading!<\/p>\n","pubDate":"Wed, 30 Apr 2025 16:15:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2025\/04\/30\/bqc-random-questions","guid":"https:\/\/shellsharks.com\/notes\/2025\/04\/30\/bqc-random-questions","category":["life","blogchallenge"]},{"title":"BQC: Outdoor Activities","description":"<p>Answering the <em>Blog Questions Challenge<\/em> <strong><a href=\"https:\/\/beep.town\/@blog_challenge\/114360975624494911\">Outdoor activities<\/a><\/strong>\u2026<\/p>\n\n<h2 id=\"whats-your-favorite-thing-to-do-outside-when-the-weather-is-perfect\">What\u2019s your favorite thing to do outside when the weather is perfect?<\/h2>\n<p>Hiking a mountain. Preferably one with a nice rocky ridgeline so I have views of the valley and surrounding ranges.<\/p>\n\n<h2 id=\"if-you-could-only-do-one-outdoor-activity-for-the-rest-of-your-life-what-would-it-be\">If you could only do one outdoor activity for the rest of your life, what would it be?<\/h2>\n<p>Kind of an odd question tbh. I mean I love to hike, but I also love sitting by a campfire. <em>Must I choose!?<\/em> Y\u2019know what? It\u2019s my blog. So <strong>I won\u2019t<\/strong>.<\/p>\n\n<h2 id=\"whats-the-silliest-thing-thats-ever-happened-to-you-while-enjoying-the-great-outdoors\">What\u2019s the silliest thing that\u2019s ever happened to you while enjoying the great outdoors?<\/h2>\n<p>A bird pooped on my head once while I was traveling in South Africa\u2026 \ud83d\udc26\ud83d\udca9\ud83d\ude21<\/p>\n\n<h2 id=\"would-you-rather-explore-a-dense-forest-or-relax-on-a-sunny-beach\">Would you rather explore a dense forest or relax on a sunny beach?<\/h2>\n<p><em>Easy<\/em>\u2014the <strong>forest<\/strong> all the way. I like the sense of adventure.<\/p>\n","pubDate":"Mon, 21 Apr 2025 10:17:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2025\/04\/21\/outdoor-activities","guid":"https:\/\/shellsharks.com\/notes\/2025\/04\/21\/outdoor-activities","category":["life","blogchallenge","nature"]},{"title":"Over\/Under with Shellsharks","description":"<p>Here\u2019s <a href=\"#overunder-with-shellsharks\">my submission<\/a> to <a href=\"https:\/\/lazybea.rs\/\">lazybea.rs<\/a> series <strong><a href=\"https:\/\/lazybea.rs\/tags\/over\/under\">Over\/Under<\/a><\/strong>. The idea is simple, <a href=\"https:\/\/lazybea.rs\/hyde.stevenson\/\">Hyde<\/a> gives me some topics and I state whether those things are <u>overrated<\/u> or <u>underrated<\/u>, with some text about why. Here were my chosen topics\u2026\n<br \/><\/p>\n<ul>\n  <li><a href=\"#indieweb\">Indieweb<\/a><\/li>\n  <li><a href=\"#slash-pages\">Slashpages<\/a><\/li>\n  <li><a href=\"#sharks-are-dangerous\">Sharks are dangerous<\/a><\/li>\n  <li><a href=\"#ransomware\">Ransomware<\/a><\/li>\n  <li><a href=\"#octopus-dishes\">Octopus dishes<\/a><\/li>\n<\/ul>\n\n<p>Go read this post over at <strong><a href=\"https:\/\/lazybea.rs\/ovr-015\/\">lazybea.rs<\/a><\/strong>!<\/p>\n\n<hr \/>\n\n<h1 id=\"overunder-with-shellsharks\">Over\/Under with Shellsharks<\/h1>\n\n<h2 id=\"indieweb\">IndieWeb<\/h2>\n<p>By <em>most<\/em>, the <a href=\"https:\/\/indieweb.org\/\">IndieWeb<\/a> is severely <strong>underrated<\/strong>\u2014by the enlightened few, consider it <em>adequately-rated<\/em>. It\u2019s probably of no surprise to anyone who has followed my writing for the last two-<i>ish<\/i> years\u2014I <u><b>love<\/b><\/u> the IndieWeb, and personal blogging in general. I frequently write on the <a href=\"https:\/\/shellsharks.com\/tags?tag=indieweb\">subject<\/a>, have built many-a-reference dedicated to collecting <a href=\"https:\/\/shellsharks.com\/indieweb\">resources<\/a> and educating others, and I <em>somewhat recently<\/em> started a \u201cnewsletter\u201d-type thingy dubbed \u201c<a href=\"https:\/\/shellsharks.com\/scrolls\">Scrolls<\/a>\u201d, which heavily features content and personalities from across the IndieWeb. I love me some IndieWeb.<\/p>\n\n<h2 id=\"slash-pages\">Slash Pages<\/h2>\n<p>Though I have to give <em>all<\/em> credit to <a href=\"https:\/\/rknight.me\/\" class=\"rknight-me\">Robb<\/a> for the creation and maintenance of the venerable <a href=\"https:\/\/slashpages.net\">Slashpages.net<\/a>, I can give myself a tiny nod as Robb did consult me prior to the site going live on what my thoughts were on how they should be defined and what pages should\/could be included. He was even nice enough to give me a named credit on the site and include my silly <a href=\"https:\/\/shellsharks.com\/chipotle\">\/chipotle<\/a> slash-page \ud83c\udf36\ufe0f \ud83d\ude06.<\/p>\n\n<p>Slash Pages are just <u>fun<\/u>. They are an emodiment of the IndieWeb experiment. They are meant to share something about <em>you<\/em>, the individual behind the site. They exist in a place (the root of your site) that should be relatively common across other IndieWeb sites\u2014which leads to improved discoverability and a greater sense of community. They are also just quirky, silly and very <strong>human<\/strong>\u2014something the web, <em>and the world<\/em>, desperately need more of.<\/p>\n\n<p>In the weeks and months since Robb launched the site, I\u2019ve noticed a really promising level of adoption across my own IndieWeb circles. I hope to see more people have fun with this idea, add Slash Pages to their site, come up with new ones, etc\u2026 For now, I believe it is still vastly <strong>underrated<\/strong>!<\/p>\n\n<h2 id=\"sharks-are-dangerous\">Sharks are Dangerous<\/h2>\n<p>I maintain a healthy respect for <u>all<\/u> wild animals. They deserve as much if you ask me. They are also <em>all<\/em> equipped with a dizzying assortment of defensive capabilities. So for your own protection, I suggest everyone maintain safe distances and treat all life with respect. This is <em>doubly-true<\/em> concerning creatures that are <em>of-the-sea<\/em>.<\/p>\n\n<p>I\u2019m a land-walker. On-land, I feel like I can hold my own well-enough. I can see things that approach me, I can hear them, I can run pretty fast for a human, I can even pick up something to defend myself if I needed to. Not saying I could tussle with, and win, against any manner of land-faring beast, but I can do <em>something<\/em>. When it comes to the <strong>water<\/strong> though? I\u2019m completely defenseless. I can swim, <em>yeah<\/em>\u2014but that\u2019s about it. I can\u2019t really see underwater, I have no means to really detect if something is about to \u201cget me\u201d. I don\u2019t think my futile punches or kicks would amount to much, especially against something like a shark.<\/p>\n\n<p>All this to say, I <em>do<\/em> think Sharks are dangerous\u2014or rather they <em>can<\/em> be. If you don\u2019t have that healthy respect for them. They are apex predators afterall, and they dominate in a world that humans, just naturally <em>don\u2019t<\/em>. You\u2019ve probably seen that statistically, sharks aren\u2019t particularly harmful to humans. This is <em>probably<\/em> true. As such, I think the danger of sharks is probably <strong>properly rated<\/strong>. Humans aren\u2019t natural prey for sharks (thankfully), and we as humans do some things to avoid sharks where we can. Sharks are innately curious, and infinitely <strong>cool<\/strong>. I mean, I have a lot of shark-themed stuff on my site, so you <em>know<\/em> I have somewhat of an affinity.<\/p>\n\n<h2 id=\"ransomware\">Ransomware<\/h2>\n\n<p>I\u2019m (professionally) in infosec, so I have an appreciation and technical understanding of Ransomware\u2014how it can happen, how to defend against it, and the impacts of an incident. Ransomware is consistently placed at the top of \u201cthings to worry about\u201d lists (e.g. <a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/\">Verizon\u2019s DBIR<\/a>) and yet, remains inadequately defended against time after time, across all observable sectors. I think it\u2019s <strong>impossible to overrate<\/strong> the financial impact of a serious ransomware-related breach. Entire companies have been snuffed out of existence thanks to them\u2014and <a href=\"https:\/\/shellsharks.com\/podcast\/2022\/07\/11\/raap\">ransomware-as-a-business<\/a> in and of itself is measured in the <em>billions<\/em>, if not trillions, yearly.<\/p>\n\n<h2 id=\"octopus-dishes\">Octopus Dishes<\/h2>\n\n<p>Fried, and then dipped in some sort of sauce? <em>Sure<\/em>. Otherwise? <em>Ehhhh<\/em>, not really my thing. Not a big tentacle guy I suppose. I gotta say <strong>overrated<\/strong>.<\/p>\n","pubDate":"Mon, 21 Apr 2025 08:00:00 -0400","link":"https:\/\/shellsharks.com\/over-under-shellsharks","guid":"https:\/\/shellsharks.com\/over-under-shellsharks","category":["technology","life","infosec","blogging","indieweb","technology","life","infosec","blog"]},{"title":"Yeah, I Made It Lilac","description":"<p>Did you know if you have your own website, you can do <u>whatever<\/u> you want with it? <em>Like<\/em>\u2026 it doesn\u2019t have to be all snobby or professional. <em>Or like<\/em>\u2026 some of it can, but some of it could just not be, <em>y\u2019know?<\/em> \n<br \/><\/p>\n<style>\n  #latestpostcontent {background-color: #A47DAB; p {color:black;} a { color:darkblue; } span>i {color: black;} border-radius: 10px; padding: 5px 10px 5px 10px;}\n<\/style>\n\n<style>\n  body {\n    background-color: #A47DAB;\n  }\n  main {\n    font-family: 'Times New Roman', serif;\n    color: black;\n    font-size: 1.2em;\n  }\n  .primarycolor {\n    color: black;\n  }\n  article * a {\n    color: darkblue;\n    text-decoration-line: underline;\n    text-decoration-color: darkgreen;\n  }\n  footer * span {\n    color: black !important; \n  }\n  p {\n    color: black;\n  }\n<\/style>\n\n<p>Check this s*** out for example. I went positively rogue on this page.<\/p>\n\n<p><img src=\"\/assets\/img\/derpshark.png\" width=\"250px\" title=\"derpshark\" style=\"transform: rotate(0.05turn); position:relative; left:15%;\" \/><\/p>\n\n<p><em>Then<\/em>, I slapped my derpy turtle shark thing there \u2934. For <u>NO<\/u> reason. Isn\u2019t he breathtaking?<\/p>\n\n<p><em>Does this post look good?<\/em> Stop. Don\u2019t care. Doesn\u2019t need to. It is what it is\u2014and what it is, is just something I <em>felt<\/em> like doing in the moment. I\u2019m going to publish this. Then\u2026 I might tweak it. Maybe I\u2019ll add <em>more<\/em> ridiculous stuff to it. Y\u2019know, when I <em>feel<\/em> like it. <em>Or<\/em>, maybe I\u2019ll take it down sometime. Maybe I\u2019ll change the background title and color. I\u2019ma just <strong>vibe<\/strong>, <em>cool<\/em>?<\/p>\n\n<p style=\"font-family: Lucinda, cursive;\">\ud83d\udea8 New font alert!! \ud83d\udea8<br \/><br \/>Yeah that's right. Out of nowhere we got this fancy-lookin' font goin' on. <u>Dope<\/u>.<\/p>\n\n<p><em>OK<\/em>, we\u2019re back.<\/p>\n\n<p>\ud83c\udfb5 <em>Doopa-choppa-doooo<\/em> \ud83c\udfb6\u2014what should I do now?<\/p>\n\n<p>I\u2019m <em>trying<\/em> to send some sort of <span style=\"font-size:3em;\">message<\/span> here.<\/p>\n\n<p>The message is <span style=\"font-family: 'Courier New', monospace;\">simple<\/span>, yet \u2728eloquence\u2728 may not be my fort\u00e9. Your site is for <u>you<\/u>\u2014to be you\u2013and you\u2019re almost <u>certainly<\/u> <em>kinda<\/em> weird, right? So own it! Stop worrying about making it \u201cperfect\u201d (<em>whatever that means<\/em>). Or making it professional (\ud83e\udd22). Or making it <em>need<\/em> to have this or that. It ain\u2019t that serious. Be more like <em>this<\/em> page. <u>Be Weird<\/u>.<\/p>\n\n<h3 id=\"update\">Update!<\/h3>\n\n<p>I told you I\u2019d do this. I was munching on a block of extra sharp cheddar cheese thinking about this post and decided I had some more I wanted to say.<\/p>\n\n<p>You look at this page and you might think it\u2019s \u201cweird\u201d. I mean I do. I\u2019ve said as much throughout. <em>But why<\/em>? Was it really so long ago that almost all sites looked like this? Personalized. Amateur. Unique. Human\u2014in a time of the \u201cold web\u201d. It <em>does<\/em> seem like it was a lifetime ago doesn\u2019t it? It\u2019s too bad that people\u2019s blogs have become <u>not<\/u> like this. The <em>substack-ification<\/em> of people\u2019s web presence is what\u2019s grotesque if you ask me. <em>I dunno<\/em>\u2026 can you make just <em>one<\/em> of your pages on Substack lilac? \ud83c\udf38<\/p>\n\n<p>\u2026<em>probably not<\/em> \ud83d\ude14<\/p>\n\n<p>Come here (the <a href=\"https:\/\/shellsharks.com\/indieweb\">IndieWeb<\/a>) and be weird with me. With us.<\/p>\n","pubDate":"Fri, 18 Apr 2025 12:08:00 -0400","link":"https:\/\/shellsharks.com\/be-weird","guid":"https:\/\/shellsharks.com\/be-weird","category":["life","blogging","indieweb","life","blog"]},{"title":"Renewal","description":"<p>This month I\u2019ve decided to participate in my <u>first<\/u> <a href=\"https:\/\/indieweb.org\/IndieWeb_Carnival\">IndieWeb Carnival<\/a>\u2014a once-a-month writing prompt organized by the <a href=\"https:\/\/indieweb.org\/\">IndieWeb.org<\/a> community. This month\u2019s prompt is \u201c<strong>Renewal<\/strong>\u201d, hosted by <a href=\"https:\/\/www.thingelstad.com\/about\/\">Jamie Thingelstad<\/a>.\n<br \/><br \/>\nThere\u2019s a lot on my mind lately in regards to this term\u2014\u201cRenewal\u201d. I recently moved into a new house and with it I have a yard. The yard has a lot of plants and trees that are now flowering\u2014cherry blossom, red bud, skip laurel, rhododendron and more! This is my first spring here so it has been fun to see what bloomed, and given me an opportunity to learn more about these plants.<\/p>\n\n<p>This site, <span class=\"shellsharks-com\">shellsharks.com<\/span>, has also seen quite the renewal\u2014or better put, a <em>revival<\/em>. 2025 has been a <em>very<\/em> busy year for me in terms of sprucing up the site, writing regularly and exploring an even greater breadth of topics and content types. This momentum always energizes me creatively and gives me productive momentum in other areas of my life\u2014professionally, around the house, and with other assorted projects.<\/p>\n\n<p>I\u2019m not sure what else to really go on about. My life seems to always be a constant stream of <em>new<\/em> things. This is by design, and unavoidable. To continue to stay on top of it all, it\u2019s always helped me to reframe these challenges, these endless lists of to-do\u2019s as something \u201cnew\u201d. Whether it be a new way of approaching an old problem, or in fact a new issue altogether.<\/p>\n\n<p>So, here\u2019s to all things new, and \u201cre\u201d-new for me this year! \ud83c\udf3b<\/p>\n","pubDate":"Tue, 15 Apr 2025 12:25:00 -0400","link":"https:\/\/shellsharks.com\/renewal","guid":"https:\/\/shellsharks.com\/renewal","category":["life","blogging","indieweb","iwc","life","blog"]},{"title":"Just Put It On Your Blog","description":"<p>If you\u2019ve got something to say, something to share, something that others might be interested in\u2014why not <strong>just put it on your blog<\/strong>?<\/p>\n\n<p>Someone ask a question on social media that you want to answer? <em>Write about it on your blog and link to it in your reply thread.<\/em><\/p>\n\n<p>Post anything to social media? <em>Archive it to your blog.<\/em><\/p>\n\n<p>Have an interesting, random thought? <em>Write about it on your blog.<\/em><\/p>\n\n<p>Remember a weird dream? <em>Document it in a dream journal on your blog.<\/em><\/p>\n\n<p>Find some other cool articles or web sites? <em>Link to them from your blog.<\/em><\/p>\n\n<p>Have a great soup recipe? <em>Share it on your blog.<\/em><\/p>\n\n<p>Have a bunch of resources related to one technical thing you know how to do well? <em>Document those resources on your blog.<\/em><\/p>\n\n<p>Find yourself repeating the same thing a lot? <em>Write a blog post about it and share that instead.<\/em><\/p>\n\n<p>What\u2019re you up to right now? What\u2019d you do yesterday? Get into anything cool last week? What about last month? <em>Write about it on your blog.<\/em><\/p>\n\n<p>Like something a lot? Or maybe you <em>really<\/em> <strong>don\u2019t<\/strong> like something? <em>Go off about it\u2014on your blog.<\/em><\/p>\n\n<p>Like to doodle? <em>You know where to share \u2018em.<\/em><\/p>\n\n<p>Saw a good movie or listened to a really great song? <em>Talk about it on your blog.<\/em><\/p>\n\n<p>It\u2019s great to have a place to share your thoughts. A place you can go back to when you want to remember something you had written or thought about before. A place you can refer people to when they have questions you\u2019ve answered in the past. A place to be you. So, get a blog, and put all the things there.<\/p>\n","pubDate":"Mon, 14 Apr 2025 15:33:00 -0400","link":"https:\/\/shellsharks.com\/just-put-it-on-your-blog","guid":"https:\/\/shellsharks.com\/just-put-it-on-your-blog","category":["life","blogging","indieweb","life","blog"]},{"title":"Nature Appreciation","description":"<p>This week\u2019s <em>Blog Questions Challenge<\/em> is called \u201c<strong><a href=\"https:\/\/beep.town\/@blog_challenge\/114321339448921361\">Nature Appreciation<\/a><\/strong>\u201d.<\/p>\n\n<p>Here are the questions\u2026<\/p>\n\n<ol>\n  <li><a href=\"#silliest-animal-ive-seen\">What\u2019s the silliest animal you\u2019ve ever seen in nature?<\/a><\/li>\n  <li><a href=\"#plant-superpower\">If you could have any plant\u2019s superpower, what would it be and why?<\/a><\/li>\n  <li><a href=\"#favorite-nature-sound\">What\u2019s your favorite sound of nature and where did you last hear it?<\/a><\/li>\n  <li><a href=\"#the-perfect-nature-spot\">If you could design your own perfect little nature spot, what would it include?<\/a><\/li>\n<\/ol>\n\n<h1 id=\"silliest-animal-ive-seen\">Silliest Animal I\u2019ve Seen<\/h1>\n\n<p>The <strong><a href=\"https:\/\/www.britannica.com\/animal\/Bactrian-camel\">Bactrian Camel<\/a><\/strong> was the first come to mind. Camels have pretty silly (and grumpy) personalities as it is, but the <em>Bactrian<\/em> variety have wildly ridiculous camel humps. I got up close and personal with some at a wild live reserve kinda\u2019 thing once.<\/p>\n\n<h1 id=\"plant-superpower\">Plant Superpower<\/h1>\n\n<p>Honestly I did some web searching to find cool \u201cabilities\u201d I would want to steal from a plant and came up kinda empty. Fire resistance, regeneration, growing super tall\u2014these are all things that are kinda cool, but nothing specific stood out to me. So, as my pick, I\u2019ve decided to go with the wise old <strong><a href=\"https:\/\/www.oneearth.org\/oak-trees-kings-of-biodiversity\/\">Oak Tree<\/a><\/strong>. For any particular ability? <em>Not really<\/em>. I just like the idea of being a chill old Oak Tree that animals love to hang out with.<\/p>\n\n<h1 id=\"favorite-nature-sound\">Favorite Nature Sound<\/h1>\n\n<p>I\u2019d say it\u2019s a close tie between the sound of a <strong>mountain stream<\/strong> and that of a <strong>rain storm<\/strong> with low, rolling thunder.<\/p>\n\n<h1 id=\"the-perfect-nature-spot\">The Perfect Nature Spot<\/h1>\n\n<p><em>Easy<\/em>. Western-facing, mountain-side cabin. Conifers as far as the eye can see. A <a href=\"#favorite-nature-sound\">mountain creek<\/a> babbles nearby. The glow of a camp fire flickers across my face as I watch the sun melt behind the distant peaks.<\/p>\n\n<p><em>Thanks for reading!<\/em><\/p>\n","pubDate":"Mon, 14 Apr 2025 08:51:00 -0400","link":"https:\/\/shellsharks.com\/blog-challenge-nature-appreciation","guid":"https:\/\/shellsharks.com\/blog-challenge-nature-appreciation","category":["life","nature","blogchallenge","life","blog"]},{"title":"Welcome Home","description":"<p>Home is a place of comfort. Home has that particular <em><a href=\"https:\/\/blog.avas.space\/scent\/\">smell<\/a><\/em>. Home is where our <em>stuff<\/em> is. Its halls you know so well. It\u2019s where we gather with friends, and the decor is uniquely you. It may have cracks in the foundations, and another issue or two. It won\u2019t ever be perfect, always a work-in-progress. But home is home, and you love it nonetheless.\n<br \/><br \/>\nA website, your <em>own<\/em> personal website, is just like this\u2014a digital <strong>home<\/strong>, on the web. With all the same comforts, familiarities and problems that need-<i>a<\/i>-fixin\u2019. You can design it how you want, add rooms (pages), invite friends over, paint the walls, hang some <a href=\"https:\/\/shellsharks.com\/devlog\/build-then-smile#the-artwork\">art<\/a>, share your recipes, get some much-needed peace and quiet, <em>anything<\/em>! But unlike <em>actual<\/em> home ownership, it\u2019s a lot more attainable (financially-speaking).<\/p>\n\n<p>This is how I think about my site. It\u2019s truly become that way for me. It\u2019s just a place I like to go to\u2014to hang out, read stuff I\u2019ve written about before, explore, experience, and just <em>chill<\/em>. I see little things that need to be fixed and I go tinker. I get inspired by something I\u2019ve written about in the past or from something I\u2019ve seen elsewhere and I go make an addition on my site, or I write some new post. Because it\u2019s <u>my<\/u> site, it always feels like I\u2019m <em>building<\/em> something. There\u2019s a real investment to it. With it comes pride, and a feeling of accomplishment. Also as a bonus, it\u2019s something I know the rest of the world can enjoy, take inspiration from or just send me <a href=\"https:\/\/shellsharks.com\/kindness\">nice feedback<\/a> about. But there are no \u201clikes\u201d here. You don\u2019t have to bake in social features\u2014comment systems, webmentions, <em>anything<\/em>. I can just hang out here, by myself. Do whatever I want\u2014<em>just vibe<\/em>.<\/p>\n\n<p><a href=\"#more-on-this-concept\">Others<\/a> have pointed out, more eloquently than I will, that other places on the net will never give you this feeling. Sure, they may be great forums for socializing, or for getting your message out, but they will never <em>feel<\/em> like home in the same way a personal website can. Importantly, the things you build and share on those platforms are not <em>yours<\/em>. Your content, your network, your identity\u2014all borrowed, all rented. When those platforms disappear, all of that goes with it. When those platforms <a href=\"https:\/\/pluralistic.net\/2023\/01\/21\/potemkin-ai\/#hey-guys\">enshittify<\/a>, or jack up prices, or otherwise become places that are less hospitable, you realize they were never <em>homes<\/em>. They\u2019re spaces owned by corporations, and subject to all that comes with that. They can add what they want. Take what they want. Remove your content. Delete your connections. They can force you to interact with those you don\u2019t want to. You may never get a break from the noise.<\/p>\n\n<p>We\u2019re humans. We are <em>social<\/em>. So those spaces can be great for socializing. But most of us don\u2019t want to <em>live<\/em> at the bar, or at the coffee shop, or in one of these social spaces. We all want some kinda place to retreat back to. A place of safety. Where all of our stuff is. A place to kick off the shoes. Be messy. Do whatever we want. So <a href=\"https:\/\/shellsharks.com\/you-should-blog#resources\">build<\/a> yourself a website\u2014<strong>welcome home<\/strong>.<\/p>\n\n<h1 id=\"more-on-this-concept\">More on this concept<\/h1>\n<ul>\n  <li><a href=\"https:\/\/nazhamid.com\/journal\/your-site-is-a-home\/\">Your Site Is a Home | Naz Hamid<\/a><\/li>\n  <li><a href=\"https:\/\/www.noemamag.com\/we-need-to-rewild-the-internet\/\">We Need to Rewild The Internet | NOEMA<\/a><\/li>\n  <li><a href=\"https:\/\/jamesg.blog\/2025\/02\/09\/blogs-as-third-places\">Blogs as third places | James\u2019 Coffee Blog<\/a><\/li>\n  <li><a href=\"https:\/\/blog.samclemente.me\/my-home-on-the-internet\/\">My Home on the Internet | The Digital Renaissance<\/a><\/li>\n  <li><a href=\"https:\/\/blog.muni.town\/digital-homeownership\/\">Digital Homeownership | Muni Blog<\/a><\/li>\n  <li><a href=\"https:\/\/coffeenow.moomop.uk\/post\/2025\/02\/indieweb-i\/\">Building an IndieWeb house | Coffee now<\/a><\/li>\n  <li><a href=\"https:\/\/robertbirming.com\/blog-your-home\/\">Your blog, your home<\/a><\/li>\n<\/ul>\n","pubDate":"Wed, 09 Apr 2025 15:32:00 -0400","link":"https:\/\/shellsharks.com\/welcome-home","guid":"https:\/\/shellsharks.com\/welcome-home","category":["life","blogging","indieweb","life","blog"]},{"title":"Manual of Style","description":"<p>This is the <u>Manual of Style<\/u> for Shellsharks.com. It details the conventions and other practices used for writing, editing, styling and generally composing content across the site.<\/p>\n\n<p>It is worth noting that adherence to stated stylistic rules and principles is not uniform, either because I\u2019ve failed to follow them or have purposefully deviated from a normal writing practice. <em>So pardon the anomalies<\/em>!<\/p>\n\n<h1 id=\"structural\">Structural<\/h1>\n\n<ul>\n  <li>\n    <p>All content has some summary of the post as the <u>first<\/u> paragraph. A lot of widgets on my <a href=\"https:\/\/shellsharks.com\/whats-a-home-page\">home page<\/a>, <a href=\"https:\/\/shellsharks.com\/activity\">activity<\/a> page and elsewhere rely on either the <a href=\"https:\/\/jekyllrb.com\/docs\/posts\/#post-excerpts\">excerpt<\/a> (first paragraph) or <a href=\"https:\/\/jekyllrb.com\/docs\/front-matter\/\">front matter<\/a> <em>description<\/em> to populate the widget content. At times, I will use a pair of <code class=\"language-plaintext highlighter-rouge\">&lt;br&gt;<\/code> tags to extend an excerpt beyond a single paragraph.<\/p>\n  <\/li>\n  <li>\n    <p>Paragraph breaks are used mostly for legibility, but I also try to employ them at logical, content-related breathing points\/separators.<\/p>\n  <\/li>\n  <li>\n    <p>Section <a href=\"https:\/\/shellsharks.com\/style#headings\">headers<\/a> are used to separate different topics and subtopics as well as to provide means to deep-link to important points\/content. Specialized, deep-linked content is often done with custom span + id blocks (e.g. <code class=\"language-plaintext highlighter-rouge\">&lt;span id=\"IDHERE\"&gt;CONTENT&lt;\/span&gt;<\/code>).<\/p>\n  <\/li>\n  <li>\n    <p>Horizontal rules (<code class=\"language-plaintext highlighter-rouge\">&lt;hr&gt;<\/code>) are used (at times) to separate intro sections from the main content, as well as to separate appendices from the main content. For larger posts, I may use rules to visibily separate sections. The <a href=\"https:\/\/shellsharks.com\/devlog\/shark-fin-hr\">Shark Fin &lt;hr&gt;<\/a> is used when I want to add a bit of extra whimsy. I try to not have more than one of these visible on a page at the same time.<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"punctuation\">Punctuation<\/h1>\n\n<ul>\n  <li>\n    <p>Single hyphens buffered by a space on each side ( - ), <em>and<\/em> Em Dashes (\u2014) are used frequently to provide extra information, examples and other supplementary facts to sentences.<\/p>\n  <\/li>\n  <li>\n    <p><em>Italics<\/em> are generally reserved for emphasizing words, as I would conversationally. I also use them for signifying terminology (e.g. this sentence is in the <em>Punctuation<\/em> section of this post).<\/p>\n  <\/li>\n  <li>\n    <p><strong>Bolded<\/strong> terms are meant to highlight the main point of a sentence, paragraph or section. I also use bolding to emphasize words beyond what italics might provide.<\/p>\n  <\/li>\n  <li>\n    <p><u>Underlining<\/u> is yet another way I tend to emphasize things.<\/p>\n  <\/li>\n  <li>\n    <p>Ellipsis (\u2026) is used commonly to denote that the next section, paragraph, list or image is directly related to the previous content.<\/p>\n  <\/li>\n  <li>\n    <p>Proper nouns typically have the first letter <u>C<\/u>apitalized.<\/p>\n  <\/li>\n  <li>\n    <p>On somewhat rare, and inconsistent occasions, I will <u>underline<\/u> the titles of referenced blog posts and other publications.<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"linguistic--conversational\">Linguistic \/ Conversational<\/h1>\n\n<ul>\n  <li>\n    <p>Conversational linquistic affects (e.g. \u201c<em>ok<\/em>\u201d, \u201c<em>alright<\/em>\u201d, \u201c<em>so<\/em>\u201d), commonly found at the beginning of sentences, are typically <em>italicized<\/em>.<\/p>\n  <\/li>\n  <li>\n    <p><em>Italics<\/em> are used for words that are conversational in nature.<\/p>\n  <\/li>\n  <li>\n    <p>I use parenthetical asides (<em>like this one<\/em>) to provide inline commentary and bonus context. Often, these asides are italicized to signify my own speech.<\/p>\n  <\/li>\n  <li>\n    <p>My writing includes a lot of \u201c<strong>G-dropping<\/strong>\u201d, whereby I drop the trailing \u2018g\u2019 from \u2018ing\u2019 words, replacing that \u2018g\u2019 with an apostrophe. This is a conversational\/colloquial habit.<\/p>\n  <\/li>\n  <li>\n    <p>Emojis are commonly used to express emotions. \ud83d\udc4d<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"aesthetics\">Aesthetics<\/h1>\n\n<ul>\n  <li>\n    <p>In many cases, when mentioning \u201c<span class=\"shellsharks-com\">Shellsharks<\/span>\u201d (referring to the website itself), or when mentioning the Newsletter \u201c<span class=\"shellsharks\"><a href=\"https:\/\/shellsharks.com\/scrolls\">Scrolls<\/a><\/span>\u201d, I will style them using the <code class=\"language-plaintext highlighter-rouge\">.shellsharks-com<\/code> &amp; <code class=\"language-plaintext highlighter-rouge\">.shellsharks<\/code> class colors (respectively) (as defined in the <a href=\"https:\/\/shellsharks.com\/style#other-colors\">Style guide<\/a>). This is a newer convention, so will be something seen more commonly in newer content.<\/p>\n  <\/li>\n  <li>\n    <p>Aesthetic styling is defined in this site\u2019s <a href=\"https:\/\/shellsharks.com\/style\">Style<\/a> page.<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"other\">Other<\/h1>\n\n<ul>\n  <li>\n    <p>Where possible, I do <a href=\"https:\/\/shellsharks.com\/blogging-methodology#editing--enrichment\">inline linking<\/a> to <em>anything and everything<\/em> I reference both here on this site, and externally. For longer posts, especially those that are particularly \u201creference-ey\u201d, I make use of inline citations[^1], <a href=\"https:\/\/shellsharks.com\/style#table-of-contents\">tables-of-contents<\/a> and references appendices.<\/p>\n  <\/li>\n  <li>\n    <p>My usage of first and second-person is <em>haphazard<\/em>. Sorry about that.<\/p>\n  <\/li>\n  <li>\n    <p>I have many different \u201ctypes\u201d of posts. What they are, and how I use each one is described <a href=\"https:\/\/shellsharks.com\/multiplicity-of-writing\">here<\/a><\/p>\n  <\/li>\n  <li>\n    <p>When referring to another individual on the web, I <em>prefer<\/em> inline-linking to their \u201cAbout\u201d page on their personal website (if they have one). If not, I will fallback to a Fediverse handle link or link to their site\u2019s home page.<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"shellsharks-style-related-resources\">Shellsharks Style-Related Resources<\/h1>\n\n<ul>\n  <li><a href=\"https:\/\/shellsharks.com\/blogging-methodology\">Blogging Methodology<\/a>: My process\/methodology for ideationg, writing and editing.<\/li>\n  <li><a href=\"https:\/\/shellsharks.com\/good-sitekeeping\">Good Sitekeeping<\/a>: Things I like to see on people\u2019s web pages.<\/li>\n  <li><a href=\"https:\/\/shellsharks.com\/why\">Guiding Principles<\/a>: The principles that guide me as I write and build this site.<\/li>\n  <li><a href=\"https:\/\/shellsharks.com\/hyperlink-travel\">Links<\/a>: A love letter to links.<\/li>\n  <li><a href=\"https:\/\/shellsharks.com\/multiplicity-of-writing\">Multiplicity of Writing<\/a>: Describing the different types of post content on this site.<\/li>\n  <li><a href=\"https:\/\/shellsharks.com\/style\">Style page<\/a>: How this site is styled aesthetically.<\/li>\n  <li><a href=\"https:\/\/shellsharks.com\/syndication-strategy\">Syndication Strategy<\/a>: How I syndicate and share content to and from this site.<\/li>\n  <li><a href=\"https:\/\/shellsharks.com\/web-page-annoyances\">Web Page Annoyances<\/a>: Things I don\u2019t do! (and some I do)<\/li>\n  <li><a href=\"https:\/\/shellsharks.com\/writing-mannerisms\">Writing Mannerisms<\/a>: The precursor to this Style Manual, and a place where I\u2019ve documented a number of writing peculiaries\/oddities of mine.<\/li>\n<\/ul>\n\n<p>This guide\/manual was inpsired by the <a href=\"https:\/\/fedran.com\/style-guide\/\">Fedran Style Guide<\/a>.<\/p>\n","pubDate":"Tue, 08 Apr 2025 10:37:00 -0400","link":"https:\/\/shellsharks.com\/manual-of-style","guid":"https:\/\/shellsharks.com\/manual-of-style","category":["life","blogging","indieweb","life","blog"]},{"title":"Travel Adventures","description":"<p>Here\u2019s another <em>Blog Questions Challenge<\/em>. <a href=\"https:\/\/beep.town\/@blog_challenge\/114162794720726554\">This week<\/a>, it\u2019s all about <strong>Travel Adventures<\/strong>!<\/p>\n\n<p>Here are the questions\u2026<\/p>\n\n<ol>\n  <li><a href=\"#silliest-souvenir\">What\u2019s the silliest souvenir you\u2019ve ever brought back from a trip?<\/a><\/li>\n  <li><a href=\"#teleport-for-a-day-trip\">If you could teleport anywhere right now, for a day trip, where would you go?<\/a><\/li>\n  <li><a href=\"#weirdest-food\">What\u2019s the weirdest food you\u2019ve ever tried while traveling?<\/a><\/li>\n  <li><a href=\"#memorable-wrong-turn\">What\u2019s the most memorable \u201cwrong turn\u201d you\u2019ve taken on an adventure?<\/a><\/li>\n<\/ol>\n\n<h1 id=\"silliest-souvenir\">Silliest Souvenir<\/h1>\n\n<p>In 2014 me and my wife went to Costa Rica. We did a lot of travel-by-bus to various excusions and destinations across the country. During those bus rides, I (<em>for whatever reason<\/em>) witnessed an unusual amount of machete-based chopping of vegetation and general plant-related growth on the sides of the rural roads we traveled down. Now this might not be unusual for Costa Rica, but it was for me as a tourist. So <em>naturally<\/em>, I wanted to get a <strong>machete<\/strong> as a souvenir. At the time of purchasing it, I never considered what it would look like, trying to get a huge machete back through customs at the airport\u2026<\/p>\n\n<p>State-side, we got to security and that\u2019s when I remembered my cargo. <em>Sure enough<\/em>, going through security I was asked to come with them to a back room as they had some questions for me. I thought for sure it was because of the machete. But <em>nope<\/em>! They were interested in a <em>different<\/em> souvenir of mine. We had also purchased a \u201crain stick\u201d, which is effectively just a hollow wooden tube filled with small beads. They were really curious (and slightly concerend) about what all those little beads were inside the stick. After a brief explanation though they were satisfied and I was on my way once more. Not even a single mention of the machete. <em>Hah!<\/em><\/p>\n\n<h1 id=\"teleport-for-a-day-trip\">Teleport for a Day Trip<\/h1>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/2025\/otemanu.JPG\" alt=\"Mt. Otemanu\" width=\"500px\" \/><\/p>\n\n<p>That\u2019s me in Bora Bora circa 2016. There\u2019s a <em>very<\/em> non-zero chance that I was thinking about climbing that mountain in this exact moment (<em>in addition to just posing for a super-cool sunset pic<\/em>). If I could teleport to one place for a day to do something, it wound be here, to <strong>hike Bora Bora\u2019s Mount Otemanu<\/strong>. Afterwards, I\u2019d just chill on the beach with a nice beverage and watch the sun set, much like I did in 2016. \ud83c\udfdd\ufe0f \ud83c\udf05<\/p>\n\n<h1 id=\"weirdest-food\">Weirdest Food<\/h1>\n\n<p>In 2013, I went on my first international trip ever. So where does one go on their first trip out of the country? <em>Africa of course<\/em>! Me and my wife went to South Africa\u2014first to Cape Town and then to Kruger National Park for some safari-ing. To this day (<em>and I\u2019ve done a <a href=\"https:\/\/shellsharks.com\/about?about=travel\">fair bit of travel since<\/a><\/em>), I would still say it\u2019s my favorite trip I\u2019ve ever done. One night, while dining out in the city-center of Cape Town, we ordered what I remember as some sort of \u201cexotic meat sampler\u201d. On the resulting plate, we tried a number of interesting South African-native game including Kudu, Crocodile, Springbok and if I\u2019m remembering fully, Zebra. All I really remember about that experience beyond what I tried was that Kudu was delicious, and I was <u>not<\/u> into the croc.<\/p>\n\n<h1 id=\"memorable-wrong-turn\">Memorable Wrong Turn<\/h1>\n\n<p><em>Look<\/em>, my wife is the (trip) planner of the two of us, and she is <em>amazing<\/em> at it. What this means is that our trips are <em>always<\/em> fantastic, we get into a TON of fun activities, and we <em>rarely<\/em> encounter anything you might consider a \u201cwrong turn\u201d. That said, this particlar question made me think of two distinct wrong-turn-esque events\u2026<\/p>\n\n<ul>\n  <li>\n    <p>Once, while driving <em>somewhere<\/em> in Germany we witnessed this little car in front of us try to make too sharp of a turn on a highway on-ramp and completely spin out\u2014like a 360\u00b0 spin. It was wild, and quite scary to witness. A \u201cwrong turn\u201d for that individual to say the least.<\/p>\n  <\/li>\n  <li>\n    <p>The most memorable \u201cwrong turn\u201d for me however occurred when me and my wife were trying to drive back from the national park in Sintra, Portugal to where we were staying in Lisbon. We exited the park into what I imagine was the old-town part of Sintra and ended up on some very tiny streets with extremely narrow passage ways between the buildings and walls of the town. At one point, my wife had to get out of the car and help me narrowly traverse one particularly tight corridor. Our rental was a pretty small car too. Luckily, we made it out without a scratch, <em>literally<\/em>!<\/p>\n  <\/li>\n<\/ul>\n\n<p><em>Thanks for reading!<\/em><\/p>\n","pubDate":"Mon, 17 Mar 2025 14:18:00 -0400","link":"https:\/\/shellsharks.com\/blog-challenge-travel-adventures","guid":"https:\/\/shellsharks.com\/blog-challenge-travel-adventures","category":["life","travel","blogchallenge","life","blog"]},{"title":"Career mistakes I've made","description":"<p><u>A lot<\/u>. Let\u2019s talk about \u2018em\u2026<\/p>\n\n<ul>\n  <li>\n    <p><strong>Not asking questions<\/strong>. <em>Never<\/em> be afraid to ask questions. It doesn\u2019t matter what anyone else thinks, and most of the time, they aren\u2019t going to think what you are worried they might think about you asking a question. It\u2019s an opportunity to learn something and each time you don\u2019t ask the question, you miss out on that opportunity. Don\u2019t let imposter syndrome get to you, don\u2019t let some expectation of what you\u2019re \u201csupposed to know\u201d stop you, don\u2019t be shy. <em>Just do it<\/em>.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Don\u2019t discount the small things<\/strong>. There\u2019s a lot you may learn (or be forced to learn) that you think is \u201cunimportant\u201d or \u201cuninteresting\u201d but in my experience, those things have a way of coming back and being of importance later. The amount of times I\u2019ve had to relearn things is absolutely infuriating.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Take breaks, but don\u2019t let off the gas<\/strong>. <em>Look<\/em>, you don\u2019t want to be burned out, but you don\u2019t want to lose your motivation, your drive, your momentum either. I wonder sometimes where I could be if I had remained focused and really kept my eye on certain goals.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Build a portfolio<\/strong>. I have a portfolio \/ personal website (combined) that I\u2019ve been maintaining <a href=\"https:\/\/shellsharks.com\/notes\/2024\/05\/30\/5-years\">since 2019<\/a>. I graduated <a href=\"https:\/\/shellsharks.com\/training-retrospective#my-education-journey\">college<\/a> and joined the workforce full time in 2010-<em>ish<\/em>. In those 9 years I wish I had that same idea to document my journey, blog about what I\u2019d learned and built a reference for myself over the course of my entire career. It would have been game changing I think.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Focus on the journey, not the destination(s)<\/strong>. Clich\u00e9 maybe, but the wisdom is there I think. I spent too much time trying to get to X job, or Y <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/14\/stop-worrying-about-certification-paths\">certification<\/a>, or Z salary and less time focused on building a skillset brick by brick which would have given me the foundation required to really make it farther.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Take risks<\/strong>, especially earlier in your career. I\u2019m mostly satisfied with my early career moves. But I think I\u2019ve missed some opportunities. Hindsight is always 20\/20 (as they say) but there are a few things I think I regret.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Network<\/strong>. Yea, by this I mean traditional networking across your industry, but more specifically, I mean at your company. Spend the time to cultivate relationships - with your team, with your manager, with your skip, with other \u201cmovers-and-shakers\u201d. Find ways to be impactful for them. I\u2019ve always been terrible at \u201cplaying the game\u201d, so it\u2019s a \u201cmistake\u201d I own to some degree, but I advise others to try a slightly more determined approach.<\/p>\n  <\/li>\n  <li>\n    <p>Being a generalist is fine, but <strong>go deep on SOMETHING<\/strong>, maybe a few things. I wish I had spent more time just diving super deep into one specific domain, rather than getting distracted by every little thing across my entire field. Sure, I\u2019m a perfectly good generalist and have some specialties, but I\u2019m not <em>super<\/em> specialized in anything specific I don\u2019t think.<\/p>\n  <\/li>\n<\/ul>\n\n<p>I\u2019m sure there\u2019s more things, but I\u2019m tapped out. Don\u2019t make all these mistakes! I got time to fix \u2018em though \ud83d\ude03<\/p>\n","pubDate":"Sat, 08 Mar 2025 21:29:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2025\/03\/08\/career-mistakes","guid":"https:\/\/shellsharks.com\/notes\/2025\/03\/08\/career-mistakes","category":["life","career"]},{"title":"This Post is Me Procrastinating","description":"<p>I am <strong>procrastinating<\/strong>. <em>Like<\/em>, right now I\u2019m doing it. I\u2019ve got a <em>ton<\/em> of other more important things to work on - at home, at my job, even for my site. I gotta do taxes for example, *<em>blegh<\/em>*! <em>But<\/em>, I kinda don\u2019t have the energy, or don\u2019t <em>feel like it<\/em>, or just saw something else shiny to work on instead (e.g. this post). I am <em>great<\/em> at procrastinating. World-class even. This site makes for a fantastic vehicle by which I can <em>constructively<\/em> procrastinate. Because you see, it\u2019s not like I\u2019m sittin\u2019 around doin\u2019 <u>nothing<\/u>. I\u2019m creating! I\u2019m working on my site. Yeah, I\u2019m procrastinating, <em>sure<\/em>. But what comes out of it all is something I\u2019m proud of. So it\u2019s completely justified right? I\u2019m sure you\u2019re nodding your head right now in agreement, and I appreciate that.<\/p>\n\n<p><i class=\"ph ph-music-note-simple\"><\/i> <em>Hum-dee-dum-dee-dooooo<\/em> <i class=\"ph ph-music-note-simple\"><\/i><\/p>\n\n<p>* <em>spins around in swivelly chair<\/em> *<\/p>\n\n<p>What else can I yap about here instead of just publishing this and moving on to my <em>actual<\/em> to-do list? <em>Hrmmm<\/em>\u2026<\/p>\n\n<p><em>I\u2019m kinda hungry<\/em>. Let me do a web search for \u201ceating procrastinating\u201d. <em>Oh look at that<\/em>! I just learned about the term \u201c<a href=\"https:\/\/www.today.com\/health\/procrastineating-how-fix-snack-habit-thats-hurting-you-1d80331013\">procrastineating<\/a>\u201d. This is <u>perfect<\/u> for me right now.<\/p>\n\n<p>* <em>stomach audibly grumbles<\/em> *<\/p>\n\n<p><em>OK, I\u2019ma go<\/em> - make myself a li\u2019l snacky-snack. When I get back down to my office I\u2019m <u>totally<\/u> goin\u2019 to get right into the stuff I need to do. \ud83d\ude09<\/p>\n","pubDate":"Fri, 07 Mar 2025 10:38:00 -0500","link":"https:\/\/shellsharks.com\/i-am-procrastinating","guid":"https:\/\/shellsharks.com\/i-am-procrastinating","category":["life","life","blog"]},{"title":"Guiding Principles","description":"<p>Documented below are the <strong>guiding principles<\/strong> by which I approach how I work on, and write for <span class=\"shellsharks-com\">shellsharks<\/span>. These tenets are foundational across my site and are core to who I am as a <a href=\"https:\/\/shellsharks.com\/humans.txt\">human<\/a>.<\/p>\n\n<ul>\n  <li>My site is meant to be <strong>fun<\/strong>\u2014for me, and for whomever comes here.<\/li>\n  <li>So I purposefully imbue this site with an unapologetic <strong><a href=\"https:\/\/shellsharks.com\/good-sitekeeping#whimsy\">whimsy<\/a><\/strong>.<\/li>\n  <li>It\u2019s a place to be <strong>uniquely me<\/strong>\u2014my <a href=\"https:\/\/shellsharks.com\/style\">aesthetic<\/a>, my writing <a href=\"https:\/\/shellsharks.com\/writing-mannerisms\">style<\/a>, my <a href=\"https:\/\/shellsharks.com\/devlog\/build-then-smile#the-artwork\">art<\/a>, my topics.<\/li>\n  <li>I don\u2019t box myself in <strong>creatively<\/strong>. I am free to write across all genres. It\u2019s been <u>Infosec<\/u>, <u>Technology<\/u>, and <u>Life<\/u>-in-general from the beginning.<\/li>\n  <li>It is a place for me to <strong>learn<\/strong>, to <strong>teach<\/strong>, to \u201cpay it forward\u201d.<\/li>\n  <li>I write with a <strong>beginners mindset<\/strong>. I want what I write to be a <strong>reference for myself<\/strong> and available to be consumed by all.<\/li>\n  <li>Every page is a living document, I always reserve the right to <strong>change my mind<\/strong>, or add new content.<\/li>\n  <li>It is a way for me to <strong>connect<\/strong>\u2014to be a part of, and build <strong>community<\/strong>.<\/li>\n  <li>Shellsharks is a central, canonical <a href=\"https:\/\/shellsharks.com\/verify\">point of presence<\/a> for myself on the web. <b>I <i>am<\/i> <span class=\"shellsharks-com\">shellsharks<\/span><\/b>.<\/li>\n<\/ul>\n\n<p>Thanks to <a href=\"https:\/\/tracydurnell.com\/2025\/01\/21\/guiding-principles-for-my-website\/\">Tracy<\/a> and <a href=\"https:\/\/jamesg.blog\/2025\/03\/05\/philosophy-of-james-coffee-blog\">James<\/a> for inspiring this write-up.<\/p>\n\n<p>This is a <a href=\"https:\/\/www.miriamsuzanne.com\/2024\/07\/02\/slash-why\/\">\/why<\/a> page.<\/p>\n","pubDate":"Thu, 06 Mar 2025 08:56:00 -0500","link":"https:\/\/shellsharks.com\/why","guid":"https:\/\/shellsharks.com\/why","category":["life","blogging","shellsharks","life","blog","slashpage"]},{"title":"Writing Mannerisms","description":"<p>I enjoy writing, it\u2019s why I have this blog. But my style is <em>far from perfect<\/em> in the technical sense. I\u2019m <em>very<\/em> aware of the many interesting and possibly unique writing quirks and habits I have. <em>So<\/em>, here I reflect on and catalog those distinct <strong>writing mannerisms<\/strong>.<\/p>\n\n<ul>\n  <li>\n    <p>I think my most prevalent (bad) habit is <strong>run-on sentences<\/strong>, they are everywhere! I consider my style of writing to be very <em>conversational<\/em> in its cadence, and in this way it tends to mirror my speech in many respects, and I\u2019ve been known to be a bit of a <em>looooong<\/em>-talker.<\/p>\n  <\/li>\n  <li>\n    <p><em>Alright<\/em>, I\u2019ve mentioned that my writing is very <em>conversational<\/em>. In this vein, I use a lot of <strong>linguistic affects<\/strong> like \u201c<em>ok<\/em>\u201d, \u201c<em>right<\/em>\u201d, \u201c<em>alright<\/em>\u201d, \u201c<em>so<\/em>\u201d, etc\u2026 I tend to use these at the beginning of sentences.<\/p>\n  <\/li>\n  <li>\n    <p>I like to use <strong>hyphens<\/strong> (\u201c <strong>-<\/strong> \u201c) to bridge two sentences together - joining separate, but related ideas or thoughts together in a way that a standard period doesn\u2019t seem suited for and where a comma just wouldn\u2019t supply the correct tempo to.<\/p>\n  <\/li>\n  <li>\n    <p>I <em>really<\/em> use a lot of <strong>font styles<\/strong>, e.g. <em>italicizing<\/em>, <u>underlining<\/u> and <strong>bolding<\/strong>. I\u2019d describe my methodology for employing these styles as very <u>vibes-based<\/u>, with no real strict convention. This said, <em>italics<\/em> are generally reserved as a way for me to emphasize words as I would do if I was actually <em>speaking<\/em> them in conversation. <strong>Bolded<\/strong> terms are meant to <strong>highlight<\/strong> the main point or topic of a paragraph \/ section. More recently, I\u2019ve also started <u>underlining<\/u> things and don\u2019t really have a specific usecase for when I typically deploy it.<\/p>\n  <\/li>\n  <li>\n    <p>I <strong><a href=\"https:\/\/shellsharks.com\/hyperlink-travel\">love links<\/a><\/strong>. I spend <a href=\"https:\/\/shellsharks.com\/blogging-methodology#editing--enrichment\">a lot of time<\/a> linking out to things locally within a page (to a section anchor for example), internally to my site as well as externally across the web. These links are typically <em>inline<\/em>, rather than explicit URLs or list(s) of references.<\/p>\n  <\/li>\n  <li>\n    <p>My life is very list-driven, the way I think is often very list-based, and so it follows that my writing features <em>a lot<\/em> of <strong>lists<\/strong>. This blog post is <em>essentially<\/em> one big list!<\/p>\n  <\/li>\n  <li>\n    <p>I do a lot of <strong>parenthetical asides<\/strong>. For whatever reason, I very-frequently (<em>and am literally going to do it right here<\/em>) inject my own commentary and bonus context smack-dab in the middle of my sentences. When doing so, I tend to italicize the aside \ud83e\udd37\u200d\u2642\ufe0f.<\/p>\n  <\/li>\n  <li>\n    <p>This one really bugs me - I have the annoying habit of using \u201c<strong>it\u2019s<\/strong>\u201d when I just need to say \u201c<strong>its<\/strong>\u201d. This site has seen it since it\u2019s inception\u2026<\/p>\n  <\/li>\n  <li>\n    <p>I\u2019m too often unsure of whether I should use the word \u201c<strong>their<\/strong>\u201d or \u201c<strong>there<\/strong>\u201d. (But don\u2019t worry, I\u2019m <em>good<\/em> on when to use \u201c<strong>they\u2019re<\/strong>\u201d \ud83d\ude04). There\u2019s (\u2b05\ufe0f <em>this one right?<\/em>) gotta be a way to easily remember which to use\u2026<\/p>\n  <\/li>\n  <li>\n    <p>I use a lot of <strong>e.g.<\/strong>\u2019s and <strong>i.e.<\/strong>\u2019s (<em>I\u2019m sure incorrectly in many cases<\/em>) and though I\u2019ve looked up their meanings many-a-time (e.g. <a href=\"https:\/\/www.grammarly.com\/blog\/acronyms-abbreviations\/i-e-vs-e-g\/\">literally as I write this<\/a>) I always seem to forget the distinction shortly after (i.e. I often can\u2019t remember even after <em>just<\/em> reading the definitions of the two terms). <em>So<\/em>, for current and future me, <strong>e.g.<\/strong> stands for \u201cexempli gratia\u201d <em>or<\/em> \u201cfor example\u201d and <strong>i.e.<\/strong> stands for \u201cid est\u201d which means \u201cin other words\u201d. <em>SMUSH IT INTO YOUR BRAIN~!!<\/em><\/p>\n  <\/li>\n  <li>\n    <p>HTML supports <em>6<\/em> <strong><a href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTML\/Element\/Heading_Elements\">Section Heading<\/a><\/strong> elements, <code class=\"language-plaintext highlighter-rouge\">h1<\/code> through <code class=\"language-plaintext highlighter-rouge\">h6<\/code>. I\u2019m somewhat inconsistent in how I deploy them in my posts, it\u2019s all very <em>vibes-ey<\/em>. I\u2019d say most of the time I stick with a standard <code class=\"language-plaintext highlighter-rouge\">h1<\/code> for main sections across the site, but sometimes I\u2019ll just start with <code class=\"language-plaintext highlighter-rouge\">h2<\/code> instead, with no <code class=\"language-plaintext highlighter-rouge\">h1<\/code> as a parent section at all. Best I can explain is that sometimes I feel a post might not \u201cdeserve\u201d a section capitalized by the largest header? I suspect this particular quirk is often seen across my short-form <a href=\"https:\/\/shellsharks.com\/notebook\">notes<\/a>.<\/p>\n  <\/li>\n  <li>\n    <p>I\u2019m super inconsistent about grammatically sticking to <strong>first-person<\/strong> or <strong>second-person<\/strong>. You\u2019ll notice this quite often I\u2019m sure.<\/p>\n  <\/li>\n  <li>\n    <p>Rather than just ending a paragraph or section gracefully with a period, I\u2019ll often just end it with a nice set of <strong>ellipsis<\/strong>. Usually this denotes that the next section, paragraph, list, image, or whatever is directly related to what I was <em>just<\/em> talking about. Like with many of my writing peculiarties, I\u2019m sure it\u2019s not being used correctly\u2026<\/p>\n  <\/li>\n  <li>\n    <p>Though I think I\u2019ve started to improve on this, my blog posts (and <a href=\"https:\/\/shellsharks.com\/multiplicity-of-writing\">other content<\/a>) has never employed a large amount of <strong>pictures<\/strong> or <strong>graphics<\/strong>. The reason for this is simple - there\u2019s quite a bit of overhead to add images to posts within my static site generator <a href=\"https:\/\/shellsharks.com\/blogging-from-ipad#workflow\">workflow<\/a>.<\/p>\n  <\/li>\n  <li>\n    <p>Mirrorin\u2019 my own in-speech linguistic tendencies once more, I do a lot of \u201c<strong>G-dropping<\/strong>\u201d, i.e. when a the \u2018g\u2019 is dropped in words that end in \u2018-ing\u2019. So in other words, I do a lot of <em>G-droppin\u2019<\/em>. (You\u2019ll notice here that I almost always add that li\u2019l apostrophe when I do a <em>G-drop<\/em>.)<\/p>\n  <\/li>\n  <li>\n    <p><strong>Emojis<\/strong>. Another <em>more recent<\/em> addition to my writing flare, I like to add a bit of evocation to my prose \ud83d\ude0e.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Text walls<\/strong> \/ monolithic paragraphs are a staple of <span class=\"shellsharks-com\">shellsharks.com<\/span>. Honestly, I\u2019ll admit that I really don\u2019t know when to break paragraphs up sometimes. I apologize to your eyeballs.<\/p>\n  <\/li>\n  <li>\n    <p>I\u2019ll repeat, I <em>love<\/em> writing and really enjoy <a href=\"https:\/\/shellsharks.com\/notes\/2025\/01\/28\/tinkering-with-the-site-again\">tinkering<\/a> around on this site. I\u2019m passionate about this stuff, so I tend to get real excited and do a lot of <strong>exclamation points<\/strong>!<\/p>\n  <\/li>\n  <li>\n    <p>In reading this, or any of my other posts, would you say the tone is \u201c<em>conversational<\/em>\u201d? I try to use a lot of <strong>questions<\/strong> like these in my writing to help make it so.<\/p>\n  <\/li>\n<\/ul>\n\n<p>That\u2019s it for now! A lot of these call-outs are <em>stylistic<\/em> choices, while others are admittedly just bad habits or writing deficiencies that over time I\u2019d like to eradicate. Thanks for sticking with me through all of \u2018em!<\/p>\n","pubDate":"Wed, 05 Mar 2025 23:14:00 -0500","link":"https:\/\/shellsharks.com\/writing-mannerisms","guid":"https:\/\/shellsharks.com\/writing-mannerisms","category":["life","blogging","life","blog"]},{"title":"Blog Questions Challenge: Movies","description":"<p>Taking on the <a href=\"https:\/\/beep.town\/@blog_challenge\">Blog Questions Challenge Bot<\/a>\u2019s challenge about <strong><a href=\"https:\/\/beep.town\/@blog_challenge\/114099263407801474\">Movies<\/a><\/strong>, which asks these <em>four<\/em> questions\u2026<\/p>\n\n<ul>\n  <li><a href=\"#whats-a-movie-you-can-practically-quote-from-start-to-finish\">What\u2019s a movie you can practically quote from start to finish?<\/a><\/li>\n  <li><a href=\"#if-you-could-live-in-any-movie-universe-which-would-you-choose\">If you could live in any movie universe, which would you choose?<\/a><\/li>\n  <li><a href=\"#whats-the-most-ridiculous-movie-plot-youve-ever-seen\">What\u2019s the most ridiculous movie plot you\u2019ve ever seen?<\/a><\/li>\n  <li><a href=\"#what-movie-snack-is-an-absolute-must-have-for-you\">What movie snack is an absolute must-have for you?<\/a><\/li>\n<\/ul>\n\n<hr class=\"fin\" \/>\n\n<h1 id=\"whats-a-movie-you-can-practically-quote-from-start-to-finish\">What\u2019s a movie you can practically quote from start to finish?<\/h1>\n\n<p><strong>Gladiator<\/strong>. I\u2019ve seen this movie countless times, and have been watching it nigh continuously for decades. Look, it\u2019s my <a href=\"https:\/\/shellsharks.com\/notes\/2024\/05\/05\/favorite-movies\">favorite movie<\/a>, so yeah I might be biased, but Gladiator has an endless pool of quotable scenes, it\u2019s just crazy\u2026<\/p>\n\n<blockquote>\n  <p>My name is Maximus Decimus Meridius, commander of the Armies of the North, General of the Felix Legions and loyal servant to the TRUE emperor, Marcus Aurelius. Father to a murdered son, husband to a murdered wife. And I will have my vengeance, in this life or the next.<\/p>\n<\/blockquote>\n\n<blockquote>\n  <p>Hold the line! Stay with me! If you find yourself alone, riding in the green fields with the sun on your face, do not be troubled. For you are in Elysium, and you\u2019re already dead! <a href=\"https:\/\/shellsharks.com\/notes\/2022\/11\/17\/gladiator\"><i class=\"ph ph-mastodon-logo\"><\/i><\/a><\/p>\n<\/blockquote>\n\n<blockquote>\n  <p>At my signal, unleash hell.<\/p>\n<\/blockquote>\n\n<blockquote>\n  <p>I search the faces of the gods\u2026 for ways to please you, to make you proud. One kind word, one full hug\u2026 where you pressed me to your chest and held me tight. Would have been like the sun on my heart for a thousand years. What is it in me that you hate so much?<\/p>\n<\/blockquote>\n\n<blockquote>\n  <p>Marcus Aurelius is dead, Maximus. We mortals are but shadows and dust. Shadows and dust, Maximus!<\/p>\n<\/blockquote>\n\n<blockquote>\n  <p>It vexes me. I\u2019m terribly vexed.<\/p>\n<\/blockquote>\n\n<blockquote>\n  <p>Are you not entertained? Are you not entertained? Is this not why you are here?<\/p>\n<\/blockquote>\n\n<h1 id=\"if-you-could-live-in-any-movie-universe-which-would-you-choose\">If you could live in any movie universe, which would you choose?<\/h1>\n\n<p><strong>Harry Potter<\/strong>, but only if I can actually be a Wizard \/ non-muggle. Sure, there\u2019s some bad stuff that goes on, y\u2019know, in the whole <em>he-who-must-not-be-named<\/em> department, but otherwise it <em>literally<\/em> seems pretty magical to be in that universe (again, as a Wizard of course). Apparating, morphing (transfiguring) into various animals, crafting potions and generally casting a wide variety of charms and enchantments seems super fun right? I think if I had to choose a specialization, I\u2019d go with <a href=\"https:\/\/harrypotter.fandom.com\/wiki\/Hogwarts_subjects#Charms\">Charms<\/a>, as that seems like the classic spell-casting class that isn\u2019t specifically dedicated to \u201ccombat\u201d in the way \u201cDefense Against the Dark Arts\u201d is. Though I do love me a good <a href=\"https:\/\/nwn.fandom.com\/wiki\/Magic_missile\">magic missile<\/a>\u2026<\/p>\n\n<p>Alas, I don\u2019t live in the Harry Potter universe, (or I do and am just a muggle) but at least I have <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/05\/security-is-magic\">cybersecurity<\/a>.<\/p>\n\n<h1 id=\"whats-the-most-ridiculous-movie-plot-youve-ever-seen\">What\u2019s the most ridiculous movie plot you\u2019ve ever seen?<\/h1>\n\n<p>I might have to come back to this one later after I have time to really sit and think through the movies I\u2019ve seen to pick out the one that <em>really<\/em> has the wildest plot\u2026 but for now I\u2019ll just share what came to my mind <em>first<\/em>\u2026<\/p>\n\n<p><strong><a href=\"https:\/\/www.imdb.com\/title\/tt0288477\/\">Ghost Ship<\/a><\/strong>. It\u2019s not entirely ridiculous, at least in my opinion, but it does have a pretty wild scene (if you\u2019ve seen it, you know what I\u2019m talking about), and the rest of the movie is just kinda ridiculous in its own ways.<\/p>\n\n<p>Who knows, I\u2019ll probably come amend this in a few days after I have a chance to really think about it\u2026<\/p>\n\n<h1 id=\"what-movie-snack-is-an-absolute-must-have-for-you\">What movie snack is an absolute must-have for you?<\/h1>\n\n<p><strong>Twizzlers<\/strong> are my go-to movie snack. A close second would be Sour Punch Straws, with good ol\u2019 fashioned, heavily-buttered, popcorn taking the third spot.<\/p>\n","pubDate":"Wed, 05 Mar 2025 01:34:00 -0500","link":"https:\/\/shellsharks.com\/movies-questions-challenge","guid":"https:\/\/shellsharks.com\/movies-questions-challenge","category":["life","movies","challenge","life","blog"]},{"title":"Blog Questions Challenge: TV Shows","description":"<p>Blog question challenge is back! This time, it\u2019s all about <strong><a href=\"#blog-questions-challenge---tv-shows\">TV Shows<\/a><\/strong>.<\/p>\n\n<p><em>But first<\/em>, how did we get here?<\/p>\n\n<p><em>Well<\/em>, I <a href=\"https:\/\/shellsharks.social\/@shellsharks\/114031614057050564\">asked the Fediverse<\/a>\u2026<\/p>\n\n<blockquote class=\"mastodon-embed\" data-embed-url=\"https:\/\/shellsharks.social\/@shellsharks\/114031614057050564\/embed\" style=\"background: #FCF8FF; border-radius: 8px; border: 1px solid #C9C4DA; margin: 0; max-width: 540px; min-width: 270px; overflow: hidden; padding: 0;\"> <a href=\"https:\/\/shellsharks.social\/@shellsharks\/114031614057050564\" target=\"_blank\" style=\"align-items: center; color: #1C1A25; display: flex; flex-direction: column; font-family: system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Oxygen, Ubuntu, Cantarell, 'Fira Sans', 'Droid Sans', 'Helvetica Neue', Roboto, sans-serif; font-size: 14px; justify-content: center; letter-spacing: 0.25px; line-height: 20px; padding: 24px; text-decoration: none;\"> <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" width=\"32\" height=\"32\" viewBox=\"0 0 79 75\"><path d=\"M74.7135 16.6043C73.6199 8.54587 66.5351 2.19527 58.1366 0.964691C56.7196 0.756754 51.351 0 38.9148 0H38.822C26.3824 0 23.7135 0.756754 22.2966 0.964691C14.1319 2.16118 6.67571 7.86752 4.86669 16.0214C3.99657 20.0369 3.90371 24.4888 4.06535 28.5726C4.29578 34.4289 4.34049 40.275 4.877 46.1075C5.24791 49.9817 5.89495 53.8251 6.81328 57.6088C8.53288 64.5968 15.4938 70.4122 22.3138 72.7848C29.6155 75.259 37.468 75.6697 44.9919 73.971C45.8196 73.7801 46.6381 73.5586 47.4475 73.3063C49.2737 72.7302 51.4164 72.086 52.9915 70.9542C53.0131 70.9384 53.0308 70.9178 53.0433 70.8942C53.0558 70.8706 53.0628 70.8445 53.0637 70.8179V65.1661C53.0634 65.1412 53.0574 65.1167 53.0462 65.0944C53.035 65.0721 53.0189 65.0525 52.9992 65.0371C52.9794 65.0218 52.9564 65.011 52.9318 65.0056C52.9073 65.0002 52.8819 65.0003 52.8574 65.0059C48.0369 66.1472 43.0971 66.7193 38.141 66.7103C29.6118 66.7103 27.3178 62.6981 26.6609 61.0278C26.1329 59.5842 25.7976 58.0784 25.6636 56.5486C25.6622 56.5229 25.667 56.4973 25.6775 56.4738C25.688 56.4502 25.7039 56.4295 25.724 56.4132C25.7441 56.397 25.7678 56.3856 25.7931 56.3801C25.8185 56.3746 25.8448 56.3751 25.8699 56.3816C30.6101 57.5151 35.4693 58.0873 40.3455 58.086C41.5183 58.086 42.6876 58.086 43.8604 58.0553C48.7647 57.919 53.9339 57.6701 58.7591 56.7361C58.8794 56.7123 58.9998 56.6918 59.103 56.6611C66.7139 55.2124 73.9569 50.665 74.6929 39.1501C74.7204 38.6967 74.7892 34.4016 74.7892 33.9312C74.7926 32.3325 75.3085 22.5901 74.7135 16.6043ZM62.9996 45.3371H54.9966V25.9069C54.9966 21.8163 53.277 19.7302 49.7793 19.7302C45.9343 19.7302 44.0083 22.1981 44.0083 27.0727V37.7082H36.0534V27.0727C36.0534 22.1981 34.124 19.7302 30.279 19.7302C26.8019 19.7302 25.0651 21.8163 25.0617 25.9069V45.3371H17.0656V25.3172C17.0656 21.2266 18.1191 17.9769 20.2262 15.568C22.3998 13.1648 25.2509 11.9308 28.7898 11.9308C32.8859 11.9308 35.9812 13.492 38.0447 16.6111L40.036 19.9245L42.0308 16.6111C44.0943 13.492 47.1896 11.9308 51.2788 11.9308C54.8143 11.9308 57.6654 13.1648 59.8459 15.568C61.9529 17.9746 63.0065 21.2243 63.0065 25.3172L62.9996 45.3371Z\" fill=\"currentColor\" \/><\/svg> <div style=\"color: #787588; margin-top: 16px;\">Post by @shellsharks@shellsharks.social<\/div> <div style=\"font-weight: 500;\">View on Mastodon<\/div> <\/a> <\/blockquote>\n<script data-allowed-prefixes=\"https:\/\/shellsharks.social\/\" async=\"\" src=\"https:\/\/shellsharks.social\/embed.js\"><\/script>\n<p><br \/><\/p>\n\n<p>\u2026and the Fediverse (<em>or more specifically, <a href=\"https:\/\/dmv.community\/@jcrabapple\">Jcrabapple<\/a><\/em>) <a href=\"https:\/\/dmv.community\/@jcrabapple\/114032659211378760\">responded<\/a>!<\/p>\n\n<blockquote class=\"mastodon-embed\" data-embed-url=\"https:\/\/dmv.community\/@jcrabapple\/114032659211378760\/embed\" style=\"background: #FCF8FF; border-radius: 8px; border: 1px solid #C9C4DA; margin: 0; max-width: 540px; min-width: 270px; overflow: hidden; padding: 0;\"> <a href=\"https:\/\/dmv.community\/@jcrabapple\/114032659211378760\" target=\"_blank\" style=\"align-items: center; color: #1C1A25; display: flex; flex-direction: column; font-family: system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Oxygen, Ubuntu, Cantarell, 'Fira Sans', 'Droid Sans', 'Helvetica Neue', Roboto, sans-serif; font-size: 14px; justify-content: center; letter-spacing: 0.25px; line-height: 20px; padding: 24px; text-decoration: none;\"> <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" width=\"32\" height=\"32\" viewBox=\"0 0 79 75\"><path d=\"M74.7135 16.6043C73.6199 8.54587 66.5351 2.19527 58.1366 0.964691C56.7196 0.756754 51.351 0 38.9148 0H38.822C26.3824 0 23.7135 0.756754 22.2966 0.964691C14.1319 2.16118 6.67571 7.86752 4.86669 16.0214C3.99657 20.0369 3.90371 24.4888 4.06535 28.5726C4.29578 34.4289 4.34049 40.275 4.877 46.1075C5.24791 49.9817 5.89495 53.8251 6.81328 57.6088C8.53288 64.5968 15.4938 70.4122 22.3138 72.7848C29.6155 75.259 37.468 75.6697 44.9919 73.971C45.8196 73.7801 46.6381 73.5586 47.4475 73.3063C49.2737 72.7302 51.4164 72.086 52.9915 70.9542C53.0131 70.9384 53.0308 70.9178 53.0433 70.8942C53.0558 70.8706 53.0628 70.8445 53.0637 70.8179V65.1661C53.0634 65.1412 53.0574 65.1167 53.0462 65.0944C53.035 65.0721 53.0189 65.0525 52.9992 65.0371C52.9794 65.0218 52.9564 65.011 52.9318 65.0056C52.9073 65.0002 52.8819 65.0003 52.8574 65.0059C48.0369 66.1472 43.0971 66.7193 38.141 66.7103C29.6118 66.7103 27.3178 62.6981 26.6609 61.0278C26.1329 59.5842 25.7976 58.0784 25.6636 56.5486C25.6622 56.5229 25.667 56.4973 25.6775 56.4738C25.688 56.4502 25.7039 56.4295 25.724 56.4132C25.7441 56.397 25.7678 56.3856 25.7931 56.3801C25.8185 56.3746 25.8448 56.3751 25.8699 56.3816C30.6101 57.5151 35.4693 58.0873 40.3455 58.086C41.5183 58.086 42.6876 58.086 43.8604 58.0553C48.7647 57.919 53.9339 57.6701 58.7591 56.7361C58.8794 56.7123 58.9998 56.6918 59.103 56.6611C66.7139 55.2124 73.9569 50.665 74.6929 39.1501C74.7204 38.6967 74.7892 34.4016 74.7892 33.9312C74.7926 32.3325 75.3085 22.5901 74.7135 16.6043ZM62.9996 45.3371H54.9966V25.9069C54.9966 21.8163 53.277 19.7302 49.7793 19.7302C45.9343 19.7302 44.0083 22.1981 44.0083 27.0727V37.7082H36.0534V27.0727C36.0534 22.1981 34.124 19.7302 30.279 19.7302C26.8019 19.7302 25.0651 21.8163 25.0617 25.9069V45.3371H17.0656V25.3172C17.0656 21.2266 18.1191 17.9769 20.2262 15.568C22.3998 13.1648 25.2509 11.9308 28.7898 11.9308C32.8859 11.9308 35.9812 13.492 38.0447 16.6111L40.036 19.9245L42.0308 16.6111C44.0943 13.492 47.1896 11.9308 51.2788 11.9308C54.8143 11.9308 57.6654 13.1648 59.8459 15.568C61.9529 17.9746 63.0065 21.2243 63.0065 25.3172L62.9996 45.3371Z\" fill=\"currentColor\" \/><\/svg> <div style=\"color: #787588; margin-top: 16px;\">Post by @jcrabapple@dmv.community<\/div> <div style=\"font-weight: 500;\">View on Mastodon<\/div> <\/a> <\/blockquote>\n<script data-allowed-prefixes=\"https:\/\/dmv.community\/\" async=\"\" src=\"https:\/\/dmv.community\/embed.js\"><\/script>\n<p><br \/><\/p>\n\n<p>You can follow <a href=\"https:\/\/beep.town\/@blog_challenge\">blog_challenge@beep.town<\/a> to get future posts about blog challenges! Thanks <a href=\"https:\/\/cool-as-heck.blog\/blog-questions-challenge-tv-shows\/\">Jcrabapple<\/a>!<\/p>\n\n<h1 id=\"blog-questions-challenge---tv-shows\">Blog Questions Challenge - \u201cTV Shows\u201d<\/h1>\n\n<p><a href=\"https:\/\/beep.town\/@blog_challenge\/114032585553571824\">This week\u2019s<\/a> <em>Blog Questions Challenge<\/em> is \u201c<strong>TV Shows<\/strong>\u201d. Here are the questions\u2026<\/p>\n\n<ol>\n  <li>What TV character from a beloved show do you wish you could be best friends with in real life? [<a href=\"#tv-friend\">GO<\/a>]<\/li>\n  <li>If you could binge-watch an entire series again for the first time, which one would you choose and why? [<a href=\"#re-watch-a-show-for-the-first-time\">GO<\/a>]<\/li>\n  <li>Name a TV show that changed your perspective on the world or taught you something valuable. [<a href=\"#tv-show-that-taught-me-something\">GO<\/a>]<\/li>\n  <li>\u2026and one <strong>extra bonus question<\/strong>, <em>how exciting<\/em>! [<a href=\"#bonus-tv-show-i-would-like-more-of\">GO<\/a>]<\/li>\n<\/ol>\n\n<h2 id=\"tv-friend\">TV Friend<\/h2>\n\n<p>I\u2019m goin\u2019 <strong><a href=\"https:\/\/scrubs.fandom.com\/wiki\/Christopher_Turk\">Chris Turk<\/a><\/strong> from <a href=\"https:\/\/www.imdb.com\/title\/tt0285403\/\">Scrubs<\/a>. <em>What\u2019s not to like?!<\/em> Incredibly funny, would definitely play basketball with me, can help me with my various foot injuries, and is a fiercely loyal friend. <em>Easy choice<\/em>.<\/p>\n\n<h2 id=\"re-watch-a-show-for-the-first-time\">Re-watch a show for the first time<\/h2>\n\n<p>Truthfully, my first thought here was Scrubs, <em>hah<\/em>! It\u2019s probably my favorite show of all time. But <em>honestly<\/em>, it\u2019s as enjoyable rewatching for the <em>nth<\/em> time as it was the first time, so that won\u2019t be my choice.<\/p>\n\n<p><em>Instead<\/em>, I\u2019m going to go with <strong><a href=\"https:\/\/www.imdb.com\/title\/tt0773262\/\">Dexter<\/a><\/strong>. <em>Look<\/em>, the entire show wasn\u2019t perfect, but a lot of those seasons were amazing. I\u2019m normally a sci-fi, or fantasy, or comedy-type of TV show-watcher, but something about this show I found very compelling and perfectly suspenseful.<\/p>\n\n<h2 id=\"tv-show-that-taught-me-something\">TV show that taught me something<\/h2>\n\n<p>This was a tough one for me. A lot of the TV shows I watch are (as I mentioned earlier) in the Sci-Fi, Fantasy or Comedy realms. Not that those can\u2019t have teaching or world-perspective-changing qualities, but it\u2019s just not what I am looking for when I seek the escape of TV.<\/p>\n\n<p>I do have an answer though, and <em>it\u2019s kinda funny<\/em>\u2026 <strong>Scrubs<\/strong>! Maybe it\u2019s because I\u2019ve watched that series so many times, but I actually learned a fair bit about medical \/ doctor \/ hospital <em>stuff<\/em> from that show. And I know a lot of it <em>is real<\/em> as I have many friends\/family members who are doctors who have said that things in that show are actually pretty on-point.<\/p>\n\n<h2 id=\"bonus-tv-show-i-would-like-more-of\">BONUS: TV show I would like more of<\/h2>\n\n<p>As a bonus, I\u2019m adding an extra TV show question. The question is \u201c<em>Which TV show do you wish had more episodes\/seasons<\/em>\u201d.<\/p>\n\n<p>Now this is a <em>gooooood<\/em> one. As there are so many TV shows I\u2019d like <em>moooarrr<\/em> of. I love <a href=\"https:\/\/www.imdb.com\/title\/tt9253284\/\">Andor<\/a> and <a href=\"https:\/\/www.imdb.com\/title\/tt7631058\/\">Rings of Power<\/a>, but both of those shows are already set to come back and, give us more. So instead, I\u2019m going to choose <strong><a href=\"https:\/\/www.imdb.com\/title\/tt2934286\/\">Halo<\/a><\/strong>. <em>I know, I know<\/em>. Halo wasn\u2019t the <em>best<\/em> show across its two seasons, but I thought it was <strong>pretty good<\/strong>. I was a Halo super-fan back in the day (<em>and very good if I do say so myself<\/em>). I think that universe, and that story, has SO MUCH to offer, and would love to see it entirely explored.<\/p>\n\n<p><em>Thanks for reading!<\/em><\/p>\n","pubDate":"Fri, 21 Feb 2025 00:18:00 -0500","link":"https:\/\/shellsharks.com\/blog-challenge-tv-questions","guid":"https:\/\/shellsharks.com\/blog-challenge-tv-questions","category":["life","tv","blogchallenge","life","blog"]},{"title":"Kindness","description":"<p>A lot of people worry that <a href=\"https:\/\/shellsharks.com\/notes\/2024\/03\/13\/you-have-something-to-say-someone-will-listen\">no one will read their blog<\/a>. I did too. But it turns out, not only did people find and read what I had to say, but they were nice enough to tell me they liked it too. This post is all about that. <strong>Kindness<\/strong>. I\u2019m very appreciative of everyone who has taken the time to reach out and let me know they liked something they saw on my site. Thank you! \ud83e\udde1<\/p>\n\n<p>Below is just a log of nice things people have reached out to me and said. Some days, when I don\u2019t feel like writing, or I\u2019m just bummed about the world, maybe I can come here and remember everyone who I\u2019ve helped in some small way and use it as motivation.<\/p>\n\n<p>If there\u2019s something, or someone you appreicate out there, just send \u2018em a message! I\u2019m sure it will mean a lot to them.<\/p>\n\n<hr width=\"66%\" \/>\n\n<p>From Andrew (<em>3\/9\/26<\/em>)<\/p>\n<blockquote>\n  <p>Hello Mike! I was looking at examples for personal portfolios for cybersecurity, and I came across yours in a reddit and let\u2019s just say I am very impressed with it. I thought mine was decent, but I saw yours and realized there are levels to this. I will definitely be using it as an inspiration to continue to build mine.<\/p>\n<\/blockquote>\n\n<p>From Paul (<em>3\/7\/26<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael, I recently came across your Threat Modeling Field Guide, and it really helped me deepen my understanding of threat modeling. Thanks for creating it!<\/p>\n<\/blockquote>\n\n<p>From Roel (<em>2\/20\/26<\/em>)<\/p>\n<blockquote>\n  <p>Just wanted to say I really enjoy reading your scrolls. Love the positive vibes, curiosity and enjoyment of the (indie)web in these dark times. I hope you enjoy writing them as much as I enjoy reading them.<\/p>\n<\/blockquote>\n\n<p>From Ana (<em>2\/4\/26<\/em>)<\/p>\n<blockquote>\n  <p>Hey! I found your website, and you provide great advice for those who want to go into appsec. Thanks for that!<\/p>\n<\/blockquote>\n\n<p>From Eduard (<em>11\/12\/25<\/em>)<\/p>\n<blockquote>\n  <p>Hey Michael! I came across a Reddit post and found your blog. Spent almost 2 hours reading your stuff and the resources you recommend. Thanks for all the awesome work you share!<\/p>\n<\/blockquote>\n\n<p>From David (<em>10\/14\/25<\/em>)<\/p>\n<blockquote>\n  <p>I have been reading Scrolls and Shellsharks for several months now and I very much appreciate your work. I joined the Fediverse via Mastodon a couple of years ago, but I only recently became aware of the Indieweb\/Smallweb movements through sites like yours\u2026<\/p>\n\n  <p>Your articles, and many others that you refer to, inspired me to give it another try.<\/p>\n<\/blockquote>\n\n<p>From Angel (<em>9\/8\/25<\/em>)<\/p>\n<blockquote>\n  <p>Scrolling through and reading posts on the r\/cybersecurity subreddit on Reddit, I came across with one of your comments. From there I clicked onto your resume link on shellsharks and spent the last hour reading your educational background. I am newly transitioning careers into the tech world and I can already see myself referencing the information and advice you\u2019ve put together. Thank you!<\/p>\n<\/blockquote>\n\n<p>From Lander (<em>4\/18\/25<\/em>)<\/p>\n<blockquote>\n  <p>Just stumbled across a comment on the \/Cybersecurity Reddit where you linked your Shellsharks website. I must say what a big resource and for that I wanted to briefly thank you personally.<\/p>\n\n  <p>\u2026So once again a big thank you and I will be definitely will be using your website as a companion in landing a more specialized vulnerability management role!<\/p>\n<\/blockquote>\n\n<p>From Philipp (<em>4\/9\/25<\/em>)<\/p>\n<blockquote>\n  <p>Thanks for putting out so much great content, I really enjoy reading from you and find myself quite regularly exploring your site.<\/p>\n<\/blockquote>\n\n<p>From Ruben (<em>4\/9\/25<\/em>)<\/p>\n<blockquote>\n  <p>I\u2019m very grateful to all those great people with fun personal websites who inspired me to bring my own site back to life. There are too much to list, but special thanks to @shellsharks\u2026<\/p>\n<\/blockquote>\n\n<p>From Arjun (<em>4\/4\/25<\/em>)<\/p>\n<blockquote>\n  <p>I just wanted to reach out and say a big thank you. Your work on Shellsharks and especially your article on <a href=\"https:\/\/shellsharks.com\/you-should-blog\">why people should blog<\/a>. It pushed me to finally start my own blog\u2014even though it\u2019s super basic right now and nowhere near as cool as Shellsharks!<\/p>\n\n  <p>I\u2019ve built this space to share my work, explore interesting cyber threats, and document my learnings. My goal over the next few months is to stay consistent, keep improving the site, and use it as a platform to grow and contribute to the community.<\/p>\n\n  <p>It\u2019s been a great learning experience so far, and I owe a lot of that inspiration to you\u2026<\/p>\n\n  <p>Thanks again for doing what you do\u2014it genuinely sparked something for me.<\/p>\n<\/blockquote>\n\n<p>From Franklin (<em>3\/27\/25<\/em>)<\/p>\n<blockquote>\n  <p>Wanted to write a quick note and say thank you for the time, effort, and thoughtfulness you put into the <a href=\"https:\/\/shellsharks.com\/vm-bootcamp\">Vulnerability Management Bootcamp<\/a>.<\/p>\n\n  <p>I\u2019ve been trying to break into the security space for a few years now. I worked my way up from a desktop support intern to a senior analyst and earned a few certifications along the way\u2014but I never quite had the opportunity to pivot into a full-time security role. At times, I honestly questioned whether the field was just too saturated or if IT folks simply weren\u2019t being given a shot in CyberSec.<\/p>\n\n  <p>Then I came across your course. I took my time and went through it thoroughly in preparation for a Security Analyst interview with a Vulnerability Management team. The bootcamp gave me so much confidence heading into the interview and it also gave me so many things to talk about. Long story short, I was able to impress the panel and I just received a job offer today \u2013 my first CyberSec role. I look forward to checking your content more and more.<\/p>\n<\/blockquote>\n\n<p>From Nakul (<em>3\/14\/25<\/em>)<\/p>\n<blockquote>\n  <p>I came across your blog (Shellsharks) while I was browsing the web for cybersec resources I found it quite insightful.<\/p>\n<\/blockquote>\n\n<p>From Kai (<em>3\/7\/25<\/em>)<\/p>\n<blockquote>\n  <p>also, your website is flipping awesome. Subscribed!<\/p>\n\n  <p>Also, I might be stealing some ideas for my own site eventually \ud83d\ude48<\/p>\n<\/blockquote>\n\n<p>From Tyler (<em>3\/5\/25<\/em>)<\/p>\n<blockquote>\n  <p>I\u2019m Tyler, an infosec enthusiast working toward a career in the field. I came across your blog a month or so ago while researching inspiration for my own portfolio and blog. I loved the site theme and found your content incredibly interesting and engaging.<\/p>\n<\/blockquote>\n\n<p>On (<em>3\/5\/25<\/em>)<\/p>\n<blockquote>\n  <p>For real, give @shellsharks@shellsharks.social a follow. Always good stuff.<\/p>\n<\/blockquote>\n\n<p>From Himanshu (<em>3\/4\/25<\/em>)<\/p>\n<blockquote>\n  <p>\u2026Great work and I appreciate the work and the amount of effort you have taken to make one\u2026<\/p>\n<\/blockquote>\n\n<p>From Zak (<em>3\/3\/25<\/em>)<\/p>\n<blockquote>\n  <p>Your website is absolute killer. You\u2019ve got the absolute knack for linking resources to relevant things, whilst keeping the momentum of the message you\u2019re writing. I usually have CTRL held down as I read and click as I go. I always prepare myself for some rabbit-hole when your posts appear in my RSS feed. Your hyper(space)link travel post is an inspiration. I love a well-linked site so hopefully some others pick up the nudge too. I am meaning to do a similar post in the near future.<\/p>\n<\/blockquote>\n\n<p>From Phillip (<em>2\/28\/25<\/em>)<\/p>\n<blockquote>\n  <p>love your scrolls newsletter \ud83d\ude0d . Always so much to discover.<\/p>\n<\/blockquote>\n\n<p>From Moahmed (<em>2\/24\/25<\/em>)<\/p>\n<blockquote>\n  <p>I just want to say your indie blog website, https:\/\/shellsharks.com, has been a big inspiration for me and has helped me gain a huge amount of insight. It inspired me so much, I actually made my own indie blog website.<\/p>\n<\/blockquote>\n\n<p>From Jeffrey (<em>2\/24\/25<\/em>)<\/p>\n<blockquote>\n  <p>And your website is really cool, which must indicate that its owner is also really cool! I will add it to my indieroll ^_^<\/p>\n<\/blockquote>\n\n<p>From John (<em>2\/20\/25<\/em>)<\/p>\n<blockquote>\n  <p>I love <a href=\"https:\/\/shellsharks.com\/devlog\/shark-fin-hr\">this<\/a>! Such a neat touch of personality.<\/p>\n\n  <p>Bravo, Poseidon or Aquaman or somethin\u2019.<\/p>\n<\/blockquote>\n\n<p>From John (<em>2\/18\/25<\/em>)<\/p>\n<blockquote>\n  <p>as an aside, I continue to be enamoured with your site. Its such a clean design and layout, with a focus on text readability, along with having a fantastic wealth of information on it.<\/p>\n\n  <p>I also love that it\u2019s a static-generated site and not $blog_platform. I\u2019ve tried so many times to investigate static site generators, but could never close the gap between ease of use and ease of use and aesthetic.<\/p>\n<\/blockquote>\n\n<p>From Ishmael M. (<em>2\/18\/25<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael! I\u2019ve been reading your Shellsharks blog posts and there are some great gems in there. It\u2019s been great reading them.<\/p>\n<\/blockquote>\n\n<p>From Hedy (<em>2\/18\/25<\/em>)<\/p>\n<blockquote>\n  <p>I love the design of your site, and even moreso the thorough overview of its architecture. You\u2019ve been added to the webring, welcome!<\/p>\n<\/blockquote>\n\n<p>From Arjun T. (<em>2\/18\/25<\/em>)<\/p>\n<blockquote>\n  <p>Hello Michael, \nIt feels honoured to be connected. I have no questions or the need to ask for advice from you. Just wanted to tell you, I am a huge fan of shellsharks. A huge fan. I have been checking out the site for a long time and only today I visited to about page and found you. From a reddit comment. I went \u201cAHHH NO WAYYY! IT IS HIMM\u201d Love your work. Keep doing it. Keep inspiring us.<\/p>\n<\/blockquote>\n\n<p>From Bob (<em>2\/13\/25<\/em>)<\/p>\n<blockquote>\n  <p>I love it! I like how you\u2019ve \u201csurfaced\u201d recent posts, notes, etc. The old design is also great, but I think you\u2019ve taken it up a notch or two with this one. Nice work!<\/p>\n<\/blockquote>\n\n<p>From Eliezer G. (<em>1\/3\/25<\/em>)<\/p>\n<blockquote>\n  <p>Here from shellsharks amazing stuff !<\/p>\n<\/blockquote>\n\n<p>From AK H. (<em>11\/10\/24<\/em>)<\/p>\n<blockquote>\n  <p>My name is A.K., and I currently work as a systems administrator for the University of Maryland\u2019s helpdesk, a position I\u2019ve held for several years. I\u2019m now exploring a transition into the vulnerability management and information security industry, and I wanted to express my sincere appreciation for the resources you\u2019ve shared in the VM Bootcamp and the Shell Sharks podcast.<\/p>\n\n  <p>Your bootcamp content and podcast discussions have been an incredible guide as I consider this shift. I\u2019m grateful for the clarity and depth you provide, which are especially valuable for someone new to the field. I did notice that the bootcamp was published in April 2021, and I\u2019d love to hear if you feel the guidance you\u2019ve shared remains current or if there are updates or additional resources you\u2019d recommend.<\/p>\n\n  <p>Thank you again for your commitment to helping people like me enter this field with confidence. I look forward to any advice you may have!<\/p>\n<\/blockquote>\n\n<p>From James F. (<em>10\/21\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael, I found your insights on Shellsharks.com very helpful and would like to use them for a career exploration assignment. I\u2019d love to connect and explore your work further. Thanks!<\/p>\n<\/blockquote>\n\n<p>From Sahil S. (<em>10\/8\/24<\/em>)<\/p>\n<blockquote>\n  <p>I came across your blog ShellSharks from one of your Reddit replies and it rocks \u2026 Would love to connect with you.<\/p>\n<\/blockquote>\n\n<p>From Martin I. (<em>10\/7\/24<\/em>)<\/p>\n<blockquote>\n  <p>Just wanted to drop a note to say I enjoy the blog and site in general. Greetings from Switzerland<\/p>\n<\/blockquote>\n\n<p>From Pete M. (<em>10\/6\/24<\/em>)<\/p>\n<blockquote>\n  <p>Your website continues to be one of my favourites out of the 300+ I follow in my RSS\u2026<\/p>\n<\/blockquote>\n\n<p>From Andrew K. (<em>9\/29\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael,\n I found your LinkedIn via your site. Just a note to say thank very much for your wise, insightful, fair, and constructive comments you post on Reddit. much appreciated! Best,<\/p>\n<\/blockquote>\n\n<p>From Imri A. (<em>9\/28\/24<\/em>)<\/p>\n<blockquote>\n  <p>I recently came across your website and was impressed by your content. I would love to explore potential collaboration opportunities with you.<\/p>\n<\/blockquote>\n\n<p>From Josh W. (<em>9\/18\/24<\/em>)<\/p>\n<blockquote>\n  <p>I was doing some research to find good resources for newbies into VM and Reddit pointed me to your write up on Shellsharks. Thank you for putting the time into this content!<\/p>\n<\/blockquote>\n\n<p>From Justin K. (<em>9\/18\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hey, I saw your post on Reddit about setting up a profile website, and your looked really good so I thought I\u2019d drop a line! Killer work btw! if your ever interested in having a IOT person on the show let me know :-D<\/p>\n<\/blockquote>\n\n<p>From Jason K. (<em>9\/12\/24<\/em>)<\/p>\n<blockquote>\n  <p>Thank you for https:\/\/shellsharks.com\/, it has been incredibly insightful and interesting to read; especially the vulnerability management advice!<\/p>\n<\/blockquote>\n\n<p>From Pratik L. (<em>9\/12\/24<\/em>)<\/p>\n<blockquote>\n  <p>Big fan of shellsharks.com \nAwesome work\ud83c\udf89<\/p>\n<\/blockquote>\n\n<p>From Oleksii A. (<em>8\/20\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael,\ni\u2019ve been reading shellsharks for a while. Really like how structured information on your site is. Enjoying every article. Will be happy to add you to my network.<\/p>\n<\/blockquote>\n\n<p>From Jacob L. (<em>8\/13\/24<\/em>)<\/p>\n<blockquote>\n  <p>Saw your \u201cGetting into Information Security\u201d post on Shellsharks. Solid work.<\/p>\n<\/blockquote>\n\n<p>From Flavian M. (<em>7\/18\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi! Would like to connect! Will you finish your CIS top 20 post? Amazing work.<\/p>\n<\/blockquote>\n\n<p>From Jason N. (<em>6\/26\/24<\/em>)<\/p>\n<blockquote>\n  <p>Your post about threat modeling is awesome. I learned a lot from it.<\/p>\n<\/blockquote>\n\n<p>From Bibash R. (<em>6\/24\/24<\/em>)<\/p>\n<blockquote>\n  <p>I just came to connect to say I\u2019ve been reading a few of your blogs on shellsharks and really enjoy the content you put out!<\/p>\n\n  <p>Special favourite to the InfoSec tools you use to gauge the sorts of tools professionals like your self uses, but to be honest I was very surprised at the vast quantity of tools you use for each sector!<\/p>\n<\/blockquote>\n\n<p>From William I. (<em>5\/29\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi Mike, how are you? \nI came across shellsharks.com while surfing the net few days ago. I thought your write ups were cool and informative, hence the connection.<\/p>\n<\/blockquote>\n\n<p>From Shakar M. (<em>5\/27\/24<\/em>)<\/p>\n<blockquote>\n  <p>Great connecting with you. I just wanted to send a thank you note for all the stuff you put out from the podcast to the blogs. They are really helpful for someone who is starting out.<\/p>\n<\/blockquote>\n\n<p>From Veronica G. (<em>5\/21\/24<\/em>)<\/p>\n<blockquote>\n  <p>Just came across your shellsharks site as I try to make a career pivot. Phenomenal content there!<\/p>\n<\/blockquote>\n\n<p>From Noah P. (<em>4\/21\/24<\/em>)<\/p>\n<blockquote>\n  <p>I came across your website \u201cshellsharks.com\u201d in a reddit thread while researching best ways to create a cyber security e-portfolio. You have some great material on your website!<\/p>\n<\/blockquote>\n\n<p>From Daanish A. (<em>4\/2\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi! I found your LinkedIn while reading your infosec playbook. It\u2019s a really great resource, thank you so much! I\u2019m playing on using it to help me get an internship and hopefully land a job in pen testing!<\/p>\n<\/blockquote>\n\n<p>From Justin B. (<em>3\/29\/24<\/em>)<\/p>\n<blockquote>\n  <p>Thank you for your amazing website. I\u2019m working onto my journey of infosec &amp; threat hunting. I\u2019m glad you made a blog of your journey and understanding.<\/p>\n<\/blockquote>\n\n<p>From Sahil U. (<em>3\/28\/24<\/em>)<\/p>\n<blockquote>\n  <p>Found your website while searching for topics related to my studies. Will give your podcast a listen today.<\/p>\n<\/blockquote>\n\n<p>From James A. (<em>3\/24\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael, I came across your website when searching for cybersecurity blogs. And when I began to read more about you, I was intrigued and wanted to reach out and introduce myself. I am starting out in cybersecurity and looking for a mentor, is that weird to ask? All the best, J-A<\/p>\n<\/blockquote>\n\n<p><strong>When that <a href=\"https:\/\/www.tiktok.com\/@\/video\/7340729475618884895\">TikTok<\/a> happened\u2026<\/strong> (from Marc David (3\/5\/24) - \u201c<em>It is and the entire site is an amazing resource.  So far it\u2019s one of my best performing TikTok videos.  It\u2019s really useful content.<\/em>\u201d)<\/p>\n\n<p>From Kennedy K. (<em>3\/11\/24<\/em>)<\/p>\n<blockquote>\n  <p>Came accross the shellshark site on tiktok and decide to dive a bit deeper and conect with you since I have an interest in Cyber Security. Thanks<\/p>\n<\/blockquote>\n\n<p>From Hendrik E. (<em>7\/11\/23<\/em>)<\/p>\n<blockquote>\n  <p>Hey Michael, thanks a lot for your https:\/\/shellsharks.com\/threat-modeling post. I do ID\u00b3 all the time. ;-p I like threat modeling a lot and am looking for exchange. Let\u2019s connect! Hendrik<\/p>\n<\/blockquote>\n\n<p>From Syed I. (<em>3\/11\/24<\/em>)<\/p>\n<blockquote>\n  <p>Respected Sir, I am lucky to find your website, and that brought me here. I would be honored to get connected with you. I seek your mentorship.<\/p>\n<\/blockquote>\n\n<p>From Romano E. (<em>3\/11\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hey Michael, I saw your post on Reddit about where to find other infosec communities and gave me that boost of confidence I needed! Thank you.<\/p>\n<\/blockquote>\n\n<p>From Daniel K. (<em>3\/7\/24<\/em>)<\/p>\n<blockquote>\n  <p>I stumbled across shellsharks.com while researching how to break into cyber security. Love the content!<\/p>\n<\/blockquote>\n\n<p>From Rafael M. (<em>3\/4\/24<\/em>)<\/p>\n<blockquote>\n  <p>I saw a video on your website! by ByteSizedSecurity on tiktok! just following the steps lol on your steps ! Thank You for making this website!<\/p>\n<\/blockquote>\n\n<p>From Refiloe M. (<em>3\/1\/24<\/em>)<\/p>\n<blockquote>\n  <p>just discovered your blog btw genius brother, I am trying to get into digital marketing and i am stealing the technique you used here to put yourself out there much respects for the creativity<\/p>\n<\/blockquote>\n\n<p>From Natth M. (<em>2\/27\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi, Really enjoy shellsharks thanks for your work!<\/p>\n<\/blockquote>\n\n<p>From Miguel L. (<em>8\/7\/22<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael! I stumbled upon your blog and realized that you did some research on threat modelling. I\u2019m also interested in the field (currently working on a (yet) another methodology), so I would love to connect with you and share ideas on this and other Cyber Security topics. Kind Regards, Miguel.<\/p>\n<\/blockquote>\n\n<p>From AJ (<em>1\/7\/24<\/em>)<\/p>\n<blockquote>\n  <p>Hi Mike, thanks for connecting. I came across your 2019 article and wanted to thank for putting it together. https:\/\/shellsharks.com\/getting-into-information-security Happy New year!<\/p>\n<\/blockquote>\n\n<p>From John W. (<em>12\/11\/23<\/em>)<\/p>\n<blockquote>\n  <p>Good morning Michael, found out about you through Reddit! I found your website site quite awesome and inspiring! I wanted to connect with you and seek out some mentorship as prepare to pivot careers!<\/p>\n<\/blockquote>\n\n<p>From Samir A. (<em>11\/6\/23<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael, I found your website via Reddit, awesome content. <em>\u2026<\/em> how did you create your website? Mine is not posted yet\u2026 (HTML\/CSS\/JS)<\/p>\n<\/blockquote>\n\n<p>From Brei W. (<em>11\/14\/23<\/em>)<\/p>\n<blockquote>\n  <p>Good afternoon, I randomly ran across your website \u201cshellsharks.com\u201d from a reddit post. I am currently a cyber security student in VA and I was wondering if there is any advice you could give me as I close in on my undergraduate career.<\/p>\n<\/blockquote>\n\n<p>From Clint G. (<em>10\/16\/23<\/em>)<\/p>\n<blockquote>\n  <p>Hey! I enjoyed your list of \u201cdesigner vulnerabilities,\u201d thanks for sharing. Cheers!<\/p>\n<\/blockquote>\n\n<p>From Matt W. (<em>10\/13\/23<\/em>)<\/p>\n<blockquote>\n  <p>Hey man, I\u2019m sure you get this alot, but still wanted to pass along my appreciation for the effort you put in that VM boot camp. Very helpful!<\/p>\n<\/blockquote>\n\n<p>From Brian B. (<em>9\/3\/23<\/em>)<\/p>\n<blockquote>\n  <p>Hey Michael, I couldn\u2019t send a message without connecting (LinkedIn restriction I guess?). I stumbled across shellsharks a few days ago and was really impressed with the level of effort you have put into the content and design. The nostalgia of indie-blogging is real. Nice work and all the best. - Brian<\/p>\n<\/blockquote>\n\n<p>From Mehdi B. (<em>9\/18\/23<\/em>)<\/p>\n<blockquote>\n  <p>Dear Michael, \nI hope you are doing well,\nI found your profile by passing trough your blog post on threat modeling. First I want to thank you from the bottom of my heart, It is clearly the best ressource of threat modeling on the net. \nI want also to ask you if as you stated on the post, you plan to provide an example of your ID3 way to do threat model? It could be really helpful for me as I am doing threat modeling in my daily basis. Also if you have anything that details more your ID3 methodoloy, for example a more detailled scheme than the one on your blog I would really be interested. \nMany thanks in advance,\nMehdi<\/p>\n<\/blockquote>\n\n<p>From Ayres N. (<em>9\/22\/23<\/em>)<\/p>\n<blockquote>\n  <p>Stumbled upon your post about a portfolio for cybersecurity on reddit. Like your work and look to learn from you further.<\/p>\n<\/blockquote>\n\n<p>From Preston K. (<em>10\/3\/23<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael. I read your post at <a href=\"https:\/\/www.reddit.com\/r\/cybersecurity\/comments\/11emt8m\/whats_a_day_in_the_life_of_an_application\/\">https:\/\/www.reddit.com\/r\/cybersecurity\/comments\/11emt8m\/whats_a_day_in_the_life_of_an_application\/<\/a> and followed it to your site. I\u2019m looking to make a move to appsec engineering and I\u2019m training myself up at the moment. Just wanted to connect and say hi.<\/p>\n<\/blockquote>\n\n<p>From Felicia G. (<em>8\/22\/23<\/em>)<\/p>\n<blockquote>\n  <p>I recently came across your portfolio, shellsharks.com after Googling \u2018cybersecurity portfolios.\u2019 Yours looks good. Let\u2019s keep in touch!<\/p>\n<\/blockquote>\n\n<p>From Laorenz M. (<em>7\/26\/23<\/em>)<\/p>\n<blockquote>\n  <p>I stumbled upon your website when I was looking for cybersecurity portfolios. I just started my CS journey and I got a lot more motivated thanks to you! You\u2019re awesome!<\/p>\n<\/blockquote>\n\n<p>From Seth C. (<em>7\/12\/23<\/em>)<\/p>\n<blockquote>\n  <p>Thank you for accepting my connection request! I\u2019ve been reading through your \u201cgetting started in Infosec\u201d article on your website - I really appreciate the collection of information! Thank you for your advice &amp; making your collection of resources available!<\/p>\n<\/blockquote>\n\n<p>From Diego Arteago (<em>6\/27\/23<\/em>)<\/p>\n<blockquote>\n  <p>I just spent a few hours binge reading shellsharks.com posts. Thanks for being a mentor!<\/p>\n<\/blockquote>\n\n<p>From Nihil D. (<em>6\/25\/23<\/em>)<\/p>\n<blockquote>\n  <p>Hey man I saw your 5 year infosec blog get posted on reddit <a href=\"https:\/\/www.reddit.com\/r\/GIAC\/comments\/14ikgy5\/need_some_help_with_sans_courses\/\">https:\/\/www.reddit.com\/r\/GIAC\/comments\/14ikgy5\/need_some_help_with_sans_courses\/<\/a> and enjoyed your blog. I am originally from the NoVA area and am trying to go there after my stint in the USAF is done next year.<\/p>\n<\/blockquote>\n\n<p>From Tyler W. (<em>6\/6\/23<\/em>)<\/p>\n<blockquote>\n  <p>Found you through your threat modeling guide on your website. You\u2019re a badass, my man.<\/p>\n<\/blockquote>\n\n<p>From Sohail E. (<em>2\/21\/23<\/em>)<\/p>\n<blockquote>\n  <p>Thanks a ton for connecting with me. I just wanted to drop a quick note to say how excited I am to know that you\u2019ve your own podcast! I just realized this now. I can\u2019t wait to give it a listen and hear all the amazing things you\u2019re sharing.<\/p>\n<\/blockquote>\n\n<p>From Todd M. (<em>2\/12\/23<\/em>)<\/p>\n<blockquote>\n  <p>I have been following your blog and Reddit posts for a while now. Keep up the great work! Your breaking into Infosec post and roadmap has been instrumental in helping me navigate my own career path. Thanks again.<\/p>\n<\/blockquote>\n\n<p>From Mike C. (<em>11\/27\/22<\/em>)<\/p>\n<blockquote>\n  <p>\u2026I was on a road trip home (through the DC area, ironically) when I came across a post you had made to Reddit that linked to your experience with JHU (very informative! Thank you!). I\u2019ve been looking through Shellsharks all evening and found a link to your LinkedIn and figured, why not!<\/p>\n\n  <p>It\u2019s a pleasure to have made a connection with you. Have a great evening!<\/p>\n<\/blockquote>\n\n<p>From Robert V.(<em>9\/17\/22<\/em>)<\/p>\n<blockquote>\n  <p>Hey Michael! We spoke briefly last year when you shared some AppSec learning resources with me via email. I\u2019m a big fan of your blog and would love to connect!<\/p>\n<\/blockquote>\n\n<p>From Willie N. (<em>10\/11\/22<\/em>)<\/p>\n<blockquote>\n  <p>I found your blog recently while searching for Threat Modelling resources and was impressed with the content of your posts.<\/p>\n\n  <p>I would like to connect with you to follow any future content that you might release.<\/p>\n<\/blockquote>\n\n<p>From Ilia A. (<em>9\/9\/22<\/em>)<\/p>\n<blockquote>\n  <p>Hi Mike, I\u2019ve been reading over your InfoSec playbook. Great stuff, thanks for putting it together!<\/p>\n<\/blockquote>\n\n<p>From Niklas J. (<em>8\/28\/22<\/em>)<\/p>\n<blockquote>\n  <p>Hi man,<\/p>\n\n  <p>I don\u2019t know you, any you don\u2019t know me.\nBut I just want to let know that I really enjoy your blog, thanks and keep it up :)<\/p>\n<\/blockquote>\n\n<p>From Robin L. (<em>8\/2\/22<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael, I posted regarding your \u201cEnchiridion\u201d and tagged you in the post, but your name keeps dropping off for some reason. Anyway I really like the piece and your website and hope we can connect. Did you have a classical education btw? Best regards, Robin<\/p>\n<\/blockquote>\n\n<p>From Darrius R. (<em>7\/25\/22<\/em>)<\/p>\n<blockquote>\n  <p>Hey Michael, just wanted to reach out for a connection. I wanted to let you know that I am interested in vulnerability management and I was looking at your blog! It has some great stuff for anybody looking to get into the industry !<\/p>\n<\/blockquote>\n\n<p>From John K. (<em>4\/3\/22<\/em>)<\/p>\n<blockquote>\n  <p>Dear Michael, Follow your articles on shellshark, all absolute gold. Look forward to connect and associate with you. And learn from your experience and knowledge. Rgds, John<\/p>\n<\/blockquote>\n\n<p>From B J B. (<em>1\/29\/22<\/em>)<\/p>\n<blockquote>\n  <p>Just stumbled on your website via Reddit. One word\u2026\u2026..AWESOME! I\u2019m steering into the cyber arena and I\u2019m freshly starting out. Please continue the quality work.<\/p>\n<\/blockquote>\n\n<p>From Will B. (<em>11\/9\/21<\/em>)<\/p>\n<blockquote>\n  <p>Hi Michael, I\u2019m a big fan of your blog. It would be my honor to have you in my network.<\/p>\n<\/blockquote>\n\n<p>From Michael A. (<em>11\/5\/21<\/em>)<\/p>\n<blockquote>\n  <p>Hey Mike, I saw your website with you reviewing all the training you have been in, which SANS course would you say is your favorite? I\u2019ve taken maybe 7 classes and most are hit or miss.<\/p>\n<\/blockquote>\n\n<p>From Lee T. (<em>7\/7\/21<\/em>)<\/p>\n<blockquote>\n  <p>Just read your blog and great job on the content, I particularly like the section about the trainings and certifications to avoid, since I was looking at a few of the SANS courses to take next. However, the Wireless Pentesting course in your write up sounds awesome. Great work on the blog!<\/p>\n<\/blockquote>\n\n<p>From Cameron S. (<em>6\/4\/21<\/em>)<\/p>\n<blockquote>\n  <p>Nice website by the way. Just took a look at it. Sick desk setup haha<\/p>\n<\/blockquote>\n","pubDate":"Tue, 18 Feb 2025 09:51:00 -0500","link":"https:\/\/shellsharks.com\/kindness","guid":"https:\/\/shellsharks.com\/kindness","category":["life","life","blog","list"]},{"title":"Shellsharks Doodles","description":"<p>Similar to the <a href=\"https:\/\/doodles.google\">Google Doodles<\/a>, my site has its <strong>Shellsharks Doodles<\/strong>. They are celebrations of various events and holidays throughout the year, each designed by me using the <a href=\"https:\/\/apps.apple.com\/us\/app\/vector-svg-maker-assembly\/id1024210402\">Assembly<\/a> app. Some of the doodles are merely thematic additions to the plain shellsharks logo, while others completely re-visualize the <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#shellsharks-logo-symbology\">symbology<\/a> throughout. These doodles go up and replace the classic doodle at the appropriate times throughout the year.<\/p>\n\n<p><em>Why did I design these?<\/em> Just for fun I guess. <em>Why these particular events\/holidays?<\/em> <em>Well<\/em>, I did what I could with the limited icon sets that were available within the Assembly app at the time. <em>Will I make more doodles?<\/em> I hadn\u2019t thought about it for a while, but I can definitely see myself doing more in the future.<\/p>\n\n<style>\n  .item {\n    background-color: var(--background-color);\n    padding: 20px;\n    border-radius: 20px;\n  }\n  .contain {\n      display: grid;\n      grid-template-columns: auto auto;\n      row-gap:20px;\n      column-gap:20px;\n      background-color: color-mix(in srgb, var(--accent-color) 12%, var(--background-color));\n      padding: 20px;\n      border-radius: 15px;\n  }\n  .twox {\n    grid-column-start:1;\n    grid-column-end:3;\n  }\n  img {\n    margin-top:40px;\n  }\n  @media only screen and (max-width: 768px) { \/* mobile-lg *\/\n    .contain {\n      display: block;\n    }\n    .contain > div {\n      margin-bottom:20px;\n    }\n  }\n<\/style>\n\n<hr \/>\n\n<div class=\"contain\">\n  <div class=\"item\">\n    The <b>classic<\/b> logo. Read more about it <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#shellsharks-logo-symbology\">here<\/a>.\n    <img src=\"\/assets\/img\/avatar.png\" \/>\n  <\/div>\n\n  <div class=\"item\">\n    The <b>New Years<\/b> logo, basically the same as the classic logo, but with lotsa fireworks, some bottles poppin', a sign with the <i>new<\/i> year on it, and some fancy sharks with bowties. \ud83e\udd88 \u22c8 \ud83d\ude04.\n    <img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/logos\/avatar-newyears.png\" \/>\n  <\/div>\n\n  <div class=\"item\">\n    The <b>Valentines Day<\/b> logo is also just the classic logo with a bunch of hearts and flowers added in various places. There are some \"easter eggs\" and li'l bonus things though. The <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#weaponization\">weaponization<\/a> circle has a \"<i>love potion<\/i>\" in the middle. For some reason I've put a planet that kinda looks like Venus (the roman goddess of love) in there (with the number '2' next to it as Venus is the second planet from the sun). I also pay homage to the classic <a href=\"https:\/\/en.wikipedia.org\/wiki\/ILOVEYOU\">ILOVEYOU<\/a> virus in the <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#exploitation\">exploitation<\/a> and <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#installation\">installation<\/a> phases. Also looks like I changed the binary message around the outside of the logo, but honestly don't remember what it's supposed to say. A challenge for someone out there perhaps? \ud83e\udde1\n    <img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/logos\/avatar-valentines.png\" \/>\n  <\/div>\n\n  <div class=\"item\">\n    Here's a funny one, <b><a href=\"https:\/\/nationaltoday.com\/world-circus-day\">World Circus Day<\/a><\/b>. Here things have gotten completely wacky, but you should appreciate that each of the inner circles still attempt to symbolize <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#the-cyber-kill-chain\">The Cyber Kill Chain<\/a>. You've gotta use your imagination of course, but I'm sure you can kinda see what I was goin' for across each of the kill-chain steps. Notably we've got a cannon as the <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#delivery\">delivery<\/a> mechanism and a \"magician\" pulling a rabbit out of a \"hat\" as the <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#exploitation\">exploitation<\/a> phase. There's also a <i>Golden Ticket<\/i> - wanna guess what that might be referencing? Everything else is, as you can plainly see, <i>very<\/i> circus-ey. <i>Oh<\/i>, and I've got swingin' monkey in there for good measure. \ud83c\udfaa \ud83d\ude48\n    <img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/logos\/avatar-circus.png\" \/>\n  <\/div>\n\n  <div class=\"item\">\n    The <b>Earth Day<\/b> logo is a favorite of mine. It's again, just the classic logo, but with <i>a lot<\/i> of <i>earth-ey<\/i> stuff all over the place. Plants just growin' out from everything. My favorite part of this logo has got to be the great tree growing on the outside of the logo itself. \ud83c\udf0e\n    <img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/logos\/avatar-earthday.png\" \/>\n  <\/div>\n\n  <div class=\"item\">\n    The <b>Columbus Day<\/b> logo is honestly one I haven't really used, but <i>technically<\/i> have around. Given the general <a href=\"https:\/\/www.history.com\/news\/columbus-day-controversy\">controversy<\/a> surrounding Columbus, and the holiday, it'll probably remain dormant. It's nothing but a few boats anyway.\n    <img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/logos\/avatar-columbus.png\" \/>\n  <\/div>\n\n  <div class=\"item\">\n    The <b>Halloween<\/b> logo is another very intricate, thematic design. Each smaller circle on the interior of the logo has been re-made in a <i>spooky<\/i> fashion. We've got zombies screaming \"<i>BRAINS~!!!<\/i>\", witches flyin' every which way and plenty of ghouls and ghosties. But the best part? The <i>scariest<\/i> part? Is all the <a href=\"https:\/\/shellsharks.com\/designer-vulnerabilities\">named vulns<\/a> and their respective CVEs I've referenced in the <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#exploitation\">exploitation<\/a> and <a href=\"https:\/\/shellsharks.com\/shellsharks-logo#installation\">installation<\/a> phases. <i>Even better<\/i>? Each of those named vulns are ones that have kinda spooky names too, e.g. \"<i>Cable Haunt<\/i>\", \"<i>ZombieLoad<\/i>\", \"<i>Stagefright<\/i>\", \"<i>Spectre<\/i>\", to name a few. There's a lot more in there too! Turns out vuln researchers like scary-sounding vuln names. \ud83d\udc7b\n    <img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/logos\/avatar-halloween.png\" \/>\n  <\/div>\n  \n  <div class=\"item\">\n    Last, but certainly not least, is the <b>Christmas<\/b> doodle. It's easily the one I'm the most proud of. I think I really nailed the <i>Christmas-to-Kill-Chain<\/i> symbology throughout, following <a href=\"https:\/\/shellsharks.com\/santa-ttps\">Santa's<\/a> journey to put presents under your tree. \ud83c\udf85 \ud83c\udf81 \ud83c\udf84<br \/><br \/>\n\n    <ol>\n      <li><a href=\"https:\/\/shellsharks.com\/shellsharks-logo#\">Reconnaissance<\/a>: First, Santa performs recon, reviewing his famed <i>Naughty &amp; Nice<\/i> list.<\/li>\n      <li><a href=\"https:\/\/shellsharks.com\/shellsharks-logo#\">Weaponization<\/a>: Only so much I can do visually with \"exploitation\", so here you get an assortment of random xmas-<i>stuff<\/i> and a particularly evil looking snowman.<\/li>\n      <li><a href=\"https:\/\/shellsharks.com\/shellsharks-logo#\">Delivery<\/a>: The sleigh is loaded, and 8 tiny reindeer are ready to mount to the sky! Rudolph has even made his appearance.<\/li>\n      <li><a href=\"https:\/\/shellsharks.com\/shellsharks-logo#\">Exploitation<\/a>: The chimney is Santa's favored exploitation vector.<\/li>\n      <li><a href=\"https:\/\/shellsharks.com\/shellsharks-logo#\">Installation<\/a>: The gifts are then \"<i>installed<\/i>\".<\/li>\n      <li><a href=\"https:\/\/shellsharks.com\/shellsharks-logo#\">C2<\/a>: A new reindeer appears - <i>On HAXXEN!!<\/i><\/li>\n      <li><a href=\"https:\/\/shellsharks.com\/shellsharks-logo#\">Actions on Objectives<\/a>: Finally, Santa has delivered the presents, and he makes off with his favorite snack - a <i>session<\/i>-cookie!<\/li>\n    <\/ol>\n\n    <i>Merry Haxmas to All and to All a Good Night!!<\/i>\n\n    <img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/logos\/avatar-christmas.png\" \/>\n  <\/div>\n<\/div>\n","pubDate":"Tue, 18 Feb 2025 00:29:00 -0500","link":"https:\/\/shellsharks.com\/shellsharks-doodles","guid":"https:\/\/shellsharks.com\/shellsharks-doodles","category":["life","shellsharks","whimsy","life","blog"]},{"title":"Surviving the Brave New World","description":"<p>The world is a dangerous place, and complexity abounds, moreso <em>today<\/em> it seems than it ever has been. Navigating a world filled with AI-fueled disinformation, corporate-backed algorithmic control, political information silos and worse is no easy feat. So how can we trust what we see? How can we communicate safely? How can we protect ourselves in a digital warzone? How can we build and sustain our communities? How can we do all of this in light of the powers that seek to isolate, confuse, depress and control us? Here are some resources for staying safe and surviving\u2026<\/p>\n\n<div class=\"containbox\"><span class=\"shellsharks\"><i>Like most things on my site, this is a \"living resource\". I will add and update this post as I discover new things.<br \/><br \/>This is a <b>call for contributions<\/b>! If you have tips, advice, additional resources that fit into these categories, I want to know about them so I can add it here.<br \/><br \/>Thanks, and stay safe out there!<\/i><\/span><\/div>\n\n<ul>\n  <li><a href=\"#news\">News<\/a><\/li>\n  <li><a href=\"#social-media\">Social Media<\/a><\/li>\n  <li><a href=\"#self-hosting\">Self-Hosting<\/a><\/li>\n  <li><a href=\"#communication\">Communication<\/a><\/li>\n  <li><a href=\"#privacy-digital-security--opsec\">Privacy &amp; OpSec<\/a><\/li>\n  <li><a href=\"#community\">Community<\/a><\/li>\n<\/ul>\n\n<hr \/>\n\n<h1 id=\"news\">News<\/h1>\n\n<p>Disinformation, misinformation, biased news, whatever. It\u2019s <em>everywhere<\/em>. How can you know what you are reading is <em>reality<\/em>? Who speaks truth to power? Where can you go to get the actual <em>news<\/em>? We all know the traditional news outlets have capitulated, and the behemoth centralized platforms will suppress and annihilate news they deem unfit to the narrative. There\u2019s no silver bullet here, but there are sources of light and truth you can plug into. Here\u2019s some recommendations (<em>none of these are foolproof sources, remember to <a href=\"#fact-checking\">fact check<\/a><\/em>!)\u2026<\/p>\n\n<h6 id=\"news-sources\">News Sources<\/h6>\n\n<ul>\n  <li><a href=\"https:\/\/www.propublica.org\">ProPublica<\/a>: An independent, nonprofit newsroom that produces investigative journalism with moral force.<\/li>\n  <li><a href=\"https:\/\/www.404media.co\">404 Media<\/a>: Journalist-founded digital media company exploring the ways technology is shaping\u2013and is shaped by\u2013our world.<\/li>\n  <li><a href=\"https:\/\/www.aljazeera.com\">Al Jazeera<\/a><\/li>\n  <li><a href=\"https:\/\/www.alternet.org\">AlterNet<\/a><\/li>\n  <li><a href=\"https:\/\/arstechnica.com\">Ars Technica<\/a><\/li>\n  <li><a href=\"https:\/\/apnews.com\">Associated Press<\/a><\/li>\n  <li><a href=\"https:\/\/www.democracynow.org\">Democracy Now!<\/a><\/li>\n  <li><a href=\"https:\/\/www.lawfaremedia.org\">Lawfare<\/a><\/li>\n  <li><a href=\"https:\/\/www.motherjones.com\">Mother Jones<\/a><\/li>\n  <li><a href=\"https:\/\/www.rollingstone.com\">Rolling Stone<\/a><\/li>\n  <li><a href=\"https:\/\/slate.com\">SLATE<\/a><\/li>\n  <li><a href=\"https:\/\/www.teenvogue.com\">Teen Vogue<\/a><\/li>\n  <li><a href=\"https:\/\/www.texasobserver.org\">Texas Observer<\/a><\/li>\n  <li><a href=\"https:\/\/19thnews.org\">The 19th News<\/a><\/li>\n  <li><a href=\"https:\/\/www.theatlantic.com\">The Atlantic<\/a><\/li>\n  <li><a href=\"https:\/\/www.theguardian.com\">The Guardian<\/a><\/li>\n  <li><a href=\"https:\/\/newrepublic.com\">The New Republic<\/a><\/li>\n  <li><a href=\"https:\/\/www.theverge.com\">The Verge<\/a><\/li>\n  <li><a href=\"https:\/\/washingtonmonthly.com\">Washington Monthly<\/a><\/li>\n  <li><a href=\"https:\/\/www.wired.com\">Wired<\/a><\/li>\n<\/ul>\n\n<p>and some resources for finding further news\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.trustworthymedia.org\/list-of-independent-media\/\">Trustworthy Media<\/a>: Provides a list of independent media sources.<\/li>\n  <li><a href=\"https:\/\/findyournews.org\">FindYourNews<\/a>: A place to discover and connect with public service newsrooms.<\/li>\n<\/ul>\n\n<p>*<em>Have other news sources you recommend? Have concerns about one of the sources listed here? Please <a href=\"https:\/\/shellsharks.com\/contact\">let me know<\/a>!<\/em><\/p>\n\n<h6 id=\"fact-checking\">Fact-Checking<\/h6>\n\n<p>Remember to find secondary sources to verify\/corroborate any news\/information you see online. Some fact-checking resources\u2026(<em>thanks <a href=\"https:\/\/infosec.exchange\/@AAKL\/112360914145670561\">AAKL<\/a><\/em>!)<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.factcheck.org\/\">FactCheck.org<\/a><\/li>\n  <li><a href=\"https:\/\/www.washingtonpost.com\/news\/fact-checker\/\">WaPo Politics Fact Checker<\/a><\/li>\n  <li><a href=\"https:\/\/www.politifact.com\/\">PolitiFact.com<\/a><\/li>\n  <li><a href=\"https:\/\/www.snopes.com\/fact-check\/\">Snopes Fact Checks<\/a><\/li>\n  <li><a href=\"https:\/\/www.reuters.com\/fact-check\">Reuters Fact Check<\/a><\/li>\n  <li><a href=\"https:\/\/apnews.com\/hub\/ap-fact-check\">AP Fact Check<\/a><\/li>\n  <li><a href=\"https:\/\/fullfact.org\/latest\/\">Full Fact Latest fact checks<\/a><\/li>\n  <li><a href=\"https:\/\/www.bbb.org\/scamtracker\/lookupscam\">Better Business Bureau Scam Tracker<\/a><\/li>\n<\/ul>\n\n<p>\u2026and a few <em>link checkers<\/em> to ensure the links are free from malware, phishing, etc\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/nordvpn.com\/link-checker\/\">NordVPN link checker<\/a><\/li>\n  <li><a href=\"https:\/\/www.ipvanish.com\/link-checker\/\">IPVanish Link Checker<\/a><\/li>\n  <li><a href=\"https:\/\/urlscan.io\">urlscan.io<\/a><\/li>\n  <li><a href=\"https:\/\/www.virustotal.com\/\">VirusTotal<\/a><\/li>\n<\/ul>\n\n<p>Don\u2019t look for news on the big centralized social networks. They <em>will<\/em> censor things of import. Instead, find some trustworthy sources on decentralized <a href=\"#social-media\">social media<\/a> outlets.<\/p>\n\n<h1 id=\"social-media\">Social Media<\/h1>\n\n<p><em>I\u2019ll just say it<\/em>. The centralized platforms are bad (for a lot of reasons I\u2019ll cover). Facebook, Twitter (X), Instagram, TikTok, even Bluesky. That\u2019s not to say they aren\u2019t entertaining, or an easy way to communicate with friends &amp; family, but they are bad for a lot of <em>other<\/em> reasons. Propagating disinformation, rampant censorship, heavy-handed moderation, shady ownership, privacy violations, enshittification, you name it. So what\u2019s the solution? Is there a perfect social media utopia to run to? <em>Of course not<\/em>. But we do have <em>something<\/em>, something that is <em><a href=\"https:\/\/shellsharks.com\/notes\/2025\/01\/15\/bluesky-wont-free-your-feed#title\">actually<\/a><\/em> resilient in the face of ever-expanding oligarchic and governmental control. That something is the <a href=\"https:\/\/shellsharks.com\/fediverse\">Fediverse<\/a> - a <em>real<\/em> decentralized social media network.<\/p>\n\n<p>But don\u2019t just take it from me, take a look at the following stories on this topic.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.404media.co\/decentralized-social-media-is-the-only-alternative-to-the-tech-oligarchy\/\">Decentralized Social Media Is the Only Alternative to the Tech Oligarchy | 404 Media<\/a><\/li>\n  <li><a href=\"https:\/\/cacm.acm.org\/news\/disrupting-networks-decentralization-and-the-fediverse\/\">Disrupting Networks: Decentralization and the Fediverse<\/a><\/li>\n<\/ul>\n\n<p>Looking to further understand why the <a href=\"https:\/\/jointhefediverse.net\">Fediverse<\/a> is better? Read through <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/16\/hark-threaders-the-fediverse-is-good-for-you#why-mastodon--fediverse-is-good\">these benefits<\/a>. <a href=\"https:\/\/joinmastodon.org\">Mastodon<\/a> is one of the more popular Fediverse-enabled platforms, I\u2019ve got the <a href=\"https:\/\/shellsharks.com\/mastodon\">following guide<\/a> if you\u2019re interested in learning more. Want to take it to the next level and <a href=\"https:\/\/shellsharks.com\/own-my-social\">own your own fediverse instance<\/a>? Here\u2019s some <a href=\"https:\/\/shellsharks.com\/notes\/2023\/08\/01\/fediverse-managed-hosting-providers\">managed hosting providers<\/a> to help you achieve that. Looking to go beyond micro-blogging? The \u201c<a href=\"https:\/\/shellsharks.com\/threadiversal-travel\">Threadiverse<\/a>\u201d is the Fediverse\u2019s answer to Reddit being awful.<\/p>\n\n<h1 id=\"self-hosting\">Self-Hosting<\/h1>\n\n<p>Our reliance on big tech is dangerous. Given their willingness to fold in the face of governmental pressure, by governments who might not have <em>your<\/em> best interests in mind, there is little assurance they will safeguard data you entrust to them, nor can we be certain that we won\u2019t be deplatformed. So, we must learn to self-host the services that matter. It requires some know-how, some cash and in many cases some hardware, but it can be done!<\/p>\n\n<p>Below are some self-hosting-related resources\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/taggartinstitute.org\/p\/the-homelab-almanac\">The Homelab Almanac<\/a><\/li>\n  <li><a href=\"https:\/\/mwl.io\/archives\/22653\">Run Your Own Mail Server<\/a><\/li>\n  <li>Though running your own mail server can be fraught \u2013&gt; <a href=\"https:\/\/cfenollosa.com\/blog\/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html\">After self-hosting my email for twenty-three years I have thrown in the towel. The oligopoly has won.<\/a><\/li>\n  <li><a href=\"https:\/\/32x33.institute\/tag\/self-hosting\/\">Host your stuff | 32x33 Institute<\/a><\/li>\n  <li><a href=\"https:\/\/wiki.futo.org\/wiki\/Introduction_to_a_Self_Managed_Life:_a_13_hour_%26_28_minute_presentation_by_FUTO_software\">Introduction to a Self Managed Life: a 13 hour &amp; 28 minute presentation by FUTO software<\/a><\/li>\n  <li><a href=\"https:\/\/community-scripts.github.io\/ProxmoxVE\/\">Proxmox VE Helper-Scripts<\/a><\/li>\n  <li><a href=\"https:\/\/awesome-selfhosted.net\">Awesome-Selfhosted<\/a><\/li>\n  <li><a href=\"https:\/\/european-alternatives.eu\">European alternatives for digital products<\/a><\/li>\n<\/ul>\n\n<p>On a related note, here\u2019s some thoughts\/resources on <a href=\"https:\/\/shellsharks.com\/notes\/2025\/02\/05\/save-your-links#title\">archiving data<\/a>.<\/p>\n\n<h1 id=\"communication\">Communication<\/h1>\n\n<p>We need to be able to communicate <em>securely<\/em>. Social media is not the place for this, not even decentralized social media. <a href=\"https:\/\/signal.org\">Signal<\/a> is a highly-recommended option for secure commmunications.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/a.wholelottanothing.org\/a-guide-to-using-signal-for-government-workers\/\">A guide to using Signal for government workers<\/a><\/li>\n  <li><a href=\"https:\/\/simplex.chat\">Simplex.chat<\/a><\/li>\n<\/ul>\n\n<h1 id=\"privacy-digital-security--opsec\">Privacy, Digital Security &amp; OpSec<\/h1>\n\n<p>Surveillance is everywhere, learn to protect your privacy. Some resources below\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.lawfaremedia.org\/article\/digital-threat-modeling-under-authoritarianism\">Digital Threat Modeling Under Authoritarianism<\/a><\/li>\n  <li><a href=\"https:\/\/www.privacyguides.org\">Privacy Guides<\/a><\/li>\n  <li><a href=\"https:\/\/www.optoutproject.net\/the-cyber-cleanse-take-back-your-digital-footprint\/\">The Opt Out Project<\/a><\/li>\n  <li><a href=\"https:\/\/www.privacyguides.org\/articles\/2025\/01\/23\/activists-guide-securing-your-smartphone\/\">The Protesters\u2019 Guide to Smartphone Security<\/a><\/li>\n  <li><a href=\"https:\/\/tnl.net\/blog\/2025\/02\/01\/on-anonymity\/\">On Anonymity<\/a><\/li>\n  <li><a href=\"https:\/\/freedom.press\/digisec\/blog\/sharing-sensitive-leaks-press\/\">Here\u2019s how to share sensitive leaks with the press<\/a><\/li>\n  <li><a href=\"https:\/\/infosecforactivists.org\">Infosec 101 for Activists<\/a><\/li>\n  <li>For those in the press, or looking to conduct any form of \u2018jounalism\u2019: <a href=\"https:\/\/freedom.press\">Freedom of the Press Foundation<\/a><\/li>\n  <li><a href=\"https:\/\/european-alternatives.eu\">European Alternatives<\/a><\/li>\n  <li><i class=\"ph ph-youtube-logo\"><\/i> <a href=\"https:\/\/www.youtube.com\/watch?v=Hcqh0ZSza50\">\u201cI Have Nothing to Hide<\/a>: The Dangerous Myth About Privacy<\/li>\n  <li><a href=\"https:\/\/www.notrace.how\">No Trace Project<\/a>: A collection of tools to help anarchists and other rebels understand the capabilities of their enemies, undermine surveillance efforts, and ultimately act without getting caught.<\/li>\n  <li><a href=\"https:\/\/blog.cdemi.io\/never-accept-an-mdm-policy-on-your-personal-phone\/\">Never accept an MDM policy on your personal phone<\/a><\/li>\n  <li><a href=\"https:\/\/ssd.eff.org\">Surveillance Self-Defense<\/a><\/li>\n  <li><a href=\"https:\/\/atlasofsurveillance.org\">Atlas of Surveillance<\/a><\/li>\n  <li><a href=\"https:\/\/github.com\/Anon-Planet\/thgtoa\">The comprehensive guide for online anonymity and OpSec<\/a><\/li>\n  <li><a href=\"https:\/\/awesome-privacy.xyz\">Awesome Privacy<\/a><\/li>\n  <li><a href=\"https:\/\/prism-break.org\/en\/\">Prism Break<\/a><\/li>\n  <li><a href=\"https:\/\/www.wired.com\/story\/the-wired-guide-to-protecting-yourself-from-government-surveillance\/\">The WIRED Guide to Protecting Yourself From Government Surveillance<\/a><\/li>\n  <li><a href=\"https:\/\/xeiaso.net\/talks\/2025\/opsec-and-you\/\">Opsec and you: how to navigate having things to hide<\/a><\/li>\n  <li><a href=\"https:\/\/www.digitalkleptos.com\/p\/this-universal-threat-model-will-help-you-stay-safe-online\">This Universal Threat Model Will Help You Stay Safe Online<\/a><\/li>\n  <li><a href=\"https:\/\/encryptitalready.org\/\">Encrypt it Already<\/a><\/li>\n<\/ul>\n\n<h1 id=\"community\">Community<\/h1>\n\n<p>When you can\u2019t rely on the government or corporations to protect and care for you, you must fallback on your community.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.eff.org\/deeplinks\/2025\/02\/building-community-privacy-plan\">Building a Community Privacy Plan<\/a><\/li>\n  <li><a href=\"https:\/\/csidnet.org\/how-to-build-an-organic-community-inorganically\/\">How to Build an Organic Community\u2026 Inorganically<\/a><\/li>\n<\/ul>\n\n<h6 id=\"support-what-matters\">Support What Matters<\/h6>\n\n<p>While everything in the world seems to be enshittifying and fully capitulating, there are some standouts. Here are some services\/organizations still worth supporting.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Support\">Wikipedia<\/a><\/li>\n  <li>Independent <a href=\"#news\">news outlets<\/a><\/li>\n  <li><a href=\"https:\/\/www.goodsuniteus.com\">Goods Unite Us<\/a>: Search for a brand and see its politics.<\/li>\n<\/ul>\n\n<h1 id=\"other-resources\">Other Resources<\/h1>\n\n<p>Some other resources that may be useful in these times.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/riotmedicine.net\">Riot Medicine<\/a><\/li>\n  <li><a href=\"https:\/\/www.aclu.org\/know-your-rights\/immigrants-rights\">Know Your Rights<\/a><\/li>\n  <li><a href=\"https:\/\/resistance-toolkit.com\">The Resistance Toolkit<\/a><\/li>\n  <li><a href=\"https:\/\/crimethinc.com\/2020\/09\/02\/a-demonstrators-guide-to-gas-masks-and-goggles-everything-you-need-to-know-to-protect-your-eyes-and-lungs-from-gas-and-projectiles\">A Demonstrator\u2019s Guide to Gas Masks and Goggles<\/a><\/li>\n  <li><a href=\"https:\/\/sainthood.xyz\/blog\/posts\/anti-ice-resources\">Anti-ICE Resources<\/a><\/li>\n  <li><a href=\"https:\/\/www.wired.com\/story\/how-to-organize-safely-in-the-age-of-surveillance\/\">How to Organize Safely in the Age of Surveillance<\/a><\/li>\n  <li><a href=\"https:\/\/proton.me\/blog\/how-to-protect-privacy-at-protests\">The Proton guide to privacy at protests<\/a><\/li>\n<\/ul>\n","pubDate":"Thu, 06 Feb 2025 08:19:00 -0500","link":"https:\/\/shellsharks.com\/surviving-the-brave-new-world","guid":"https:\/\/shellsharks.com\/surviving-the-brave-new-world","category":["life","life","blog","list"]},{"title":"Music Questions Challenge","description":"<p>The latest in the IndieWeb community\u2019s <em>blog challenges<\/em> is the <strong>Music Questions Challenge<\/strong>. Similar to the <a href=\"https:\/\/shellsharks.com\/get-to-know-my-blog#title\">last blogging challenge<\/a> I did, it consists of a <a href=\"#music-challenge-questions\">series of questions<\/a> that I\u2019ll answer throughout.<\/p>\n\n<p>I got the idea from <a href=\"https:\/\/flamedfury.com\/posts\/music-questions-challenge\/\">Flamed Fury<\/a> &amp; <a href=\"https:\/\/blog.shrediverse.net\/posts\/music-questions-challenge-repost\">The Shrediverse<\/a> (though no one \u201ctagged\u201d me, I\u2019m goin\u2019 for it anyway).<\/p>\n\n<h1 id=\"music-challenge-questions\">Music Challenge Questions<\/h1>\n<p>Here are the <strong>10<\/strong> questions that make up the \u201c<strong>Music Questions Challenge<\/strong>\u201d.<\/p>\n\n<ol>\n  <li><a href=\"#what-are-five-of-your-favorite-albums\">What are five of your favorite albums?<\/a><\/li>\n  <li><a href=\"#what-are-five-of-your-favorite-songs\">What are five of your favorite songs?<\/a><\/li>\n  <li><a href=\"#favorite-instruments\">Favorite Instrument(s)?<\/a><\/li>\n  <li><a href=\"#what-song-or-album-are-you-current-listening-to\">What song or album are you current listening to?<\/a><\/li>\n  <li><a href=\"#do-you-listen-to-the-radio-if-so-how-often\">Do you listen to the radio? If so, how often?<\/a><\/li>\n  <li><a href=\"#how-often-do-you-listen-to-music\">How often do you listen to music?<\/a><\/li>\n  <li><a href=\"#how-often-do-you-discover-music-and-how-do-you-discover-music\">How often do you discover music? And how do you discover music?<\/a><\/li>\n  <li><a href=\"#what-song-or-album-are-you-current-listening-to\">What\u2019s a song or album that you enjoy that you wish had more recognition?<\/a><\/li>\n  <li><a href=\"#whats-your-favourite-song-of-all-time\">What\u2019s your favourite song of all time?<\/a><\/li>\n  <li><a href=\"#has-your-taste-in-music-evolved-over-the-years\">Has your taste in music evolved over the years?<\/a><\/li>\n<\/ol>\n\n<hr \/>\n\n<h1 id=\"what-are-five-of-your-favorite-albums\">What are five of your favorite albums?<\/h1>\n\n<p>I recently wrote about my \u201c<a href=\"https:\/\/shellsharks.com\/notes\/2024\/09\/13\/zero-skip-albums\">Zero-skip albums<\/a>\u201d, but though I like each song on those albums, that doesn\u2019t <em>necessarily<\/em> make them my favorite. Though there is plenty of cross-over between that list and the one below. Here\u2019s my five favorites (in no particular order)\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/album.link\/us\/i\/528436018\">Hybrid Theory<\/a>, <strong>Linkin Park<\/strong>: <strong>THE<\/strong> formative music for me. I still love it the same as I did in like middle school.<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1463553489\">A Night at the Opera<\/a>, <strong>Blind Guardian<\/strong>: If you like power metal (and you should), <em>this<\/em> is the band you should listen to. This album is haunting and beautiful.<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/365400149\">In Keeping Secrets of Silent Earth: 3<\/a>, <strong>Coheed and Cambria<\/strong>: First heard this in highschool. Coheed is one of my favorite artists of all time and this is my favorite of their albums.<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1612119036\">Jackpot Juicer<\/a>, <strong>Dance Gavin Dance<\/strong>: I love every song on this album just-about. It\u2019s one of my go-tos for working out too.<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1049014094\">Close to the Edge<\/a>, <strong>Yes<\/strong>: I went through a <em>big<\/em> Yes phase around my college years. This album was on constant repeat. I don\u2019t listen to it nearly as much nowadays, but it forever remains in my top albums list.<\/li>\n<\/ul>\n\n<p>Some honorable mentions\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1049017157\">The Yes Album<\/a>, Yes<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/104575301\">Us Against the Crown<\/a>, State Radio<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/192898041\">Gravity<\/a>, Our Lady Peace<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/158537764\">Happiness\u2026Is Not a Fish That You Can Catch<\/a>, Our Lady Peace<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1440736868\">Deloused in the Comatorium<\/a>, The Mars Volta<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1647226960\">Treehouse<\/a>, I See Stars<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1030144485\">Believe<\/a>, Disturbed<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/617154241\">Random Access Memories<\/a>, Daft Punk<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1500769750\">The Afterman: Descension<\/a>, Coheed and Cambria<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/266363140\">No World for Tomorrow<\/a>, Coheed and Cambria<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/307654866\">Good Apollo I\u2019m Burning Star IV<\/a>, Coheed and Cambria<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/1440871444\">Saturate<\/a>, Breaking Benjamin<\/li>\n  <li><a href=\"https:\/\/album.link\/us\/i\/187454164\">Make Yourself<\/a>, Incubus<\/li>\n<\/ul>\n\n<h1 id=\"what-are-five-of-your-favorite-songs\">What are five of your favorite songs?<\/h1>\n\n<p><em>Ooph<\/em>, choosing just five is tough. But here goes\u2026 (will save my #1 favorite <a href=\"#whats-your-favourite-song-of-all-time\">for later<\/a>, so there\u2019s a bonus here.)<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/song.link\/us\/i\/579377477\">No Leaf Clover<\/a>, <strong>Metallica<\/strong><\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/365400459\">In Keeping Secrets of Silent Earth: 3<\/a>, <strong>Coheed and Cambria<\/strong><\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1389971322\">Civil War<\/a>, <strong>Guns &amp; Roses<\/strong><\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/1460726104\">And Then There Was Silence<\/a>, <strong>Blind Guardian<\/strong><\/li>\n  <li><a href=\"https:\/\/song.link\/us\/i\/604865358\">Close to the Edge<\/a>, <strong>Yes<\/strong> (The <a href=\"https:\/\/album.link\/us\/i\/604864905\">Yessongs<\/a> <em>Live<\/em> version)<\/li>\n<\/ul>\n\n<h1 id=\"favorite-instruments\">Favorite Instrument(s)?<\/h1>\n\n<p>I guess probably <strong>guitar<\/strong>.<\/p>\n\n<h1 id=\"what-song-or-album-are-you-current-listening-to\">What song or album are you current listening to?<\/h1>\n\n<p>Most recently I\u2019ve been listening to the Weeknd\u2019s new album, <strong><a href=\"https:\/\/album.link\/us\/i\/1793654348\">Hurry Up Tomorrow<\/a><\/strong>. But since writing this piece I\u2019ve been listening to various of my favorites listed throughout this piece. At this <em>exact<\/em> moment, I\u2019m listening to <a href=\"https:\/\/song.link\/us\/i\/604865358\">Close To The Edge<\/a>.<\/p>\n\n<h1 id=\"do-you-listen-to-the-radio-if-so-how-often\">Do you listen to the radio? If so, how often?<\/h1>\n\n<p><strong>Nope.<\/strong> Though I do listen to Apple Music \u201cradio stations\u201d from time to time to <a href=\"#how-often-do-you-discover-music-and-how-do-you-discover-music\">discover new music<\/a>.<\/p>\n\n<h1 id=\"how-often-do-you-listen-to-music\">How often do you listen to music?<\/h1>\n\n<p><strong>Every day<\/strong>, multiple times a day. I\u2019ll listen to music while I work, while I clean up around the house, and (<em>loudly<\/em>) when I work out.<\/p>\n\n<h1 id=\"how-often-do-you-discover-music-and-how-do-you-discover-music\">How often do you discover music? And how do you discover music?<\/h1>\n\n<p>Not as often as I should. I go through spurts of discovery a few times a year at best. I primarly discover music through Apple Music stations that I create based on other music I like. Though I\u2019ve been increasingly discovering music via social media. Shoutout to <a href=\"https:\/\/dmv.community\/@jcrabapple\">@jcrabapple<\/a>!<\/p>\n\n<h1 id=\"whats-a-song-or-album-that-you-enjoy-that-you-wish-had-more-recognition\">What\u2019s a song or album that you enjoy that you wish had more recognition?<\/h1>\n\n<p>This is an interesting question for me. Honestly I don\u2019t have a great sense of what songs\/albums\/artists have what recognition. The album <strong><a href=\"https:\/\/album.link\/us\/i\/1443510204\">From One<\/a><\/strong> by <strong>Ra<\/strong> is amazing and I really have never heard of anyone talk about this artist before. <em>Go listen to it!<\/em><\/p>\n\n<h1 id=\"whats-your-favourite-song-of-all-time\">What\u2019s your favourite song of all time?<\/h1>\n\n<p>This one was painfully tough. But I gotta go with <strong><a href=\"https:\/\/song.link\/us\/i\/580708180\">Stairway<\/a><\/strong>.<\/p>\n\n<h1 id=\"has-your-taste-in-music-evolved-over-the-years\">Has your taste in music evolved over the years?<\/h1>\n\n<p>In some ways yes, in other ways eh\u2026 I have a huge music library and enjoy <em>a lot<\/em> of different things. But when it comes to music I <em>actually<\/em> put on and listen to, my taste has been the same for a decent while now. I previously wrote about <a href=\"https:\/\/shellsharks.com\/notes\/2024\/05\/15\/nostalgia-music\">music that is particularly nostalgic for me<\/a>, but this doesn\u2019t necssarily reflect all I was listening to throughout the years. An attempt to \u201csum up\u201d my music taste(s) throughout the years is below\u2026<\/p>\n\n<ul>\n  <li><strong>Pre-High School<\/strong>: Linkin Park, Papa Roach and similar stuff.<\/li>\n  <li><strong>High School<\/strong>: Coheed and Cambria, In Flames, other death metal, Led Zeppelin, Lots of classic rock<\/li>\n  <li><strong>College<\/strong>: Yes, State Radio<\/li>\n  <li><strong>Post-College-Now<\/strong>: I find myself listening to a lot of rock and metal, so pretty similar to how it\u2019s always beeen. Notably less classic rock in my routine listening fwiw.<\/li>\n<\/ul>\n\n<hr width=\"50%\" \/>\n\n<p>Next up, I challenge\/tag <a href=\"https:\/\/mkultra.monster\">CMDR Nova<\/a> &amp; <a href=\"https:\/\/www.vzqk50.com\/whoami\/\">Apis Necros<\/a>!<\/p>\n","pubDate":"Tue, 04 Feb 2025 08:47:00 -0500","link":"https:\/\/shellsharks.com\/music-questions-challenge","guid":"https:\/\/shellsharks.com\/music-questions-challenge","category":["life","music","challenge","life","blog"]},{"title":"Hold the line! Stay with me!","description":"<p>I first learned about, and joined <a href=\"https:\/\/joinmastodon.org\">Mastodon<\/a> (and thus the <a href=\"https:\/\/www.fediverse.to\">Fediverse<\/a>) back in August of 2018. I joined <a href=\"https:\/\/mastodon.social\">Mastodon.Social<\/a> (of course), and the now defuct <a href=\"https:\/\/ashfurrow.com\/blog\/mastodon-technology-shutdown\/\">Mastodon.Technology<\/a>. I toyed around with the app, tried to follow a few things, but didn\u2019t honestly spend much time learning about what it was, why it was interesting, what <a href=\"https:\/\/activitypub.rocks\">ActivityPub<\/a> is, what the Fediverse is, etc\u2026 I just kept on using Twitter, though even back then I was not what you would call a heavy Twitter user. I never tried to really socialize there, rather I followed a bunch of infosec accounts and that\u2019s about it. In 2019 I established my blog and used that to post a lot of my thoughts online but it wasn\u2019t until much later that I learned about the <a href=\"https:\/\/shellsharks.com\/indieweb\">IndieWeb<\/a> and how it important that is for my online identity and as a place for my writing. I re-joined Mastodon in earnest in November of 2022 and established my <a href=\"https:\/\/shellsharks.com\/own-my-social#title\">shellsharks.social<\/a> instance in March of 2024. It was only shortly after re-joining in 2022 though that I had the thought - \u201cdamn, I wish I had stuck with Mastodon for the last 4 years and had worked to build and grow my community here\u201d.<\/p>\n\n<p>I\u2019m not really a content creator, at least not in the sense that I make stuff to profit from it, or to build any sort of clout. Sure, I\u2019d like people to read and tell me what they think, so that I can improve, but it\u2019s not like I\u2019m on social media trying to amass followers for the typical reasons. I like the folks I\u2019ve met since being on Mastodon\/the Fediverse. I\u2019ve spent quite a bit of time making new friends, curating my feeds and learning about cool stuff, like the Fediverse, and like the IndieWeb. I wish I had never left. So now <a href=\"https:\/\/shellsharks.com\/notes\/2024\/11\/15\/cloudy-with-a-chance-of-not-enshittifying\">Bluesky is a thing<\/a>. Threads is also around (though they claim they will <a href=\"https:\/\/engineering.fb.com\/2024\/03\/21\/networking-traffic\/threads-has-entered-the-fediverse\/\">federate<\/a>). I\u2019m staying put. I think you should too. But I completely understand if you want to go elsewhere. I do think the day will come though. Maybe in 4 years, maybe longer, that people will come back here and say \u201cdamn, I wish I had stuck with Mastodon\u201d.<\/p>\n\n<p>So\u2026 <a href=\"https:\/\/www.youtube.com\/shorts\/KetzG3D4J64\">Hold the line. Stay with me!<\/a><\/p>\n","pubDate":"Mon, 18 Nov 2024 12:41:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2024\/11\/18\/hold-the-line-stay-with-me","guid":"https:\/\/shellsharks.com\/notes\/2024\/11\/18\/hold-the-line-stay-with-me","category":["life","social"]},{"title":"Cloudy with a chance of not enshittifying","description":"<p>One of the more prevalent topics of conversation on social media is - <strong>social media itself<\/strong>. Not sure if it\u2019s really always been this way, but in the wake of the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Acquisition_of_Twitter_by_Elon_Musk\">Musk-ening of Twitter<\/a> that birthed (or rekindled) <a href=\"https:\/\/www.theverge.com\/23429095\/twitter-social-network-alternatives-mastodon-reddit-tumblr-cohost\">so many other social platforms<\/a>, my feed(s) are constantly a-buzz with hot-takes, analyses, <a href=\"https:\/\/shellsharks.com\/notes\/2024\/02\/23\/exhausted-by-social-platform-cheerleading\">cheerleading<\/a> and more, all about social media itself. So, to add to that, here\u2019s some <em>musings<\/em> on what\u2019s goin\u2019 on in the social media landscape right now\u2026<\/p>\n\n<hr \/>\n\n<h1 id=\"bluesky\">Bluesky<\/h1>\n\n<p>Let\u2019s start with <a href=\"https:\/\/bsky.app\">Bluesky<\/a>. For whatever reason (probably <a href=\"https:\/\/www.euronews.com\/culture\/2024\/11\/13\/how-the-us-election-result-is-pushing-social-media-users-away-from-x-and-onto-bluesky\">anti-\u201cX\u201d sentiment<\/a> following the US election), <a href=\"https:\/\/www.theverge.com\/2024\/11\/11\/24293920\/bluesky-700000-new-users-week-x-threads\">Bluesky is seeing a surge in new users<\/a>. I\u2019ve experienced this first-hand in fact. I have a <a href=\"https:\/\/bsky.app\/profile\/shellsharks.com\">Bluesky account<\/a> and (probably thanks to a <a href=\"#on-starter-packs\">Starter Pack<\/a> or two that I am in) I have seen a ton of follows lately, nearly 1k+ in the past few days alone. This has unsurprisingly resulted in a lot of chatter on my Mastodon\/Fedi feeds about Bluesky. A fair bit of, \u201c<em>Bluesky looks cool, I\u2019m going to check it out<\/em>\u201d, \u201c<em>I\u2019m going to move over to Bluesky permanently<\/em>\u201d and of course, stuff like \u201c<em>Bluesky is a VC-funded, faux-decentralized bad place that will enshittify and fail in the same way Twitter did<\/em>\u201d. <em>Yeah<\/em>, <a href=\"#bluesky-emotions\">people are hot about it<\/a>.<\/p>\n\n<p>At a surface level, I understand. People want <em>their<\/em> network to \u201cwin\u201d. They want the people they care about to be on the same network they are, not fragmented. They also don\u2019t want to have to pick up and move to another place and rebuild their community, etc\u2026 <em>I get it<\/em>. There\u2019s a lot I <em>could<\/em> say about Bluesky, and maybe one day I might say more, but for the sake of this note, I\u2019ll limit things to a few select topics\u2026<\/p>\n\n<ul>\n  <li><a href=\"#bluesky-emotions\">Negative emotions regarding folks going to Bluesky<\/a><\/li>\n  <li><a href=\"#jack-dorsey\">Jack Dorsey<\/a><\/li>\n  <li><a href=\"#vc-backed\">Bluesky funding<\/a><\/li>\n  <li><a href=\"#is-bluesky-decentralized\">Is Bluesky decentralized?<\/a><\/li>\n  <li><a href=\"#what-i-think-you-should-do\">What I think you should do<\/a><\/li>\n  <li><a href=\"#bridgy-fed\">Bridgy Fed<\/a><\/li>\n  <li><a href=\"#on-starter-packs\">Starter Packs<\/a><\/li>\n<\/ul>\n\n<h2 id=\"bluesky-emotions\">Bluesky Emotions<\/h2>\n\n<p>Bluesky is <a href=\"https:\/\/www.theverge.com\/2024\/11\/11\/24293920\/bluesky-700000-new-users-week-x-threads\">popping off<\/a>, people are leaving X en-masse it seems, and there are some who are also leaving Threads and Mastodon to \u201clive\u201d there too. So you have those on Bluesky cheering that they\u2019ve \u201cwon\u201d, or that they\u2019ve <a href=\"https:\/\/bsky.app\/profile\/hailey.at\/post\/3lasky252dc2i\">reached the top of the charts<\/a> (on the Apple App Store) and you have those on the fled networks (namely Mastodon) bemoaning that anyone would leave as Bluesky is yet another corpo-owned, <a href=\"#vc-backed\">VC-backed<\/a>, <a href=\"#is-bluesky-decentralized\">centralized<\/a> network, <a href=\"#longevity-of-bluesky\">doomed<\/a> to the same enshittified\/billionaire-owned future as the rest of them. <em>Phew<\/em>! That\u2019s a lot of emotions \u2013&gt; <a href=\"https:\/\/mastodon.social\/@davxy\/113480586904963235\">1<\/a>, <a href=\"https:\/\/infosec.exchange\/@securingdev\/113481633335287189\">2<\/a>, <a href=\"https:\/\/infosec.exchange\/@eric_capuano\/113478260587581071\">3<\/a>, <a href=\"https:\/\/esq.social\/@andrew\/113477122438980886\">4<\/a>, <a href=\"https:\/\/www.threads.net\/@yorush\/post\/DCR0qvBOOdw\">5<\/a>, <a href=\"https:\/\/swecyb.com\/@nopatience\/113482488715466008\">6<\/a>, <a href=\"https:\/\/hachyderm.io\/@davidculley\/113474658103543325\">7<\/a>, <a href=\"https:\/\/universeodon.com\/@cryptadamist\/113472115447080382\">8<\/a>, <a href=\"https:\/\/hackers.town\/@CyberpunkLibrarian\/113483028690175386\">9<\/a>, <a href=\"https:\/\/syzito.xyz\/@Black_Flag\/113486698746459772\">10<\/a>, <a href=\"https:\/\/infosec.exchange\/@timb_machine\/113487227663724826\">11<\/a> and so many more\u2026<\/p>\n\n<p>All of the networks, yes, even \u201cX\u201d have their pros and cons - depending on what you want and who you are. The \u201c<a href=\"https:\/\/fedi.tips\/what-is-mastodon-what-is-the-fediverse\/\">Fediverse<\/a>\u201d, being <em>truly<\/em> decentralized, and not owned or funded by VC\/corporations means it has <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/16\/hark-threaders-the-fediverse-is-good-for-you\">certain qualities<\/a> that many of us value. It also means it lacks certain things that are present in centralized, or better-funded operations such as <a href=\"#threads\">Threads<\/a> or <a href=\"#bluesky\">Bluesky<\/a>.<\/p>\n\n<p>So, you\u2019re interested in joining Bluesky. Should you try it out?<\/p>\n\n<h6 id=\"do-it\">Do it.<\/h6>\n\n<p>If <a href=\"#bluesky\">Bluesky<\/a> is where the action is. If it\u2019s where your friends are. If it\u2019s where the accounts you want to follow are. If it\u2019s where your audience is. Then <strong>go there<\/strong>. <em>Be there<\/em>.<\/p>\n\n<p>Even if you <em>knew<\/em> it would meet the <a href=\"https:\/\/www.theverge.com\/2022\/4\/11\/23019836\/elon-musk-twitter-board-of-directors-news-updates\">same fate as Twitter<\/a> ultimately did, would you not ride that ride for 15 years? For all of Twitter\u2019s faults, even pre-Musk, people <em>loved<\/em> it. Twitter helped birth and incubate countless relationships, communities, businesses and <a href=\"https:\/\/www.theverge.com\/c\/23972308\/twitter-x-death-tweets-history-elon-musk\">more<\/a>. It wasn\u2019t perfect, and it wasn\u2019t forever. But it was great for so many, and for a non-trivial amount of time.<\/p>\n\n<p>Bluesky <em>could<\/em> be this too, for as long as capitalism allows. For many, maybe for most, it would be worth spending 10-15 years there only to meet the same calamitous end rather than homesteading in Fedi-land where yeah, they may achieve true social longevity outside of corporate control but would also sacrifice all they may be able to build in what could amount to a true \u201cTwitter 2.0\u201d.<\/p>\n\n<p>I\u2019m Fedi-first. I like it here. I <em>value<\/em> the <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/16\/hark-threaders-the-fediverse-is-good-for-you\">qualities<\/a> of the Fediverse that no other platform offers. I like that I can own my own instance. I like that I can\u2019t be deplatformed. I like that I don\u2019t see ads. I like that it can\u2019t be taken down by a billionaire or a single government. I like a lot of things about it. I\u2019ve also put the time and effort in to build a community here, to curate a very lively and fulfilling feed. I don\u2019t fault anyone for going to Bluesky. If you like it there, great! I hope I get to see you through <a href=\"#bridgy-fed\">the bridge<\/a>. If you don\u2019t end up liking it there. Well maybe you\u2019ll come back to the Fediverse \u2042.<\/p>\n\n<p>It seems others too are optimistic, even if mildly cautious, about the future of Bluesky. So go ahead, try it out.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/werd.io\/2024\/bluesky-the-fediverse-and-the-future-of-social-media\">Bluesky, the Fediverse, and the future of social media<\/a><\/li>\n  <li><a href=\"https:\/\/www.404media.co\/the-great-migration-to-bluesky-gives-me-hope-for-the-future-of-the-internet\/\">The Great Migration to Bluesky Gives Me Hope for the Future of the Internet<\/a><\/li>\n  <li><a href=\"https:\/\/bsky.app\/profile\/mmasnick.bsky.social\/post\/3lawnzaqaqs2c\">Protocols, Not Platforms\u2026<\/a><\/li>\n<\/ul>\n\n<h2 id=\"longevity-of-bluesky\">Longevity of Bluesky<\/h2>\n\n<p>Those of us telling people to steer clear from Bluesky usually have one or more of the following things to say\u2026<\/p>\n\n<ul>\n  <li>It was founded by <a href=\"#jack-dorsey\">Jack Dorsey<\/a> (<em>yuck!<\/em>)<\/li>\n  <li>It\u2019s <a href=\"#vc-backed\">VC-backed<\/a> (and doesn\u2019t have a long-term funding strategy)<\/li>\n  <li>It\u2019s a <a href=\"#is-bluesky-decentralized\">centralized<\/a> platform<\/li>\n<\/ul>\n\n<h6 id=\"jack-dorsey\">Jack Dorsey<\/h6>\n\n<p>On the Jack Dorsey topic, go listen to this <a href=\"https:\/\/about.flipboard.com\/fediverse\/jay-graber\/\">Dot Social podcast episode<\/a> with Bluesky\u2019s founder and CEO <a href=\"https:\/\/bsky.app\/profile\/jay.bsky.team\">Jay Graber<\/a>. Yes, Dorsey did help fund Bluesky <a href=\"https:\/\/x.com\/jack\/status\/1204766078468911106\">in the beginning<\/a>. But has since <a href=\"https:\/\/www.theguardian.com\/technology\/article\/2024\/may\/07\/jack-dorsey-quits-bluesky-board-urges-users-stay-elon-musk-x-twitter\">cut ties<\/a>, left their board and gone on to twiddle away with <a href=\"https:\/\/nostr.com\">Nostr<\/a> and tell people to stay on X \ud83e\udd37\u200d\u2642\ufe0f. So is his early involvement alone enough to curse the Bluesky project for eternity? I personally don\u2019t think so. But <em>you do you<\/em>.<\/p>\n\n<h6 id=\"vc-backed\">VC-Backed<\/h6>\n\n<p><strong>Yes<\/strong>. Bluesky did recently receive 15 million dollars in a Series A funding round, the majority of that money coming from the VC firm <a href=\"https:\/\/www.blockchaincapital.com\/blog\/bluesky-13m-users-and-growing-our-investment-in-blueskys-re-imagined-social-network\">Blockchain Capital<\/a> (BCAP). What does this mean? <a href=\"https:\/\/bsky.social\/about\/blog\/10-24-2024-series-a\">Bluesky will tell you<\/a> that their new benefactor \u201c<em>shares our philosophy<\/em>\u201d and that neither the Bluesky app, nor underlying <a href=\"https:\/\/atproto.com\">AT Protocol<\/a> uses blockchains and\/or cryptocurrency. That is all well and good. <em>For now<\/em>.<\/p>\n\n<p>I\u2019m no expert on how venture capital works, so excuse me if I say anything incorrect or naive, but my understanding is these firms don\u2019t just <em>give money away<\/em>. They expect high-growth, and they expect a <strong>return<\/strong> on their investment. Even if they have no intention of somehow influencing Bluesky to incorporate any blockchain and\/or cryptocurrency related technologies into the platform, they do at minimum expect Bluesky to make money, and a lot of it. So how will Bluesky do that? Right now they\u2019re early stage. So it\u2019s fine if they don\u2019t have a monetization strategy that can yield the type of growth that BCAP expects. So far, all we know about how they plan to continue funding is <a href=\"https:\/\/bsky.social\/about\/blog\/7-05-2023-business-plan\">this<\/a>. Yeah, selling domain names isn\u2019t going to be enough. Maybe they have some ideas up their sleeves. Or maybe they don\u2019t now, but they will later. <a href=\"https:\/\/bsky.app\/profile\/mmasnick.bsky.social\/post\/3lauwsf4eic27\">Who knows<\/a>.<\/p>\n\n<p>Look at how other similar platforms have made their returns and you start to see the issues. We\u2019ve got selling ads, selling user data, \u201c<a href=\"https:\/\/www.theverge.com\/2024\/10\/24\/24278666\/bluesky-working-on-premium-subscription\">premium<\/a>\u201d subscriptions and worse. Best case scenario (from my perspective), their dream of <strong><a href=\"#is-bluesky-decentralized\">decentralization<\/a><\/strong> will be realized and the costs of running the network will transition to smaller, indepedent entities, thus alleviating the funding burden to a degree. But how will those entities, in turn fund their operations? By the same <a href=\"https:\/\/en.wikipedia.org\/wiki\/Enshittification\">enshitty<\/a> means? Or through crowd-sourced user donations (similar to the Fediverse model)? On this, I\u2019d love to see them thread the needle, and succeed where no other network has yet to. But I (and others) remain skeptical.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/pluralistic.net\/2024\/11\/02\/ulysses-pact\/#tie-yourself-to-a-federated-mast\">Bluesky and enshittification<\/a><\/li>\n  <li><a href=\"https:\/\/toad.social\/@davetroy\/113476788536250587\">Bluesky funding and origins<\/a><\/li>\n  <li><a href=\"https:\/\/blahaj.zone\/notes\/a0mlkrgmas5i01j0\">Concern about Bluesky\u2019s adjaceny to fascism<\/a><\/li>\n  <li><a href=\"https:\/\/merveilles.town\/@lrhodes\/113498554023468458\">VC funding is runway | L. Rhodes<\/a> + <a href=\"https:\/\/destructured.net\/bluesky-enshittification\">Bluesky and enshittification<\/a><\/li>\n<\/ul>\n\n<h6 id=\"is-bluesky-decentralized\">Is Bluesky \u201cDecentralized\u201d<\/h6>\n\n<p>Let\u2019s dig into Bluesky\u2019s <a href=\"https:\/\/bsky.social\/about\/bluesky-and-the-at-protocol-usable-decentralized-social-media-martin-kleppmann.pdf\">claim<\/a> of being \u201cdecentralized\u201d. To start, I\u2019ll say that Bluesky is in no meaningful way decentralized <strong>at the moment<\/strong>. <em>Sure<\/em>, they\u2019ve open sourced <em>some<\/em> stuff to allow you to, in theory, stand up (<a href=\"https:\/\/alice.bsky.sh\/post\/3laega7icmi2q\">most of<\/a>) the infra to have a decentralized node on the network, but no meaningful amount of accounts live outside of the main centralized Bluesky corp-owned stack.<\/p>\n\n<p>But <em>can<\/em> Bluesky <em>be<\/em> decentralized? This is up for debate it seems. There are two parts of this story to me. The <strong>can<\/strong> and the <strong>will<\/strong>. On whether it <em>can<\/em> be decentralized, you\u2019re welcome to peruse the <a href=\"https:\/\/atproto.com\">AT Protocol<\/a> documentation and decide for yourself. Others, smarter and more determined than myself have done this and came away rather, <em>unconvinced<\/em> (read: <a href=\"https:\/\/rys.io\/en\/167.html\">BlueSky is cosplaying decentralization<\/a> &amp; <a href=\"https:\/\/destructured.net\/bluesky-structure\">The structure of the Bluesky network<\/a>). Again, maybe it\u2019s <em>technically<\/em> possible to have truly decentralized stacks that can operate independently (though again, there\u2019s that pesky <a href=\"https:\/\/alice.bsky.sh\/post\/3laega7icmi2q\">AppView<\/a> issue right now).<\/p>\n\n<p>Let\u2019s just <em>assume<\/em> that it is possible. So the question then becomes, <em>will<\/em> people actually do this? Will <em>enough<\/em> people stand up fully-functioning, isolated but connected instances of the entire Bluesky tech stack? This is the more meaningful question I think. As we have seen with the \u201cFediverse\u201d, decentralization can be messy. It requires people understand the technology and be able to correctly build and maintain the necessary infrastructure. It requires folks to then <em>fund<\/em> that infrastructure. <strong>Not easy<\/strong>. In the Bluesky universe, who\u2019s going to do this? Individuals? Communities? Other corporations? What is the incentive? In so many ways, the people who have gravitated <em>to<\/em> Bluesky and other centralized platforms is for no other reason than that it <em>is<\/em> centralized. That <em>is<\/em> the benefit. If Bluesky achieves any meaningful level of decentralization, and that\u2019s a big IF, they will then have the same issues that have plagued the Fediverse, i.e. instance-to-instance incompatibility, fiefdoms, instance closure (due to funding-issues among other things), annoyance around what instance to join, etc\u2026 Sure, Bluesky has solved for some of this with their admittedly great version of portable identity on the network, but I still think any decentralized future for Bluesky will introduce issues, most importantly, issues that prevent Bluesky from ever reaching <em>meaningful<\/em> levels of decentrality.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/bsky.social\/about\/blog\/5-5-2023-federation-architecture\">Federation Architecture Overview<\/a><\/li>\n  <li><a href=\"https:\/\/social.wildeboer.net\/@jwildeboer\/113487613965056474\">Bluesky isn\u2019t decentralized or federated | Jan Wildeboer<\/a><\/li>\n  <li><a href=\"https:\/\/whtwnd.com\/bnewbold.net\/3lbvbtqrg5t2t\">Reply on Bluesky and Decentralization<\/a><\/li>\n<\/ul>\n\n<h2 id=\"what-i-think-you-should-do\">What I Think You Should Do<\/h2>\n\n<p>Alright, so you\u2019re joining <a href=\"#bluesky\">Bluesky<\/a>, or maybe you\u2019re <em>thinking<\/em> about it being your primary social platform. Here\u2019s what I would suggest. <a href=\"#do-it\">Do it<\/a>. <em>Check it out<\/em>! Or let it be your main social point of presence. It\u2019s <em>fine<\/em>. If you like it, then that\u2019s great. But here\u2019s some things you might consider doing in tandem\u2026<\/p>\n\n<h3 id=\"bridgy-fed\">Bridgy Fed<\/h3>\n\n<p><a href=\"https:\/\/fed.brid.gy\">Bridgy Fed<\/a> is an awesome service that among other things, can bridge accounts from the Fediverse to Bluesky and in reverse from Bluesky to the Fediverse. From the Bridgy Fed website, \u201c<em>You can use it to make your profile on one visible in another, follow people, see their posts, and reply and like and repost them. Interactions work in both directions as much as possible<\/em>\u201d. It\u2019s easy to do!<\/p>\n\n<p>Got a fediverse account? Bridge it to Bluesky by following <a href=\"https:\/\/bsky.brid.gy\/bsky.brid.gy\">@bsky.brid.gy@bsky.brid.gy<\/a><\/p>\n\n<p>Got a Bluesky account? Bridge it to the fediverse by following <a href=\"https:\/\/bsky.app\/profile\/ap.brid.gy\">@ap.brid.gy<\/a><\/p>\n\n<p>This means you can live blissfully wherever you like but still participate in and connect with those who are on the other network. It\u2019s easy to do!<\/p>\n\n<h3 id=\"start-a-blog\">Start a blog<\/h3>\n\n<p>I\u2019m an <a href=\"https:\/\/shellsharks.com\/indieweb\">IndieWeb<\/a> enthusiast and <a href=\"https:\/\/shellsharks.com\/you-should-blog\">big proponent<\/a> of everyone having their own website\/blog. But what does that have to do with my choice of social media platform? It boils down to this. Social platforms rise and fall, and when they fall, so too does your account which has likely served as your identity for and on the web. By having a website (or a \u201cblog\u201d), you can anchor your identity to your <em>domain name<\/em> rather than some @twitter.com or @bsky.social or @whatever handle. Bluesky has actually realized this as something that is important and you are able to <a href=\"https:\/\/bsky.social\/about\/blog\/3-6-2023-domain-names-as-handles-in-bluesky\">register a domain name as your actual handle<\/a> on the service. <em>Nice!<\/em> But this only <em>kinda<\/em> helps.<\/p>\n\n<p>Sure, people might now <em>know<\/em> me now as \u201cshellsharks.com\u201d on Bluesky, but if I had no blog, and Bluesky were to go <a href=\"#longevity-of-bluesky\">belly up<\/a>, people wouldn\u2019t be able to find me as I wouldn\u2019t exist anywhere except on Bluesky. But since I <em>do<\/em> have a website, people can continue to find me, connect with me, see what I have to say, etc\u2026 by going to my domain. So sure. Use Bluesky if you want as your main social network. But go buy a domain, register it as your handle on Bluesky and then put <em>something<\/em> on that domain that resolves in a browser so people can find you now and into the future.<\/p>\n\n<h3 id=\"xposting\">XPosting<\/h3>\n\n<p>I see a lot of people suggest cross-posting to those who are thinking of \u201cmoving\u201d to Bluesky. They\u2019ll say, \u201c<em>Hey! instead of just posting to Bluesky, why don\u2019t you post both places?<\/em>\u201d. I personally don\u2019t like this. What I mean is that I think cross-posting comes with a lot of compromises, that for me, and I assume for so many others, doesn\u2019t make it worth it.<\/p>\n\n<p>Cross-posting requires using an app built with this functionality, the ability to sign into multiple platforms. This may just not be the app someone wants to use. Though I will say there are some good options, <a href=\"https:\/\/openvibe.social\">Openvibe<\/a>, <a href=\"https:\/\/croissantapp.com\">Croissant<\/a>, <a href=\"https:\/\/mszpro.com\/sorasns\/\">SoraSNS<\/a>, etc\u2026 Second, in my experience audiences are just, <em>different<\/em> on the different platforms. What you might say on one isn\u2019t necessarily what you would say on the other. So just posting the exact same thing word-for-word across both might not really <em>work<\/em>. It can also be somewhat <em>impersonal<\/em>. So now there is the mental overhead of tweaking posts across each or deciding when you want to x-post or not. Posting across multiple networks also means fielding replies across both. Again, more work. We all arguably spend too much time already on social media, just on one platform, much less trying to juggle communities and relationships across both.<\/p>\n\n<p>So yeah, maybe cross posting is something you can do, or would like to do. But I certainly wouldn\u2019t fault you for not doing it.<\/p>\n\n<h2 id=\"on-starter-packs\">On Starter Packs<\/h2>\n\n<p>A <em>very<\/em> popular feature of Bluesky is their <a href=\"https:\/\/bsky.social\/about\/blog\/06-26-2024-starter-packs\">Starter Pack<\/a>. It\u2019s basically a list of accounts you can give a name and people can peruse those lists, following individual accounts or clicking \u201cFollow All\u201d to follow everyone in the pack. It\u2019s extremely easy to use, easy to create and at first glance, a great way to build your network and improve discoverability. Or so I thought\u2026<\/p>\n\n<p>In the past 72 hours I\u2019ve gone from like 200 followers to ~1.2k followers. I\u2019m almost <em>certain<\/em> this is because of my placement in a popular starter pack or two. <em>Awesome right<\/em>? More people will see what I post and might respond to me. But has it worked out that way? Hard to say, and engagement is a tricky thing to scientifically evaluate, but I don\u2019t really think it\u2019s having that effect. What I <em>think<\/em> is happening, and what I <em>know<\/em> I\u2019ve personally done, is just blindly follow everyone in a given pack with no real evaluation. I think this has a devaluing effect on my feed.<\/p>\n\n<p>Maybe I\u2019m just used to the highly curated aspect of my Fedi feed. But damnit if that feed on Mastodon isn\u2019t <em>extremely<\/em> high fidelity. It should be right? I\u2019ve hand selected every account I follow through somewhat rigorous means. Not just willy-nilly following 80 people in one fell swoop. What happens is this, for lack of a better word, junks up the feed. I\u2019m someone who likes to read through my timeline, see what everyone has said. But on Bluesky, thanks to the fact that timeline position, when refreshed, sends you to the top, and the effects of these starter packs, I find that my feed is just an unruly mess that I can\u2019t stay on top of and as a result find less interesting. Then, frustrated with my \u201cFollowing\u201d feed, I\u2019ll check out the default algorithmic \u201cDiscover\u201d feed, which tends to just be memes and \u201cbig accounts\u201d - <em>yawn<\/em>.<\/p>\n\n<p>Another set of pitfalls I see with starter packs is ongoing management and redundancies. In just a few short days I\u2019ve seen quite a few \u201cInfosec\u201d starter packs pop up. If you\u2019re an infosec person, and you want to be featured in the pack, which do you choose? Which will be the \u201cpopular\u201d ones? Who created the pack? Will they keep it up-to-date? Do you feel comfortable pinging someone asking to be included in a pack? Will it become a popularity contest? I don\u2019t know how to answer or really analyze much of this at this point, but I just see potential issues. That said, I still think it\u2019s a great idea and does make following a lot of accounts a lot easier. Generic packs like \u201cinfosec\u201d might be hard to maintain and be extremely unruly (100\u2019s of people) but smaller, more focused packs, e.g. writers at <a href=\"https:\/\/bsky.app\/start\/did:plc:cjfcz3t36f6nrprarkhkycxo\/3laojwpjit62a\">404 Media<\/a> are perfect!<\/p>\n\n<hr \/>\n\n<h1 id=\"threads\">Threads<\/h1>\n\n<p>If you\u2019re going to talk social media, it\u2019s hard to ignore <a href=\"https:\/\/about.fb.com\/news\/2023\/07\/introducing-threads-new-app-text-sharing\/\">Threads<\/a>. Afterall, Threads still boasts over 200 million users and has 10\u2019s of millions of daily active users (<a href=\"https:\/\/explodingtopics.com\/blog\/threads-users\">src<\/a>). Contrast that with <a href=\"#bluesky\">Bluesky<\/a> or Mastodon\u2019s relatively paltry sub-20m total users each. But Threads is flagging. People are unhappy with the choices the leadership\/development teams have continued to make around <a href=\"https:\/\/www.theverge.com\/2024\/10\/9\/24266096\/instagram-threads-moderation-account-post-deleted-limited\">algorithmic choices<\/a> and more. I don\u2019t use Threads much. I feel the same about Threads as I do Bluesky for the most part. If you like it there, and its where your \u201cpeople\u201d are, then <a href=\"#do-it\">be there<\/a>. It has some of the same, and some different risks as Bluesky, but whatever.<\/p>\n\n<p>The <em>interesting<\/em> wrinkle with Threads is the ongoing <a href=\"https:\/\/engineering.fb.com\/2024\/03\/21\/networking-traffic\/threads-has-entered-the-fediverse\/\">implementation of ActivityPub<\/a>. Currently, Threads users who decide to opt in to the \u201c<a href=\"https:\/\/help.instagram.com\/760878905943039\">Fediverse sharing<\/a>\u201d beta can enjoy a very half-baked, but not entirely useless form of federation that allows users on the \u201ctraditional\u201d fediverse to see and even reply to posts you make natively on Threads. Actually <em>kinda cool<\/em>. You can\u2019t yet follow native Fediverse users from Threads, but in theory that is coming in the not too distant future. I think if this ever does materialize, and does so in a non-compromising way, it will be a feature that gives those on Threads a real benefit over those on Bluesky. Afterally, the <a href=\"#bridgy-fed\">Bridgy Fed<\/a>, Bluesky &lt;\u2013&gt; Fedi bridge is cool, but comes with plenty of compromises as it would compare to true Federation.<\/p>\n\n<hr \/>\n\n<h1 id=\"the-future\">The Future<\/h1>\n\n<p>I can\u2019t see the future. Who knows what will happen. But there is a non-zero chance that <a href=\"#bluesky\">Bluesky<\/a> fails to truly <a href=\"#is-bluesky-decentralized\">decentralize<\/a>, and the main\/centralized instance of the platform is forced to <a href=\"https:\/\/www.wired.com\/story\/tiktok-platforms-cory-doctorow\/\">enshittify<\/a> in some disastrous way. Simultaneously, (in this same timeline) <a href=\"#threads\">Threads<\/a> has continued to decline in user experience thanks to an increasingly heavy-handed algorithm, inability to moderate spam accounts and overpopulation of corporate or advertising-related posts\/accounts. Where do people go? Will they stay on those centralized platforms, accepting the compromises for what they are and muddle through? Will a new shiny platform pop up and people go there? What will it take for the \u201c<a href=\"https:\/\/fediverse.info\">Fediverse<\/a>\u201d to get real traction? What features do we need? What cultural shift needs to happen? What big \u201ccelebrity\u201d accounts would need to set up shop here? I can\u2019t say. I think improving discoverability by copying some of Bluesky\u2019s popular features, namely <a href=\"https:\/\/docs.bsky.app\/docs\/starter-templates\/custom-feeds\">custom feeds<\/a> (opt-in algos) and <a href=\"#on-starter-packs\">starter packs<\/a> could really help. I also think improving the identity model, also similar to how Bluesky has done it by being <a href=\"https:\/\/bsky.social\/about\/blog\/4-28-2023-domain-handle-tutorial\">domain backed<\/a>, could also help. Beyond that, moderation improvements and instance choice\/onboarding could use a freshen-up to help people feel less intimidated by joining.<\/p>\n\n<p>An exciting time to be sure!<\/p>\n\n<h3 id=\"more\">More<\/h3>\n<ul>\n  <li><a href=\"https:\/\/america2.news\/without-sky-social-media-and-the-end-of-reality\/\">Without Sky: Social Media and the End of Reality<\/a><\/li>\n<\/ul>\n","pubDate":"Fri, 15 Nov 2024 12:42:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2024\/11\/15\/cloudy-with-a-chance-of-not-enshittifying","guid":"https:\/\/shellsharks.com\/notes\/2024\/11\/15\/cloudy-with-a-chance-of-not-enshittifying","category":["life","social"]},{"title":"Zero-skip albums","description":"<p>My Zero-Skip albums\u2026<\/p>\n\n<ul>\n  <li>A Night At The Opera, Blind Guardian<\/li>\n  <li>basically any Breaking Benjamin album<\/li>\n  <li>In Keeping Secrets of Silent Earth: 3, Coheed and Cambria<\/li>\n  <li>Good Apollo I\u2019m Burning Star IV, Coheed and Cambria<\/li>\n  <li>Jackpot Juicer, Dance Gavin Dance<\/li>\n  <li>To Speak To Listen, Eidola<\/li>\n  <li>A Crow Left of the Murder, Incubus<\/li>\n  <li>Hybrid Theory, Linkin Park<\/li>\n  <li>Waiter: \u201cYou Vultures\u201d, Portugal. The Man<\/li>\n  <li>Close to the Edge, Yes<\/li>\n  <li>The Yes Album, Yes<\/li>\n<\/ul>\n","pubDate":"Fri, 13 Sep 2024 21:36:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/09\/13\/zero-skip-albums","guid":"https:\/\/shellsharks.com\/notes\/2024\/09\/13\/zero-skip-albums","category":["life","music","list"]},{"title":"Favorite fedi artists","description":"<p>Tracking my favorite artists and artistic accounts from the Fediverse. Their work brightens my feed and makes the scroll so much more enjoyable.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/mastodon.art\/@hbtyson\">@hbtyson<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.art\/@nicolasgouny@mastodon.social\">@nicolasgouny<\/a><\/li>\n  <li><a href=\"https:\/\/mstdn.ca\/@atomicker\">@atomicker<\/a><\/li>\n  <li><a href=\"https:\/\/mas.to\/@harriorrihar\">@harriorrihar<\/a><\/li>\n  <li><a href=\"https:\/\/ohai.social\/@hypnogoria\">@hypnogoria<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.art\/@StuntmAEn_Bob\">@StuntmAEn_Bob<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.social\/@tinimalina\">@tinimalina<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.social\/@nicolasgouny\">@nicolasgouny<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.social\/@seigfriedsgallery\">@seigfriedsgallery<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.art\/@shaferbrown\">@shaferbrown<\/a><\/li>\n  <li><a href=\"https:\/\/mas.to\/@littlebitspace\">@littlebitspace<\/a><\/li>\n  <li><a href=\"https:\/\/mstdn.social\/@manyfaceted\">@manyfaceted<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.art\/@Rappenem\">@Rappenem<\/a><\/li>\n  <li><a href=\"https:\/\/oekakiskey.com\/@iseebinokathi\">@iseebinokathi<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.art\/@sygnin\">@sygnin<\/a><\/li>\n<\/ul>\n\n<p>Give them a follow if you want your feed to have a bit more color!<\/p>\n","pubDate":"Fri, 30 Aug 2024 10:03:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/08\/30\/favorite-fedi-artists","guid":"https:\/\/shellsharks.com\/notes\/2024\/08\/30\/favorite-fedi-artists","category":["life","art","list"]},{"title":"36 things","description":"<p>A list of <strong>36<\/strong> assorted things\u2026<sup>1<\/sup><\/p>\n\n<ol>\n  <li>\n    <p>All sushi rolls taste the same to me. All good though.<\/p>\n  <\/li>\n  <li>\n    <p>The NBA Playoffs are the best professional sports playoffs format.<\/p>\n  <\/li>\n  <li>\n    <p>Pokemon Crystal was the best pokemon game. Nintendo should have stopped making new Pokemon after Gen 2 and put effort into making better games, not more creatures.<\/p>\n  <\/li>\n  <li>\n    <p>Work + Going to the gym + Being a father + Podcasting + Blogging + Doing infosec training is HARD to pull off simultaneously.<\/p>\n  <\/li>\n  <li>\n    <p>Scrubs is the best comedy TV show of all time.<\/p>\n  <\/li>\n  <li>\n    <p>I\u2019m glad I steered my blogging topics into more personal things and not just professional \/ infosec writing.<\/p>\n  <\/li>\n  <li>\n    <p>Going from two kids to three kids changes A LOT logistically. I\u2019m finding it harder to understand how people manage it. How do you fit them into a normal car? Now I need a bigger house. How do you put three kids to bed? The list goes on\u2026<\/p>\n  <\/li>\n  <li>\n    <p>\u201cAI\u201d isn\u2019t going to work out. At least not the way AI proponents think. It isn\u2019t going to be the revolution they think it will be. It just doesn\u2019t work universally for all things the way they want it to. I\u2019m not saying it doesn\u2019t do <em>some<\/em> things very well, just that those usecases are more edgecases - things that the general population do not get value from.<\/p>\n  <\/li>\n  <li>\n    <p>I\u2019m 36. The retirement age in the US is 67. I\u2019ve got 31 years left to work. That\u2019s a loooong time.<\/p>\n  <\/li>\n  <li>\n    <p>I love to play basketball. Not sure how much longer I can continue to play competitive pick-up but I\u2019m going to keep doing it until I can\u2019t.<\/p>\n  <\/li>\n  <li>\n    <p>Another thing on \u201cAI\u201d. I really dislike that \u201cintelligence\u201d is in the name. There\u2019s nothing intelligent (as it relates to human intelligence) about it. Look at the art it produces, the prose it generates - cold and artificial. Look at the mistakes it makes, its confabulations, inhuman and wholly unintelligent.<\/p>\n  <\/li>\n  <li>\n    <p>I\u2019m not a hat person. Kinda wish I was.<\/p>\n  <\/li>\n  <li>\n    <p>Putting on weight, specifically muscle-weight is kinda hard.<\/p>\n  <\/li>\n  <li>\n    <p>Moving off of Gmail takes a lot of effort. So much is tied to your email account over the years\/decades.<\/p>\n  <\/li>\n  <li>\n    <p>My Masters diploma lives in a tube. Not sure what I should do with it.<\/p>\n  <\/li>\n  <li>\n    <p>I really quite liked season 1 of the Rings of Power TV show. Looking forward to season 2.<\/p>\n  <\/li>\n  <li>\n    <p>I wish I had started a blog long before 2019. But I\u2019m glad I got goin\u2019 with it when I did instead of putting it off even further.<\/p>\n  <\/li>\n  <li>\n    <p>I started drinking coffee during the pandemic. I never <em>needed<\/em> coffee before and was proud of that fact. Now I fear I\u2019ve developed an addiction I do not want to lose.<\/p>\n  <\/li>\n  <li>\n    <p>I need to go hiking more. I look forward to the future when I can reliably bring my kids out.<\/p>\n  <\/li>\n  <li>\n    <p>Since I started working out about a year and a half ago I\u2019ve drank A LOT less beer. I don\u2019t miss it, and it\u2019s had an impact on my wallet too!<\/p>\n  <\/li>\n  <li>\n    <p>Any money I\u2019ve saved by drinking less alochol has been blown up by the amount of yogurt, milk, almond butter, frozen fruit, bananas and protein powder I\u2019ve consumed in my daily smoothies.<\/p>\n  <\/li>\n  <li>\n    <p>Trackpad &gt; Mouse<\/p>\n  <\/li>\n  <li>\n    <p>I don\u2019t know how people can sleep not on their back.<\/p>\n  <\/li>\n  <li>\n    <p>A lot of people lament the fall of Twitter. I think the death of Twitter has been an amazing catalyst for the open web and it is joyous.<\/p>\n  <\/li>\n  <li>\n    <p>I have an old iMac that doesn\u2019t support the latest versions of MacOS. Need to figure out something to do with it\u2026<\/p>\n  <\/li>\n  <li>\n    <p>Saw my first Cybertruck the other day. Truly bizarre.<\/p>\n  <\/li>\n  <li>\n    <p>Going to try to teach my son how to swim this summer. He\u2019s 3. Will be fun!<\/p>\n  <\/li>\n  <li>\n    <p>I wonder how long this 2019 Mac Pro will last me. I wonder how long Apple will support it with updates.<\/p>\n  <\/li>\n  <li>\n    <p>11 days left in <a href=\"https:\/\/shellsharks.com\/notes\/2024\/04\/30\/weblogpomo-2024\">weblogpomo2024<\/a>. Now it gets tough\u2026<\/p>\n  <\/li>\n  <li>\n    <p><a href=\"https:\/\/www.youtube.com\/watch?v=PHVkLOmBWU8\">Golgotha Compendium: Fifth Temple<\/a> is a great song.<\/p>\n  <\/li>\n  <li>\n    <p>Seattle is my favorite US city I\u2019ve been to.<\/p>\n  <\/li>\n  <li>\n    <p>Advice: Get in shape before you\u2019re in your 30\u2019s and have kids \/ responsibilities.<\/p>\n  <\/li>\n  <li>\n    <p>Get a rice cooker. Game changer.<\/p>\n  <\/li>\n  <li>\n    <p>Go buy yourself a domain if you don\u2019t have one. <em>Do it!<\/em><\/p>\n  <\/li>\n  <li>\n    <p>I need to set up my Stream Deck (again).<\/p>\n  <\/li>\n  <li>\n    <p>Impostor syndrome is unshakeable. So stop shaking, you\u2019re in good company.<\/p>\n  <\/li>\n<\/ol>\n\n<p><sup>1<\/sup> (<em>Inspired by <a href=\"https:\/\/niclake.me\/35\/\">nic lake<\/a><\/em>.)<\/p>\n","pubDate":"Mon, 20 May 2024 12:47:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/05\/20\/36-things","guid":"https:\/\/shellsharks.com\/notes\/2024\/05\/20\/36-things","category":["life","weblogpomo2024","blogpomo"]},{"title":"Bowser's crimes","description":"<p>In a <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/03\/super-mario-wonder\">previous note<\/a>, I grumped a bit about how low-stakes the <a href=\"https:\/\/supermariobroswonder.nintendo.com\/\">Super Mario Wonder<\/a> plot is, specifically, how much of a nothing-burger Bowser\u2019s actions were. So I decided to go back through the history of Mario games and list Bowser\u2019s various crimes (attempted and successful) below\u2026<\/p>\n\n<ul>\n  <li><strong>Super Mario Bros<\/strong> - Invades Mushroom Kingdom, Kidnaps Princess Toadstool, transfigures the Toads<\/li>\n  <li><strong>Super Mario Bros 2<\/strong> - N\/A. No mention of Bowser<\/li>\n  <li><strong>Super Mario Land<\/strong> - N\/A. No mention of Bowser<\/li>\n  <li><strong>Super Mario Bros 3<\/strong> - Seeks to conquer Mushroom World, steals magical wands, transfigures toad kings<\/li>\n  <li><strong>Super Mario World<\/strong> - Invasion (of Dinosaur Land), kidnapping (Princess Toadstool of course)<\/li>\n  <li><strong>Super Mario RPG<\/strong> - Kidnaps Princess Peach (but redeems himself by joining forces with Mario to defeat Smithy &amp; gang)<\/li>\n  <li><strong>Super Mario 64<\/strong> - Kidnaps Peach, steals Power Stars<\/li>\n  <li><strong>Super Mario Sunshine<\/strong> - Lying (Bowser told Bowser Jr. that Peach is his mother so Bowser Jr. does crimes\u2026)<\/li>\n  <li><strong>New Super Mario Bros<\/strong> - N\/A (only Bowser Jr. seems to appear)<\/li>\n  <li><strong>Super Mario Galaxy<\/strong> - Attacking with airships, stealing Power Stars, kidnapping Peach, wrecklessly creating unstable galaxies that seek to destroy Mario\u2019s reality<\/li>\n  <li><strong>Super Mario Galaxy 2<\/strong> - More attacking of the Peach\u2019s castle, kidnapping Peach, Power Star theft, attacking spaceships<\/li>\n  <li><strong>Super Mario 3D Land<\/strong> - Kidnaps Peach, steals Super Leaves<\/li>\n  <li><strong>New Super Mario Bros U<\/strong> - Imprisons Peach, invasion<\/li>\n  <li><strong>Super Mario 3D World<\/strong> - Kidnaps Sprixie princesses<\/li>\n  <li><strong>Super Mario Odyssey<\/strong> - Kidnaps peach, attempts a forced marriage, destroys Marios hat<\/li>\n  <li><strong>Super Mario Wonder<\/strong> - Partying too hard? (I guess he also steals the Wonder Flower and imprisons some flower people)<\/li>\n<\/ul>\n\n<p>A lot of kidnapping, turning people into things, theft, trying to conquer everything and of course general assault\/battery. But with Wonder? I\u2019m still not sure what he did. Bowser just trying to get his groove on\u2026<\/p>\n","pubDate":"Sun, 19 May 2024 13:59:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/05\/19\/bowsers-crimes","guid":"https:\/\/shellsharks.com\/notes\/2024\/05\/19\/bowsers-crimes","category":["life","gaming","nintendo","mario","weblogpomo2024","blogpomo"]},{"title":"Nostalgia Music","description":"<p>Responding to <a href=\"https:\/\/flamedfury.com\/posts\/nostalgia-music\/\">this post<\/a> from <a href=\"https:\/\/flamedfury.com\">Flamed Fury<\/a>, I wanted to write about music that I found nostalgic or that I associate with certain memories. I\u2019ll attempt to write these in a chronological fashion as best as my memory will allow\u2026 (<strong>Note<\/strong>: <em>All music links are to Apple Music listings.<\/em>)<\/p>\n\n<ul>\n  <li>\n    <p><em>Somewhere within my childhood<\/em>: I have a lot of memory fragments of assorted music from my childhood, most of it stuff my dad really liked. e.g. Driving at night in the car listening to <a href=\"https:\/\/music.apple.com\/us\/album\/zombie\/1440735255?i=1440735264\">Zombie<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/the-cranberries\/122615\">The Cranberries<\/a> or hearing my dad sing <a href=\"https:\/\/music.apple.com\/us\/album\/photograph\/1440902935?i=1440902940\">Photograph<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/def-leppard\/117554\">Def Leppard<\/a> and a number of songs by <a href=\"https:\/\/music.apple.com\/us\/artist\/the-goo-goo-dolls\/147559\">The Goo Goo Dolls<\/a>.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>1997<\/strong>-<strong>2000<\/strong>: I can\u2019t pin down the exact year, but I remember listening to A LOT of <a href=\"https:\/\/music.apple.com\/us\/artist\/c%C3%A9line-dion\/63729\">Celine Dion<\/a> courtesy of my sister and the drives we had when she would drop me off at school when we lived in Jacksonville, FL. I remember she was in High School at the time. Specifically, I remember listening to <a href=\"https:\/\/music.apple.com\/us\/album\/its-all-coming-back-to-me-now\/1473319237?i=1473319246\">It\u2019s All Coming Back to Me Now<\/a> &amp; <a href=\"https:\/\/music.apple.com\/us\/album\/thats-the-way-it-is\/479204871?i=479204974\">That\u2019s The Way It Is<\/a> <em>a lot<\/em>. Like, every single morning a lot.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2000<\/strong>: <a href=\"https:\/\/music.apple.com\/us\/album\/hybrid-theory\/528436018\">Hybrid Theory<\/a> from <a href=\"https:\/\/music.apple.com\/us\/artist\/linkin-park\/148662\">Linkin Park<\/a> is one of those rare albums where <em>every<\/em> song is good and I will listen to the entire album without skipping any of \u2018em. It has also stayed in my regular listening rotation for nearly 25 years now. When this album came out, it was <em>all<\/em> I listened to. If you had asked me what kinda music I liked back then, I would have just shown you the Hybrid Theory CD case. I honestly don\u2019t think I really cared about music before this album came out.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2000<\/strong>: The <a href=\"https:\/\/music.apple.com\/us\/album\/infest\/1450006102\">Infest<\/a> album from <a href=\"https:\/\/music.apple.com\/us\/artist\/papa-roach\/3445763\">Papa Roach<\/a> is also a big one from my early music-listening days. I sang each of these songs endlessly. I remember convincing my grandma to buy it for me at some flea market in South Carolina and she being very concerned about the parental advisory warning \ud83d\ude02.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2001<\/strong>: <a href=\"https:\/\/music.apple.com\/us\/album\/blurry\/1450664881?i=1450664888\">Blurry<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/puddle-of-mudd\/109754\">Puddle of Mudd<\/a> and <a href=\"https:\/\/music.apple.com\/us\/album\/crawling-in-the-dark\/1597017127?i=1597017128\">Crawling in the Dark<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/hoobastank\/415242\">Hoobastank<\/a> were both mini-obsessions built on top of my love for Linkin Park.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2001<\/strong>-<strong>2002<\/strong>: My sister was <em>constantly<\/em> singing both <a href=\"https:\/\/music.apple.com\/us\/album\/complicated\/315025768?i=315025823\">Complicated<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/avril-lavigne\/459885\">Avril<\/a> &amp; <a href=\"https:\/\/music.apple.com\/us\/album\/everywhere\/301027659?i=301027748\">Everywhere<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/michelle-branch\/1054040\">Michelle Branch<\/a> when they came out. It\u2019ll always remind me of my parents house in Stafford and how it looked at that time.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>2002<\/strong>-<strong>2004<\/strong>: I can\u2019t pin down exactly <em>when<\/em>, but I vividly remember the first time I listened to <a href=\"https:\/\/music.apple.com\/us\/album\/stairway-to-heaven\/580708175?i=580708180\">Stairway to Heaven<\/a>. I was going through my dad\u2019s collection of vinyl records and playing them on a turntable I had set up under my bunk bed. I must have replayed the song 5 or 6 times (maybe more) after that first listen. It was I think the exact moment where I pivoted into classic rock as a core musical preference.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>2003<\/strong>: In highschool I went through a BIG <a href=\"https:\/\/music.apple.com\/us\/artist\/afi\/3447440\">AFI<\/a> phase, and really loved the <a href=\"https:\/\/music.apple.com\/us\/album\/sing-the-sorrow\/1440796793\">Sing the Sorrow<\/a> album that came out around my freshman year. (I also really enjoyed <a href=\"https:\/\/music.apple.com\/us\/album\/the-art-of-drowning\/1440942604\">The Art of Drowning<\/a> &amp; <a href=\"https:\/\/music.apple.com\/us\/album\/black-sails-in-the-sunset\/1440940023\">Black Sails in the Sunset<\/a>). It\u2019ll always make me think of that time in my life.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2003<\/strong>: There were a few months that I think I <em>just<\/em> listened to the album <a href=\"https:\/\/music.apple.com\/us\/album\/year-of-the-spider\/1488013267\">Year Of The Spider<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/cold\/435825401\">Cold<\/a>. Notably, the songs <a href=\"https:\/\/music.apple.com\/us\/album\/cure-my-tragedy\/1488013267?i=1488013294\">Cure My Tragedy<\/a>, <a href=\"https:\/\/music.apple.com\/us\/album\/wasted-years\/1488013267?i=1488013570\">Wasted Years<\/a>, <a href=\"https:\/\/music.apple.com\/us\/album\/the-day-seattle-died\/1488013267?i=1488013584\">The Day Seattle Died<\/a> &amp; <a href=\"https:\/\/music.apple.com\/us\/album\/black-sunday\/1488013267?i=1488013586\">Black Sunday<\/a>. Peaky teen angst type-uh stuff.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2003<\/strong>: A rendition of <a href=\"https:\/\/music.apple.com\/us\/album\/a-favor-house-atlantic\/365400149?i=365401285\">A Favor House Atlantic<\/a> by a friend at lunch in high school introduced me to <a href=\"https:\/\/music.apple.com\/us\/artist\/coheed-and-cambria\/15031628\">Coheed &amp; Cambria<\/a>. When <a href=\"https:\/\/music.apple.com\/us\/album\/good-apollo-im-burning-star-iv-vol-1-from-fear-through\/307654866\">Good Apollo I\u2019m Burning Star IV<\/a> came out 2 years later, I remember some friends playing <a href=\"https:\/\/music.apple.com\/us\/album\/welcome-home\/307654866?i=307654871\">Welcome Home<\/a> on my stereo in the basement and was blown away. Will never forget. Still one of my favorite artists of all time.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>2003<\/strong>-<strong>2006<\/strong>: At some point in High School I saw <a href=\"https:\/\/www.youtube.com\/watch?v=K4OU6BUKo-A\">this YouTube video<\/a> featuring <a href=\"https:\/\/music.apple.com\/us\/artist\/metallica\/3996865\">Metallica\u2019s<\/a> song <a href=\"https:\/\/music.apple.com\/us\/album\/no-leaf-clover-live-with-the-sfso\/579377398?i=579377477\">No Leaf Clover<\/a>. I loved DBZ at the time and this song was just insanely good. I\u2019ll always associate the two.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>2005<\/strong>: I remember filming a <em>very<\/em> silly cover of <a href=\"https:\/\/music.apple.com\/us\/album\/soul-survivor-feat-akon\/1440743075?i=1440743758\">Jeezy\u2019s Soul Survivor<\/a>, I dubbed it \u201c<em>Bacon &amp; Young Cheesy<\/em>\u201d where I was \u201cBacon\u201d and my brother was \u201cYoung Cheesy\u201d. I held a package of bacon in my hand while my brother waved around a frozen Stouffers Mac \u2018n cheese. It\u2019s a shame I don\u2019t remember the lyrics we came up with. <em>Silly silly stuff<\/em>.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>2005<\/strong>-<strong>2006<\/strong>: One summer in high school I worked at Kings Dominion. For some reason I listened to <a href=\"https:\/\/music.apple.com\/us\/artist\/the-beatles\/136975\">The Beatles<\/a> album <a href=\"https:\/\/music.apple.com\/us\/album\/abbey-road-remastered\/1441164426\">Abbey Road<\/a> every morning during that commute.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>2006<\/strong>+: I had not one, but <em>TWO<\/em> <a href=\"https:\/\/music.apple.com\/us\/artist\/elvenking\/80081895\">Elvenking<\/a> CDs (<a href=\"https:\/\/music.apple.com\/us\/album\/the-scythe\/942655487\">The Scythe<\/a> &amp; <a href=\"https:\/\/music.apple.com\/us\/album\/heathenreel\/943344490\">Heathenreel<\/a>) I had burned in my Kia Sephia that I would listen to all the time. Whenever I would drive my friends anywhere they would joke that I was <em>always<\/em> listening to Elvenking. They expected me to play it too anytime they were in the car. I didn\u2019t disappoint.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>2006<\/strong>: <a href=\"https:\/\/music.apple.com\/us\/album\/into-the-ocean\/1440778800?i=1440779255\">Into the Ocean<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/blue-october\/559128\">Blue October<\/a> always reminds me of an internship I had in DC where I commuted in with my dad. It was a frequent play on the radio during that time.<\/p>\n  <\/li>\n  <li>\n    <p>~<strong>2011<\/strong>: The song <a href=\"https:\/\/music.apple.com\/us\/album\/we-found-love-feat-calvin-harris\/1440758930?i=1440758945\">We Found Love<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/rihanna\/63346553\">Rihanna<\/a> will always remind me of the first time I went to Mardi Gras. Though admittedly a lot of those memories are quite <span style=\"color:#912A7E;font-weight:bold;font-style:italic;\">hazy<\/span>.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2016<\/strong>: <a href=\"https:\/\/music.apple.com\/us\/album\/closer-feat-halsey\/1170699510?i=1170699703\">Closer<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/the-chainsmokers\/580391756\">Chainsmokers<\/a> always reminds me of my wedding.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2019<\/strong>: When me and my wife were in Prague, we heard a beautiful rendition of <a href=\"https:\/\/music.apple.com\/us\/album\/many-shades-of-black\/1552871264?i=1552871537\">Many Shades of Black<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/the-raconteurs\/129477464\">The Raconteurs<\/a>. I wish I had a recording.<\/p>\n  <\/li>\n  <li>\n    <p><strong>2020<\/strong>+: <em>OK<\/em>. So in 2020 my son was born and as new parents we didn\u2019t <em>exactly<\/em> have everything figured out. Putting this kid to sleep was of notable difficulty. In one such event, I was trying to get my son to sleep and walked him upstairs to the bathroom where my wife was showering. She was listening to <a href=\"https:\/\/music.apple.com\/us\/album\/34-35\/1537486662?i=1537486672\">34+35<\/a> by <a href=\"https:\/\/music.apple.com\/us\/artist\/ariana-grande\/412778295\">Ariana Grande<\/a>. Upon hearing the song, my son immediately calmed down. Desperate, I took that as a sign that he loved Ariana Grande. Turns out, I think I was onto something. From then on, we played the album (<a href=\"https:\/\/music.apple.com\/us\/album\/positions\/1537486662\">Positions<\/a>) for him at every nap time and <em>magically<\/em>, it really did put him to sleep or otherwise had a very calming effect. As a result, it will <em>forever<\/em> be in my top songs ever played because I had to listen to this full album 3x+ times a day for, and I am not kidding here, <em>YEARS<\/em>.<\/p>\n  <\/li>\n<\/ul>\n","pubDate":"Wed, 15 May 2024 13:26:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/05\/15\/nostalgia-music","guid":"https:\/\/shellsharks.com\/notes\/2024\/05\/15\/nostalgia-music","category":["life","music","weblogpomo2024","blopomo"]},{"title":"Songs I was feelin' in 2020","description":"<p>I found an old note in my <a href=\"https:\/\/simplenote.com\">Simplenote<\/a> archive (<em>circa August 2020<\/em>) titled \u201cFavorite Songs\u201d. I thought I\u2019d share it here. Best I can tell, the first part of the list was a ranked \u201ctop 12\u201d and everything else was just other songs I was feelin\u2019 at the time.<\/p>\n\n<ol>\n  <li>2112 (<em>Rush<\/em>)<\/li>\n  <li>Close to the Edge (<em>Yes<\/em>)<\/li>\n  <li>Stairway to Heaven (<em>Led Zeppelin<\/em>)<\/li>\n  <li>No Leaf Clover (<em>Metallica<\/em>)<\/li>\n  <li>In Keeping Secrets of Silent Earth: 3 (<em>Coheed and Cambria<\/em>)<\/li>\n  <li>And Then There Was Silence (<em>Blind Guardian<\/em>)<\/li>\n  <li>Since I\u2019ve Been Loving You (<em>Led Zeppelin<\/em>)<\/li>\n  <li>Civil War (<em>Guns &amp; Roses<\/em>)<\/li>\n  <li>Aqualung (<em>Jethro Tull<\/em>)<\/li>\n  <li>And You And I (<em>Yes<\/em>)<\/li>\n  <li>Unforgiven II (<em>Metallica<\/em>)<\/li>\n  <li>The Maiden and the Minstrel Knight (<em>Blind Guardian<\/em>)<\/li>\n<\/ol>\n\n<p>Other songs I was feelin\u2019\u2026<\/p>\n\n<ul>\n  <li>The Story of Benjamin Darling Part I (<em>State Radio<\/em>)<\/li>\n  <li>Americans (<em>This or the Apocalypse<\/em>)<\/li>\n  <li>Subverse (<em>This or the Apocalypse<\/em>)<\/li>\n  <li>Do You Call My Name (<em>Ra<\/em>)<\/li>\n  <li>Far From Heaven (<em>Axenstar<\/em>)<\/li>\n  <li>My Spirit Will Go On (<em>Dragonforce<\/em>)<\/li>\n  <li>A Rose for Epona (<em>Eluveitie<\/em>)<\/li>\n  <li>Wish You Were Here (<em>Pink Floyd<\/em>)<\/li>\n  <li>Time (<em>Pink Floyd<\/em>)<\/li>\n  <li>Delirium Trigger (<em>Coheed and Cambria<\/em>)<\/li>\n  <li>Hallowed be thy name (<em>Iced Earth<\/em>)<\/li>\n  <li>Cygnus\u2026Vismund Cygnus (<em>Mars Volta<\/em>)<\/li>\n  <li>Inertiatic ESP (<em>Mars Volta<\/em>)<\/li>\n  <li>Talk Shows on Mute (<em>Incubus<\/em>)<\/li>\n  <li>Starship Trooper (<em>Yes<\/em>)<\/li>\n  <li>I\u2019ve Seen All Good People (<em>Yes<\/em>)<\/li>\n  <li>Hey Hey What Can I Do (<em>Led Zeppelin<\/em>)<\/li>\n  <li>Tea for One (<em>Led Zeppelin<\/em>)<\/li>\n  <li>Don\u2019t Kill the Whale (<em>Yes<\/em>)<\/li>\n  <li>Yours is No Disgrace (<em>Yes<\/em>)<\/li>\n  <li>Spirit of the Radio (<em>Rush<\/em>)<\/li>\n  <li>Pigs (<em>Three Different Ones<\/em>) (<em>Pink Floyd<\/em>)<\/li>\n  <li>Dogs (<em>Pink Floyd<\/em>)<\/li>\n  <li>Have a Cigar (<em>Pink Floyd<\/em>)<\/li>\n  <li>Nothing Else Matters (<em>Metallica<\/em>)<\/li>\n  <li>Locomotive Breath (<em>Jethro Tull<\/em>)<\/li>\n  <li>Ohio (<em>Crosby, Stills, Nash &amp; Young<\/em>)<\/li>\n  <li>Key Entity Extraction I: Domino the Destitute (<em>Coheed &amp; Cambria<\/em>)<\/li>\n  <li>Mother Superior (<em>Coheed &amp; Cambria<\/em>)<\/li>\n  <li>A Favor House Atlantic (<em>Coheed &amp; Cambria<\/em>)<\/li>\n  <li>Welcome Home (<em>Coheed &amp; Cambria<\/em>)<\/li>\n  <li>Mother May I (<em>Coheed &amp; Cambria<\/em>)<\/li>\n  <li>The Willing Well III: Apollo II: The Telling Truth (<em>Coheed &amp; Cambria<\/em>)<\/li>\n  <li>The Red (<em>Chevelle<\/em>)<\/li>\n  <li>Roswell\u2019s Spell (<em>Chevelle<\/em>)<\/li>\n  <li>The Circus (<em>Chevelle<\/em>)<\/li>\n  <li>The Soulforged (<em>Blind Guardian<\/em>)<\/li>\n  <li>Fiddler on the Green (<em>Demons &amp; Wizards<\/em>)<\/li>\n  <li>Blood on my Hands (<em>Demons &amp; Wizards<\/em>)<\/li>\n  <li>My Last Sunrise (<em>Demons &amp; Wizards<\/em>)<\/li>\n  <li>The General (<em>Dispatch<\/em>)<\/li>\n  <li>Aqueous Transmission (<em>Incubus<\/em>)<\/li>\n  <li>Pardon Me (<em>Incubus<\/em>)<\/li>\n  <li>Meccamputechture (<em>Mars Volta<\/em>)<\/li>\n  <li>Asilos Magdalena (<em>Mars Volta<\/em>)<\/li>\n  <li>Roulette Dares (<em>The Haunt Of<\/em>) (<em>Mars Volta<\/em>)<\/li>\n  <li>Eriatarka (<em>Mars Volta<\/em>)<\/li>\n  <li>Fight No More (<em>State Radio<\/em>)<\/li>\n  <li>Right Me Up (<em>State Radio<\/em>)<\/li>\n  <li>Seasonspeech (<em>Elvenking<\/em>)<\/li>\n  <li>Dominhate (<em>Elvenking<\/em>)<\/li>\n  <li>Insomnia (<em>Periphery<\/em>)<\/li>\n<\/ul>\n\n<p>Looking at this list, I still love all these songs, though there are some I realize I need to add back into the more regular rotation\u2026<\/p>\n","pubDate":"Fri, 10 May 2024 09:08:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/05\/10\/songs-i-was-feelin-2020","guid":"https:\/\/shellsharks.com\/notes\/2024\/05\/10\/songs-i-was-feelin-2020","category":["life","music","weblogpomo2024","blopomo"]},{"title":"Crystal Six","description":"<p>Though the original Pokemon (Blue\/Red) game will forever hold a particularly special place in my heart, I think of Pokemon <strong><a href=\"https:\/\/bulbapedia.bulbagarden.net\/wiki\/Pok\u00e9mon_Crystal_Version\">Crystal<\/a><\/strong> as both my favorite and the <em>best<\/em> of the entire Pokemon series. With the recent legitimization of classic game emulators on iOS, and thus the rebirth of <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/22\/retro-gaming-with-delta\">Delta<\/a>, I once again spun up a Pokemon Crystal rom and did a playthrough. Even after all these years and countless playthroughs, it was still as fun as ever. To commemorate, I\u2019ve decided to document my team, the \u201cCrystal Six\u201d below.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/pokemon-crystal\/crystalsix.jpeg\" alt=\"Crystal Six\" width=\"200px\" \/><\/p>\n\n<ol>\n  <li>Gengar<\/li>\n  <li>Dragonite<\/li>\n  <li>Crobat<\/li>\n  <li>Steelix<\/li>\n  <li>Feraligatr<\/li>\n  <li>Gyarados<\/li>\n<\/ol>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/pokemon-crystal\/feraligatr.jpeg\" alt=\"Feraligatr\" width=\"75px\" \/> <img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/pokemon-crystal\/crobat.jpeg\" alt=\"Crobat\" width=\"75px\" \/> <img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/pokemon-crystal\/steelix.jpeg\" alt=\"Steelix\" width=\"75px\" \/> <img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/pokemon-crystal\/gengar.jpeg\" alt=\"Gengar\" width=\"75px\" \/> <img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/pokemon-crystal\/gyarados.jpeg\" alt=\"Gyarados\" width=\"75px\" \/> <img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/pokemon-crystal\/dragonite.jpeg\" alt=\"Dragonite\" width=\"75px\" \/><\/p>\n\n<p><em>For those follow poke-fans out there, you may notice that I still have a bit of a preference for Gen I, with 5 of the 6 having base forms that are from the original games.<\/em><\/p>\n","pubDate":"Wed, 08 May 2024 10:12:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/05\/08\/crystal-six","guid":"https:\/\/shellsharks.com\/notes\/2024\/05\/08\/crystal-six","category":["life","gaming","pokemon","weblogpomo2024","blopomo"]},{"title":"An Ode to Lost Friends","description":"<p>They say time heals all, but time is also a void that severs and decays the bonds of friendship. With fondness and regret, I look back at a life dotted with friendships made, and those forgotten\u2026<\/p>\n\n<p><em>Thanks to <a href=\"https:\/\/www.vzqk50.com\/whoami\/\">Apis Necros<\/a> for inspiring me with their own <a href=\"https:\/\/www.vzqk50.com\/blog\/an-ode-to-lost-friends\/\">original post<\/a> on this subject.<\/em><\/p>\n\n<center><i class=\"ph ph-butterfly\"><\/i><\/center>\n\n<h3 id=\"veronica\">\u201cVeronica\u201d<\/h3>\n\n<p>In elementary school (I forget which grade exactly), we used to play kickball before class. One day, I got pegged in the face with the ball. It knocked the glasses off my face into the dirt and my nose bled. I cried and the kids laughed. \u201cVeronica\u201d (Her name definitely started with a \u201cV\u201d, but it could have been something else) instead picked up my glasses and asked me if I was OK. We weren\u2019t ever friends, either before or after that day, but I\u2019ll always remember how she was nice to me in that moment.<\/p>\n\n<h3 id=\"the-boys-in-black\">The \u201cBoys in Black\u201d<\/h3>\n\n<p>Way back in 4th\/5th grade there was a group of maybe 3 of us who called ourselves the \u201cBoys in Black\u201d, i.e. \u201cBiB\u201d (inspired by the \u201cMen in Black\u201d movie). I don\u2019t remember how we came up with this, or to what extent any one of us loved that movie so much that we\u2019d name our group after it, but yeah. It\u2019s funny too because thinking back, wearing black was not part of what we did at all. We would hold (daily?) meetings in class to discuss <em>something<\/em>, but mostly we spent our time doodling \u201cbases\u201d and fantastical weaponry \/ vehicles-of-war (e.g. jeeps, tanks, etc\u2026). I suppose we liked (as many young boys\/children probably do) the idea of having a secret base filled with cool gadgets and lasers. In that group, was another kid whos name I don\u2019t remember, but I <em>do<\/em> recall that his birthday was the day <em>after<\/em> mine. We used to observe that my birthday was the final day of Winter and his the first of Spring. That meant something to us. To the BiB!<\/p>\n\n<h3 id=\"leanna\">Leanna<\/h3>\n\n<p>My family and hers were incredibly close growing up, even into the later years of our childhood (i.e. highschool). We went on family trips, went camping, I even went to some highschool dances with her. Our parents would joke about us dating but we were always just friends. I still have vague memories of going to her family\u2019s townhouse (in Lakeridge?) and hanging out in the basement with their dog Zelda and her two sisters (Victoria and Alexandra). In what is somewhat of a small-world-style twist, she ended up getting married to another past friend of mine from a separate circle (James, who I knew from Boy Scouts). I still think about the two of them and her family from time to time. I could probably reach out, but I never do. I hope they\u2019re all doing great!<\/p>\n\n<h3 id=\"amy\">Amy<\/h3>\n\n<p>Amy was, for a time, my best friend. In the days before the Internet took off, or cell phones were a thing, we would talk for HOURS on the phone, about anything, about whatever teenage kids in the 00\u2019s had to talk about. One day, it just faded away and we stopped talking. I still don\u2019t know why.<\/p>\n\n<h3 id=\"galileo\">Galileo<\/h3>\n\n<p>Zak, Aaron, Johnson, Sean, my fellow 7th floor Galileo engineers at VT. For the better part of 4 years they were my friends, classmates and those I spent my days with. We had some good times and I suppose some not as good times. I sadly don\u2019t talk to them anymore. I\u2019ve seen some occasional things on LinkedIn, in the days I bothered to go on LinkedIn and see what they were up to. It would be cool to catch up one day, see where their lives had taken them, meet their families, their kids. Ya never know\u2026<\/p>\n\n<h3 id=\"kenny\">Kenny<\/h3>\n\n<p>For nearly 5 years me and Kenny sat next to each other and did our best to stay busy. We worked at a large, well-known defense contractor. We were work friends and even had the rare meetup outside of work. Most memorable to me though is the weeks we spent painting\/coloring\/decorating these little troll figurines to look like various Marvel\/DC super heros. Silly times.<\/p>\n\n<h3 id=\"destiny-1-raid-crew\">Destiny 1, Raid Crew<\/h3>\n\n<p>Oh man did I love playing Destiny back in the day. I was a big time Halo addict back in the Halo 2\/3 days and Destiny was no different. I played a lot of PVP via matchmaking but I also did a lot of raids (VoG anyone?) with a specific crew. We got along great and I remember they thought I was pretty funny. One day I just stopped playing and that was the end of an era.<\/p>\n\n<h3 id=\"destiny-2-stadia--the-salvations-clan\">Destiny 2, Stadia &amp; the Salvations Clan<\/h3>\n\n<p>Years after D1, Destiny 2 came to Stadia and I got really into the franchise once more. I played on \u201cStadia\u201d, Google\u2019s game streaming platform and it was a really great experience, and also a very small (relatively speaking) community. We all seemed to generally know each other and get along, chatting amongst ourselves across a few Discord servers and Reddit subs. Eventually I joined the \u201cSalvations\u201d clan with my brother, someone who went by \u201cPolitics\u201d (who was <em>very<\/em> good) and a number of others. I also played with someone named \u201cTime\u201d who was very good with the bow. My \u201cArbalest\u201d skills were <a href=\"https:\/\/www.youtube.com\/watch?v=fDJBsc9SRvc\">legendary<\/a> amongst the Stadia crew and boy did I have fun playing. Eventually life, family and other priorities became too much for me to afford the time needed to keep up with the game though. So much like what happened with D1, I pretty much vanished one day (and eventually Stadia too met its end.)<\/p>\n\n<h3 id=\"pickup-ballers\">Pickup Ballers<\/h3>\n\n<p>Over the years I\u2019ve ran pickup bball with a number of different groups of guys. In each era, I\u2019d play several times a week, for several hours each day. We came to know each other by name and we knew each others style of play. When I moved, or switched gyms, there were never any goodbyes. I just stopped going one day. In rare cases I would run into someone at wherever my new place that I would play, but generally, I just never saw them again. Another example, in a long string of examples of very situational friendships.<\/p>\n\n<p>Shoutout to the Courtland Towers crew - Paul, Leo, Eric, Steve K, Steve J, Derek and others whos names escape me.<\/p>\n\n<center><i class=\"ph ph-infinity\"><\/i><\/center>\n\n<p>My stories aren\u2019t particularly unique. Everyone has similar tales of friendships made and lost. It is just the nature of our shared experience as humans. I will admit that I am particularly bad at keeping in touch and surely what could have been longer-lasting relationships have suffered because of it. I also have a notoriously bad memory in terms of remembering anything from more than like 5 years ago, so there are likely countless other meaningful friendships that have been completely lost, even in memory. For those in my past, mentioned or not mentioned here that ever wanted to reach out, do it!<\/p>\n","pubDate":"Mon, 06 May 2024 09:11:00 -0400","link":"https:\/\/shellsharks.com\/an-ode-to-lost-friends","guid":"https:\/\/shellsharks.com\/an-ode-to-lost-friends","category":["life","blopomo","weblogpomo2024","life","blog"]},{"title":"Favorite movies","description":"<p>A point-in-time look at my ever-fluctuating list of favorite movies (<strong>Top 25<\/strong>)\u2026<\/p>\n\n<ol>\n  <li>Gladiator<\/li>\n  <li>Gattaca<\/li>\n  <li>Star Wars: Return of the Jedi<\/li>\n  <li>Star Wars: Empire Strikes Back<\/li>\n  <li>Apocalypto<\/li>\n  <li>Sunshine<\/li>\n  <li>IP man<\/li>\n  <li>Clockwork Orange<\/li>\n  <li>Hook<\/li>\n  <li>Interview with the Vampire<\/li>\n  <li>300<\/li>\n  <li>eXistenZ<\/li>\n  <li>Star Wars: A New Hope<\/li>\n  <li>Dune: Part Two<\/li>\n  <li>There Will Be Blood<\/li>\n  <li>Mad Max 2: Road Warrior<\/li>\n  <li>The Matrix<\/li>\n  <li>Rogue One<\/li>\n  <li>Starship Troopers<\/li>\n  <li>Master and Commander<\/li>\n  <li>Planet of the Apes<\/li>\n  <li>The Departed<\/li>\n  <li>Shawshank Redemption<\/li>\n  <li>Waterworld<\/li>\n  <li>American Gangster<\/li>\n<\/ol>\n","pubDate":"Sun, 05 May 2024 22:00:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/05\/05\/favorite-movies","guid":"https:\/\/shellsharks.com\/notes\/2024\/05\/05\/favorite-movies","category":["life","movies","blopomo","weblogpomo2024","list"]},{"title":"Ranking fry cuts","description":"<p>French fries are great. <em>Duh!<\/em>. But how they are <em>cut<\/em> makes a big difference in how <em>great<\/em> they can be. Here\u2019s how I would rank different fry cuts <em>1-10<\/em>:<\/p>\n\n<ol>\n  <li>Waffle<\/li>\n  <li>Curly<\/li>\n  <li>Home<\/li>\n  <li>Tornado<\/li>\n  <li>Wedge<\/li>\n  <li>Steak<\/li>\n  <li>Shoestring<\/li>\n  <li>Cottage<\/li>\n  <li>Crinkle<\/li>\n  <li>Standard<\/li>\n<\/ol>\n\n<p><strong>Note<\/strong>: <em>No matter the cut, a regular potato fry is vastly superior to a sweet potato fry.<\/em><\/p>\n\n<p>I also have <a href=\"https:\/\/shellsharks.com\/notes\/2024\/01\/29\/thoughts-on-chips\">thoughts on chips<\/a>.<\/p>\n","pubDate":"Thu, 02 May 2024 10:30:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/05\/02\/ranking-fry-cuts","guid":"https:\/\/shellsharks.com\/notes\/2024\/05\/02\/ranking-fry-cuts","category":["life","food","blopomo","weblogpomo2024"]},{"title":"5 fingers, 5 liquids","description":"<p>I\u2019m not a big April Fools person but in the spirit of silliness, here is a thought experiment \/ game to play\u2026 \n<br \/><br \/>\nMy wife was listening to a podcast* which asked, \u201c<em>If you could (magically) make each finger on one hand produce a liquid, what 5 liquids would you choose<\/em>\u201d. My current list (and briefly why I chose it) below\u2026<\/p>\n\n<p>The five liquids.<\/p>\n\n<ol>\n  <li><strong>Water<\/strong> - the obvious one. life sustaining and versatile<\/li>\n  <li><strong>Gold<\/strong> - Printing $$ pretty much yeah?<\/li>\n  <li><strong>Protein Smoothie<\/strong> - Has just about everything in it I need. My smoothies consist of milk, greek yogurt, fruit, vegetables (<em>sometimes<\/em>), almond butter &amp; protein powder<\/li>\n  <li><strong>Lava<\/strong> - Self-defense. You wouldn\u2019t mess with someone with a <em>lava finger<\/em> would you?<\/li>\n  <li><strong>Gasoline<\/strong> - Could be used for generator, fueling a <a href=\"https:\/\/earthroamer.com\">sweet RV<\/a>, tons of stuff\u2026<\/li>\n<\/ol>\n\n<p>Considering changing one to beer though\u2026<\/p>\n\n<p>*<strong>Note<\/strong>: (not sure what the podcast was)<\/p>\n","pubDate":"Mon, 01 Apr 2024 11:23:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/04\/01\/5-fingers-5-liquids","guid":"https:\/\/shellsharks.com\/notes\/2024\/04\/01\/5-fingers-5-liquids","category":"life"},{"title":"shellsharks.social 3\/24\/24 14:37 EDT","description":"<p>Regenerating my <a href=\"https:\/\/shellsharks.social\/tags\/introduction\">#introduction<\/a> post on the new instance: \n<br \/><br \/>\nMy name is Mike (a.k.a. \u201cshellsharks\u201d) - I am a security researcher, <a href=\"https:\/\/shellsharks.social\/tags\/IndieWeb\">#IndieWeb<\/a> advocate, all-things <a href=\"https:\/\/shellsharks.social\/tags\/Fediverse\">#Fediverse<\/a> convert and all around <a href=\"https:\/\/shellsharks.social\/tags\/tech\">#tech<\/a> enthusiast.<\/p>\n\n<p>I write about <a href=\"https:\/\/shellsharks.social\/tags\/infosec\">#infosec<\/a>, <a href=\"https:\/\/shellsharks.social\/tags\/technology\">#technology<\/a> and <a href=\"https:\/\/shellsharks.social\/tags\/life\">#life<\/a> over at <a href=\"https:\/\/shellsharks.com\/\">https:\/\/shellsharks.com<\/a><\/p>\n\n<p>Here\u2019s some other stuff I like\u2026 <a href=\"https:\/\/shellsharks.social\/tags\/apple\">#apple<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/sports\">#sports<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/travel\">#travel<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/battlestations\">#battlestations<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/food\">#food<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/starwars\">#starwars<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/lotr\">#lotr<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/pokemon\">#pokemon<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/gaming\">#gaming<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/space\">#space<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/fitness\">#fitness<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/nba\">#nba<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/basketball\">#basketball<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/hiking\">#hiking<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/camping\">#camping<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/music\">#music<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/coding\">#coding<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/programming\">#programming<\/a> <a href=\"https:\/\/shellsharks.social\/tags\/cybersecurity\">#cybersecurity<\/a><\/p>\n\n<p>\ud83d\udc1a\ud83e\udd88\ud83e\udd88\ud83e\udd88<\/p>\n\n","pubDate":"Sun, 24 Mar 2024 14:37:52 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/03\/24\/shellsharks-social-112152115430884730","guid":"https:\/\/shellsharks.com\/notes\/2024\/03\/24\/shellsharks-social-112152115430884730","category":["introduction","indieweb","fediverse","tech","infosec","technology","life","apple","sports","travel","battlestations","food","starwars","lotr","pokemon","gaming","space","fitness","nba","basketball","hiking","camping","music","coding","programming","cybersecurity"]},{"title":"You have something to say, someone will listen","description":"<p><a href=\"https:\/\/stefanbohacek.online\/@stefan\">@stefan<\/a> Oh man, the \u201cNothing to put there\u201d crowd hits home. That and the much-related (but not listed here) \u201cno one will care what I have to say \/ no one will read\u201d crowd. To anyone who matches these descriptions or has these feelings, know that you\u2026<\/p>\n\n<p>A. absolutely have something to say, and a blog is a great place to say it, and..<\/p>\n\n<p>B. The Internet is a huge place. People <em>will<\/em> find your site and read it, no matter how niche it is, or how poorly designed, or how seemingly poorly written. There\u2019s no thought you could have that couldn\u2019t educate someone else out there and nothing you could write about that there isn\u2019t some community out there that would have similar thoughts.<\/p>\n\n<p>As for the other reasons folks don\u2019t have a site\u2026<\/p>\n\n<ol>\n  <li>\n    <p><a href=\"https:\/\/pages.github.com\">Github Pages<\/a> (and some other platforms) is 100% free (so if expense is an issue then it doesn\u2019t need to be)<\/p>\n  <\/li>\n  <li>\n    <p>There are <a href=\"https:\/\/shellsharks.com\/indieweb#hosting\">more hosting providers<\/a> than ever these days, many of which make it dead simple to get started, so don\u2019t let complexity be a stopping point. You can always start real simple and get more complex as you go.<\/p>\n  <\/li>\n  <li>\n    <p>Time may be the biggest hurdle. I would just say that a blog isn\u2019t something you need to maintain or publish regularly. Just put something up and post when you have time. Posts can be short, they can be sloppy, they can be whatever, Since you own the site, you can always edit something poorly written later too.<\/p>\n  <\/li>\n<\/ol>\n\n<p>For everything else, you could check out my post about \u201cWhy I Blog. You Should Too!\u201d for other advice\/inspiration. Cheers!<\/p>\n\n<p><a href=\"https:\/\/shellsharks.com\/you-should-blog\">https:\/\/shellsharks.com\/you-should-blog<\/a><\/p>\n","pubDate":"Wed, 13 Mar 2024 14:27:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2024\/03\/13\/you-have-something-to-say-someone-will-listen","guid":"https:\/\/shellsharks.com\/notes\/2024\/03\/13\/you-have-something-to-say-someone-will-listen","category":["technology","life","blogging"]},{"title":"Shark after Dark \ud83c\udf19","description":"<p>Welcome to \ud83c\udf19 Shark after Dark \ud83c\udf19 \u2013&gt; <a href=\"https:\/\/shellsharks.social\/@afterdark\">@afterdark@shellsharks.social<\/a><\/p>\n\n<p>This account features less-than-stellar and likely reality-detached toots, e.g. infosec meta-commentary, technology rants, life quibbles, w\/e.<\/p>\n\n<p>It serves as an (experimental) alt account for <a href=\"https:\/\/infosec.exchange\/@shellsharks\">@shellsharks<\/a> as part of my \u201csocial horcrux\u201d lifestyle. If you follow me over there, this account should be familiar, albeit slightly more unhinged.<\/p>\n\n<p>So if you want a li\u2019l more Shellsharks in your feed, sub away! \ud83e\udd88 \ud83e\udd88<\/p>\n\n<p><em>#infosec #cybersecurity #technology #indieweb #introduction<\/em>\n<br \/><\/p>\n<center>\n<a href=\"https:\/\/shellsharks.social\/@afterdark\/112196013758699922\"><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/fedicard\/sharkafterdark-fedicard.png\" alt=\"sharkafterdark-fedicard\" width=\"250px\" \/><\/a>\n<\/center>\n","pubDate":"Tue, 27 Feb 2024 23:56:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2024\/02\/27\/shark-after-dark","guid":"https:\/\/shellsharks.com\/notes\/2024\/02\/27\/shark-after-dark","category":["life","shellsharks","mastodon"]},{"title":"Shellsharks.com, a visual history","description":"<p>The site has gone through some notably major visual\/aesthetic revisions since it was first established in 2019. Though I work continuously on the site making changes as I go, I consider these three particular moments in time to be the three major \u201cversions\u201d of the site from a visual sense. The delta from 1.0 to 2.0 is pretty obvious. Aesthetically, the differences between 2.0 and 3.0 are much more minor but under-the-hood, a lot of changes were made to make the site much more robust, modular and extensible. And now, take a trip down memory lane\u2026.<\/p>\n\n<h2 id=\"shellsharks-10-may-2019\">Shellsharks <strong>1.0<\/strong> (May 2019)<\/h2>\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/captains-log\/2021\/old-shellsharks.PNG\" alt=\"shellsharks 1.0\" \/><\/p>\n\n<hr \/>\n\n<h2 id=\"shellsharks-20-early-2021\">Shellsharks <strong>2.0<\/strong> (Early 2021)<\/h2>\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/shellsharksv2-pic.png\" alt=\"shellsharks 2.0\" \/><\/p>\n\n<hr \/>\n\n<h2 id=\"shellsharks-30-january-2024\">Shellsharks <strong>3.0<\/strong> (January 2024)<\/h2>\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2024\/shellsharksv3.pic.png\" alt=\"shellsharks 3.0\" \/><\/p>\n\n<hr class=\"fin\" \/>\n\n<h2 id=\"shellsharks-40-february-2025\">Shellsharks <strong>4.0<\/strong> (February 2025)<\/h2>\n<p><img src=\"https:\/\/shellsharks-images.s3.us-east-1.amazonaws.com\/notes\/2024\/home-page-2025-02.png\" alt=\"shellsharks 4.0\" \/><\/p>\n\n<p>Hello <a href=\"https:\/\/shellsharks.com\/whats-a-home-page\">home page<\/a>!<\/p>\n","pubDate":"Thu, 15 Feb 2024 08:12:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2024\/02\/15\/shellsharks-a-visual-history","guid":"https:\/\/shellsharks.com\/notes\/2024\/02\/15\/shellsharks-a-visual-history","category":["life","shellsharks"]},{"title":"Thoughts on chips","description":"<p>Jumping in on the chips thought-train <sup><a href=\"https:\/\/lynnandtonicblog.com\/2024\/01\/25\/my-quick-thoughts-on-chips\/\">1<\/a>, <a href=\"https:\/\/daverupert.com\/2023\/08\/quick-thoughts-on-chips\/\">2<\/a>, <a href=\"https:\/\/snook.ca\/archives\/personal\/quicker-thoughts-on-chips\">3<\/a>, <a href=\"https:\/\/pmullen.com\/posts\/more-quick-thoughts-on-chips\/\">4<\/a><\/sup> (<strong>Warning<\/strong>: Hot takes ahead\u2026)<\/p>\n\n<ul>\n  <li>\n    <p>Tortilla chips are top tier when served with a spicy salsa or <em>real<\/em> queso. Eating them plain is acceptable if you don\u2019t have anything proper to dip them into. Unranked list of top brands include <em>Xochitl<\/em>, <em>Tostitos<\/em> and those thick kinda oily tortilla chips you find in unbranded paper bags at Whole Foods.<\/p>\n  <\/li>\n  <li>\n    <p>Potato chips should be kettle-cooked <em>above all else<\/em>. Those awful varieties of thin flimsy potato chip should be discarded. This <em>does<\/em> include Pringles, which are hardly even chips tbh. (<em>More on this further down.<\/em>)<\/p>\n  <\/li>\n  <li>Potato chip top-5 flavor rankings:\n    <ol>\n      <li>Jalape\u00f1o<\/li>\n      <li>Barbeque<\/li>\n      <li>Plain<\/li>\n      <li>Sour cream &amp; onion<\/li>\n      <li>Salt &amp; vinegar\n<br \/><br \/><\/li>\n    <\/ol>\n  <\/li>\n  <li>\n    <p>First couple Doritos taste good, beyond that you realize they are a trash food.<\/p>\n  <\/li>\n  <li>\n    <p>Sour cream and onion dip should be enjoyed with thick, wavy (plain) potato chips.<\/p>\n  <\/li>\n  <li>\n    <p>\u201cClassic\u201d Lay\u2019s Potato Chips are awful. <em>Please don\u2019t eat<\/em>.<\/p>\n  <\/li>\n  <li>\n    <p>I haven\u2019t eaten a \u201ccorn chip\u201d of any kind since I was a child. This seems appropriate.<\/p>\n  <\/li>\n  <li>\n    <p>Speaking of my childhood it was impossible for me <strong>not<\/strong> to eat an entire bag of <a href=\"https:\/\/www.andycapps.com\">Andy Capp\u2019s Hot Fries<\/a> in one sitting.<\/p>\n  <\/li>\n  <li>Of course pretzels, Cheetos and other varieties of cheese puffs are <em>not<\/em> chips. But if you\u2019re going to eat a pretzel, it should probably just be chocolate or yogurt-dipped.<\/li>\n<\/ul>\n","pubDate":"Mon, 29 Jan 2024 13:23:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2024\/01\/29\/thoughts-on-chips","guid":"https:\/\/shellsharks.com\/notes\/2024\/01\/29\/thoughts-on-chips","category":["life","food"]},{"title":"On supporting 404 Media and what's important","description":"<p>I\u2019ve been following <a href=\"https:\/\/mastodon.social\/@404mediaco\">@404mediaco<\/a> since they went live last year and this most <a href=\"https:\/\/mastodon.social\/@jasonkoebler\/111823811997186188\">recent post<\/a> from <a href=\"https:\/\/mastodon.social\/@jasonkoebler\/111823811997186188\">@jasonkoebler<\/a> and the team there <em>really got me thinking<\/em>. (That toot links to <a href=\"https:\/\/www.404media.co\/why-404-media-needs-your-email-address\/\">https:\/\/www.404media.co\/why-404-media-needs-your-email-address\/<\/a>).<\/p>\n\n<p>They\u2019ve had some incredible stories and scoops over the last couple months. I see all the headlines come through Mastodon or RSS and I say \u201cwow that\u2019s crazy\u201d, or \u201cdang, I never knew that\u201d, but that doesn\u2019t always translate into me fully reading the post. Maybe I don\u2019t have time to read it, maybe I mean to but then forget, in other cases I think the story is interesting but doesn\u2019t necessarily impact me specifically. But these stories are meant to be read, they <em>need<\/em> to be read, maybe not by me all the time, but by someone\u2026 in reality, A LOT of someones if you ask me. Everything they call out in terms of rampaging AI theft, social network decay, traditional journalism in freefall, etc\u2026 is no joke. I\u2019m seeing it happen each day and it is in fact quite troubling.<\/p>\n\n<p>I\u2019ll admit, I\u2019ve always relied on the free-ness of stuff on the web and as a result have been somewhat reluctant to choose creators\/publications to support. But given the state of the web, HELL, the state of the <em>world<\/em>, I really can\u2019t justify that any more. I want to see more of what 404 produces, and to help ensure that, I plan to <a href=\"https:\/\/www.404media.co\/faq\/\">support that end<\/a>. I\u2019ve also been working on a list of other causes, publications, etc\u2026 to support as this I feel is an ever precarious point in time. (If you have any suggestions I would be interested in hearing what you believe could use the support - comment or DM me).<\/p>\n\n<p>So what\u2019s my point? I suppose it\u2019s support what you like, what\u2019s impactful, what\u2019s important to not just you but to everyone, otherwise it may vanish. The world has changed and I need to as well.<\/p>\n","pubDate":"Fri, 26 Jan 2024 20:04:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2024\/01\/26\/supporting-whats-important","guid":"https:\/\/shellsharks.com\/notes\/2024\/01\/26\/supporting-whats-important","category":["life","nosearch"]},{"title":"AI creates humans, humans create AI","description":"<p>When we find out God is an AI singularity that created humans to replace itself only to have us humans create AI to replace ourselves. \u267e\ufe0f<\/p>\n\n<p><em>#microfiction #ai<\/em><\/p>\n","pubDate":"Fri, 19 Jan 2024 11:27:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2024\/01\/19\/ai-singularity","guid":"https:\/\/shellsharks.com\/notes\/2024\/01\/19\/ai-singularity","category":["life","microfiction","ai"]},{"title":"NaBloPoMo 2023 wrap-up","description":"<p><em>Welp!<\/em> That\u2019s a wrap on <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/01\/nablopomo-2023\">NaBloPoMo 2023<\/a>. To sum it all up, the experience was certainly challenging but also a great way for me to write about a variety of different topics. Here\u2019 some other mini-takeaways from the past 30 days\u2026<\/p>\n\n<ul>\n  <li>\n    <p>I definitely lost some steam towards the end of the month. Blame writing fatigue, the holidays, busier family schedule, or whatever - it was evident I just didn\u2019t have the energy towards the end.<\/p>\n  <\/li>\n  <li>\n    <p>There were a few residual topics I had planned to write about that I never got around to. These will make for great posts in the near future!<\/p>\n  <\/li>\n  <li>\n    <p>For NaBloPoMo 2024, I need to be prepared to get ahead of my writing in the earlier days of the month to mitigate fatigue experienced later in the month as well as having less time due to the start of the holiday season (i.e. Thanksgiving).<\/p>\n  <\/li>\n  <li>\n    <p>I didn\u2019t come close to the <em>50k<\/em> word goal, even falling short of <em>20k<\/em>. I also didn\u2019t quite get to a post-a-day. But I\u2019m happy with what I was able to produce and look forward to next year!<\/p>\n  <\/li>\n<\/ul>\n\n<p>Thanks to anyone who took the time to read any of this months stuff!<\/p>\n","pubDate":"Thu, 30 Nov 2023 08:41:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/30\/nablopomo-2023-wrap-up","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/30\/nablopomo-2023-wrap-up","category":["nablopomo","life"]},{"title":"How to spend my time off","description":"<p>I\u2019ve got ~4 months of leave coming up and am mentally lining up how I would like to spend it and what (if anything) I could attempt to <em>accomplish<\/em> given I have the time. Here\u2019s what I got\u2026<\/p>\n\n<ul>\n  <li>\n    <p>Bonding with my daughter (<em>this is of course the primary objective for parental leave<\/em>).<\/p>\n  <\/li>\n  <li>\n    <p>Podcast reboot - <a href=\"https:\/\/shellsharks.com\/podcast\">The Shellsharks Podcast<\/a> is coming back! Thinking of how I want to structure this next season.<\/p>\n  <\/li>\n  <li>Cooking - There\u2019s a few things I would like to learn to cook\u2026\n    <ul>\n      <li>Home-made pasta sauce &amp; pasta (noodles)<\/li>\n      <li>Some sort of delicous bean soup<\/li>\n      <li>Tweak my chili recipe\n<br \/><br \/><\/li>\n    <\/ul>\n  <\/li>\n  <li>\n    <p>Blog\/Site upgrades - I have a number of things <a href=\"https:\/\/shellsharks.com\/roadmap\">I\u2019d like to add<\/a> to the blog.<\/p>\n  <\/li>\n  <li>\n    <p>\u201cWork 2.0\u201d - Basically, I want to put some thought into a bunch of things related to my career and money-making in general. How can I monetize my side projects (i.e. podcast, blog, etc\u2026), what do I want to do work-wise in the next 1, 3, 5, even 10 years? This sort of stuff.<\/p>\n  <\/li>\n  <li>Gaming - I have recently started to get back into gaming a bit. Here\u2019s some things I\u2019m thinking about playing over the break\u2026\n    <ul>\n      <li><a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/22\/retro-gaming-with-delta#title\">the \u201cclassics\u201d<\/a>, i.e. some NES \/ SNES \/ N64 titles that I love<\/li>\n      <li>Baldur\u2019s Gate 3<\/li>\n      <li>Breath of the Wild<\/li>\n      <li>(old-school) Ultima Online (<em>w\/ friends<\/em>)\n<br \/><br \/><\/li>\n    <\/ul>\n  <\/li>\n  <li>\n    <p>Basketball - I plan on taking my talents to a different gym to play bball now that Lifetime has gone \u201cfull pickleball\u201d.<\/p>\n  <\/li>\n  <li>\n    <p>Weight-lifting - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/11\/fitness-quest\">I\u2019ve been lifting since October<\/a> of last year and want to keep up the pace!<\/p>\n  <\/li>\n  <li>Cleaning the house - My wife <em>insisted<\/em> I put this on the list.<\/li>\n<\/ul>\n","pubDate":"Fri, 24 Nov 2023 10:20:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/24\/how-to-spend-my-time-off","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/24\/how-to-spend-my-time-off","category":["nablopomo","life","nosearch"]},{"title":"Retro gaming with Delta","description":"<div class=\"containbox\">Update: <a href=\"https:\/\/apps.apple.com\/us\/app\/delta-game-emulator\/id1048524688\">Delta<\/a> is <a href=\"https:\/\/9to5mac.com\/2024\/04\/17\/riley-testut-launches-delta-game-emulator-on-app-store-for-everyone-altstore-marketplace-for-eu\/\">now available<\/a> natively on iOS\/iPadOS!<\/div>\n<p><br \/><\/p>\n\n<p>I\u2019ve always considered myself a \u201cgamer\u201d. But I like to think there are (<em>at least<\/em>) two types of \u201chardcore\u201d gamers - those that play alot but only a few titles and those that like to play alot and play <em>everything<\/em>. I\u2019m more the <em>former<\/em>. I grew up in the 90\u2019s, so my love for gaming is shaped by consoles like the classic Nintendo, Super Nintendo, N64 and GameCube (I was <em>clearly<\/em> a Nintendo kid). I\u2019ve documented some of my <a href=\"https:\/\/shellsharks.com\/notes\/2011\/07\/07\/favorite-nintendo-games\">favorite titles here<\/a>. In those days, I actually played quite a few different games. Starting with the GameCube, I became much more of a mono-player, in other words, I really just played one game on whatever was the latest console. With the GameCube I literally <em>only<\/em> played Super Smash, on Xbox it was Halo, with Xbox 360 more Halo and on Xbox One it was Destiny. (Somewhere in there I played a fair bit of Star Wars: Battlefront). As much as I miss the early days of Halo, LAN parties and the <a href=\"https:\/\/halo.fandom.com\/wiki\/Noob_Combo\">plasma pistol + battle rifle combo<\/a>, nothing comes quite as close to the \u201cgolden days\u201d of gaming nostalgia as playing those NES\/SNES\/N64 games. Though I will never be able to recapture what it felt like to be a kid with no other responsibilities playing games with my brother early on a weekend morning, I still love to play these old games.<\/p>\n\n<p>I have kept the consoles and games from my youth and <em>have<\/em> actually played them pretty recently (especially during the early days of the pandemic) and they\u2019ve worked great! One issue with that experience is that playing classic games on modern high-definition TVs makes for a bit of an eye sore. It also isn\u2019t the most portable experience. Enter emulators. I\u2019ve played retro games on emulators for a long time now but there\u2019s never been a great option for iOS outside of the <a href=\"https:\/\/www.theiphonewiki.com\/wiki\/Jailbreak\">jailbreak<\/a> scene. <strong><a href=\"https:\/\/deltaemulatorapp.com\">Delta<\/a><\/strong> is an emulator from <a href=\"https:\/\/github.com\/rileytestut\">Riley Testut<\/a> (of former <a href=\"http:\/\/www.gba4iosapp.com\">GBA4iOS<\/a> fame) that I\u2019ve recently installed on my iPad so that I can once again enjoy these classic titles! Installing it is <em>fairly<\/em> straight forward and a really quick operation. The <a href=\"https:\/\/faq.altstore.io\">instructions can be found here<\/a>. It requires sideloading the app through an alternative app store, <a href=\"https:\/\/altstore.io\">AltStore<\/a>. AltStore has some other interesting apps that I will be interested in checking out in the future. Also interesting, <a href=\"https:\/\/www.apple.com\/privacy\/docs\/Building_a_Trusted_Ecosystem_for_Millions_of_Apps_A_Threat_Analysis_of_Sideloading.pdf\">given Apples historical stance<\/a>, is recent news around <a href=\"https:\/\/www.theverge.com\/2023\/11\/12\/23957560\/sideloading-and-other-changes-are-coming-to-ios-in-the-eu-soon\">Apple allowing sideloading<\/a> in a near-future iOS release.<\/p>\n\n<p>Once installed, Delta is easy enough to navigate - mostly, you just need to import your roms. There is some <a href=\"https:\/\/www.kotaku.com.au\/2021\/10\/in-defense-of-roms-a-solution-to-dying-games-and-broken-copyright-laws\/\">nuanced legality<\/a> to how you acquire these roms and though there is not much history of enforcement, you should be conscious of how\/what you are downloading. Also be careful of rom sites as they have been known to <a href=\"https:\/\/www.vintageisthenewold.com\/game-pedia\/can-game-roms-have-virus\">distribute compromised files<\/a>.<\/p>\n\n<p>Playing games is a great experience on iPad. Resizable window(s) (<em>using stage manager<\/em>), external controller support, save states, game library, etc\u2026 All right on your iPad. <em>Amazing<\/em>! So far, I\u2019ve done a full 100% play through of Super Mario World (the GOAT Mario game) and have started a replay of Super Mario RPG (which Nintendo just dropped the <a href=\"https:\/\/www.nintendo.com\/us\/store\/products\/super-mario-rpg-switch\/\">redux<\/a> of). I think for now I\u2019ll finish another playthrough of the classic and then pick up the new version sometime in the future, especially if they add a hard mode or new gameplay.<\/p>\n\n<p>So if you\u2019re looking to do some retro gaming, check out Delta for iOS\/iPadOS!<\/p>\n","pubDate":"Wed, 22 Nov 2023 22:28:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/22\/retro-gaming-with-delta","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/22\/retro-gaming-with-delta","category":["nablopomo","life","gaming","nintendo"]},{"title":"Hark Threaders! The Fediverse is good for you","description":"<p>Though I consider myself <a href=\"https:\/\/joinmastodon.org\">Mastodon<\/a>-<em>first<\/em>, I also am relatively active on <a href=\"https:\/\/www.threads.net\">Threads<\/a>. One thing I see quite often are people with quick takes on how Mastodon \u201c<a href=\"https:\/\/www.threads.net\/@guillecummings\/post\/CzIIcSLLhxE\/\">sucks<\/a>\u201d and no one cares about \u201cfederation\u201d. Since Threads only offers me 500 characters (in a single thread) to respond to these folks, I wanted to write up a longer piece here that I can share, which details the benefits of <a href=\"https:\/\/docs.joinmastodon.org\/#federation\">federation<\/a> and the <a href=\"https:\/\/activitypub.rocks\">ActivityPub<\/a> platform for Threads users and also talk a little bit about why Mastodon is actually pretty great!<\/p>\n\n<h1 id=\"activitypub-the-fediverse-and-why-you-should-care\">ActivityPub, the Fediverse and Why You Should Care<\/h1>\n\n<p><a href=\"https:\/\/activitypub.rocks\">ActivityPub<\/a> (\u201cAP\u201d) support is coming to <a href=\"https:\/\/www.threads.net\">Threads<\/a>, as <a href=\"https:\/\/www.threads.net\/@mosseri\/post\/CuRtcYTNY3J\/\">said by the head of Instagram himself<\/a>. With AP in place, Threads can then become part of the \u201c<a href=\"https:\/\/en.wikipedia.org\/wiki\/Fediverse\">Fediverse<\/a>\u201d, which can be thought of as the larger network of interconnected platforms that can communicate with one another using AP as the underlying protocol. So how does Threads and its users benefit from joining the Fediverse? I\u2019ll explain by desribing the <em>interoperability<\/em> and <em>portability<\/em> benefits.<\/p>\n\n<ul>\n  <li>\n    <p><strong>Interoperability<\/strong>: All other platforms that are on the Fediverse can interact with each other using AP. Mastodon has traditionally been the largest AP-enabled platform but what else is part of the Fediverse? Here\u2019s a <a href=\"https:\/\/socialhub.activitypub.rocks\/c\/software\/\">list of AP-enabled platforms<\/a>. Yes, this list is mostly represented by small projects but more recently, <a href=\"https:\/\/wordpress.com\">WordPress<\/a> has brought their <a href=\"https:\/\/wordpress.org\/plugins\/activitypub\/\">AP plugin<\/a> online which allows WordPress sites to federate and therefore be followable by any other account on the Fediverse. This is <em>huge<\/em> as WordPress makes up <a href=\"https:\/\/wordpress.com\/go\/website-building\/wordpress-turns-18-and-powers-over-40-of-the-web\/\">~40+% of the entire Internet<\/a>. Now you can follow <em>websites<\/em> directly from your Threads account and\/or use your WordPress site as an identity\/account for social media, also within the Fediverse. <em>Amazing<\/em>! Now imagine other large platforms (i.e. <a href=\"https:\/\/techcrunch.com\/2022\/11\/21\/tumblr-to-add-support-for-activitypub-the-social-protocol-powering-mastodon-and-other-apps\/\">Tumblr<\/a>, <a href=\"https:\/\/techcrunch.com\/2023\/02\/28\/flipboard-joins-the-fediverse-with-a-mastodon-integration-and-community-plans-for-activitypub\/\">Flipboard<\/a>, <a href=\"https:\/\/blog.medium.com\/medium-embraces-mastodon-19dcb873eb11\">Medium<\/a>, <a href=\"https:\/\/blog.mozilla.org\/en\/mozilla\/mozilla-social-mastodon-private-beta-announcement\/\">Mozilla<\/a>) implementing AP support and what that could mean for you as a Threads user and for the Internet as a whole? Imagine instead of <a href=\"https:\/\/www.threads.net\/@quillmatiq\/post\/Cx_OCt0v0B7\/\">sharing a screenshot<\/a> or link to a website or other social media platform post you could natively share it directly on whatever platform you were on!<\/p>\n  <\/li>\n  <li>\n    <p><strong>Portability<\/strong>: When <a href=\"https:\/\/www.wired.com\/story\/x-twitter-rebrand-dead\/\">Twitter crumbled<\/a>, people were at a loss. Stay, despite the descension into a hellsite? Or leave, abandoning your followers and having no real place to set up shop next? A number of other platforms gained traction at that time, Threads, Mastodon, BlueSky, etc\u2026 but for each of them you now had the task of rebuilding your following and making a new network. For some, having an existing Instagram graph helped bootstrap their Threads following, but for many, they were at 0 once again. With AP support, you would in theory be able to pick up your account from Threads and port it over to another platform completely (like Mastodon), your followers would come with you keeping your graph and identity intact. This adds a resilience not accessible with traditional centralized platforms and helps mitigate other issues like deplatforming.<\/p>\n\n    <ul>\n      <li>Threads adopting ActivityPub and amassing the larget user-base of the Fediverse could cement them as the eternal dominant player in the social space. That said, if the platform were to <a href=\"https:\/\/kottke.org\/23\/01\/the-enshittification-lifecycle-of-online-platforms\">enshittify<\/a> for all the reasons these services typically do, users would not be stranded. <em>Great<\/em>!<\/li>\n    <\/ul>\n  <\/li>\n<\/ul>\n\n<p>These are probably the two biggest features AP offers to Threads users, but other benefits exist too!<\/p>\n\n<hr \/>\n\n<h1 id=\"why-mastodon--fediverse-is-good\">Why Mastodon \/ Fediverse is good<\/h1>\n\n<p>Let me address the other comment I\u2019ve seen on Threads quite a bit - that Mastodon \u201c<a href=\"https:\/\/www.threads.net\/@guillecummings\/post\/CzIIcSLLhxE\/\">sucks<\/a>\u201d or is just for weird anarchists, furries or techies. The uncorporate and privacy-concious qualities of Mastodon <em>DO<\/em> make it a nice place for these communities, but these same characteristics and other benefits <em>also<\/em> make it a nice place for really <em>any<\/em> community!<\/p>\n\n<p>Here\u2019s a list of benefits of an open and decentralized network.<\/p>\n\n<ul>\n  <li>Follow-fueled, chronological timeline. Tired of seeing certain types of content thrust into your feed? Worry no more! Mastodon does not rely on an algorithmic timeline. You see only what you follow and what your follows boost. If your interested in an algorithmic feed, some Mastodon clients are starting to build this functionaity into their apps.<\/li>\n  <li>Mastodon has no ads and there is no one trying to monetize your existence and use of the platform.<\/li>\n  <li>The anti-viral nature of an algorithm-less timeline means no (<em>or less<\/em>) rage\/engagement-baiting for the sake of driving platform engagement.<\/li>\n  <li>Similarly, the lack of an algorithm driving what appears in the timeline means no opportunity for algorithmic-downranking of posts.<\/li>\n  <li>Did I mention that you aren\u2019t monetized? You are <strong>not<\/strong> the product.<\/li>\n  <li>No influencers or brands clogging up your timeline. That said, you\u2019re free to follow either if you choose!<\/li>\n  <li>Everything from your Mastodon instance (server) to the client you use is customizable.<\/li>\n  <li>There are third-party apps\/clients.<\/li>\n  <li>If you are so inclined, you can <a href=\"https:\/\/shellsharks.com\/own-my-social\">self-host<\/a> your own Mastodon instance! This is a great way to prove the authenticity of your account, to improve \u201cbranding\u201d and a great vanity piece.<\/li>\n  <li>You have more control over data ownership.<\/li>\n  <li>It\u2019s open source! The <a href=\"https:\/\/github.com\/glitch-soc\">glitch-soc<\/a> fork offers a number of improvements to the out-of-the-box Mastodon experience.<\/li>\n  <li>Mastodon is by nature, \u201cdecentralized\u201d. This adds resilience and more to the network.<\/li>\n  <li>Contextual, community-run moderation. On Threads, you rely on Facebook\u2019s one-size-fits-all moderation approach. With Mastodon, each instance performs their own moderation so you get a much more custom, tailored approach to moderation.<\/li>\n  <li>Deplatforming\/censorship resistance. Since you can move accounts and host your own federated instance, you can make yourself extremely resilient in the face of possible deplatforming\/censorship.<\/li>\n  <li>The Fediverse has by far the most interoperability with other networks. You can interface with the entire universe of AP-compatible networks while also engaging with those on Bluesky, Threads, Nostr and more.<\/li>\n  <li>Mastodon isn\u2019t owned by Facebook*, a billionaire or any one person\u2026<\/li>\n<\/ul>\n\n<h2 id=\"mastodon-isnt-perfect\">Mastodon isn\u2019t perfect<\/h2>\n\n<p>I\u2019ve really enjoyed my time on Mastodon thus far, but it isn\u2019t without some downsides\u2026<\/p>\n\n<ul>\n  <li>Mastodon is a network of disparate hosted instances. <a href=\"https:\/\/fedipact.veganism.social\">Drama<\/a> often descends upon the Mastodon meta and instance admins are faced with decisions on whether to defederate from other instances.<\/li>\n  <li>Account migration exists but needs a tune up. It\u2019s not entirely intuitive and does not port follows or historical posts.<\/li>\n  <li>For users on smaller instances, reachability has technical challenges.<\/li>\n  <li>Discoverability is hard <em>at first<\/em>. With no algorithm to speed along finding interesting accounts, some word is required to find who you want to follow.<\/li>\n<\/ul>\n\n<h1 id=\"wrap-up\">Wrap-up<\/h1>\n\n<p>Whether you choose Mastodon or Threads shouldn\u2019t matter much in a future world where both leverage AP, just choose whichever you feel comfortable with. If you\u2019re on Threads and you love it that\u2019s great! As a Threads user, you should be excited about an AP-enabled Threads future and should continue to advocate to Threads devs to implement this. Thanks for reading!<\/p>\n\n<hr \/>\n\n<h1 id=\"references\">References<\/h1>\n\n<ul>\n  <li><a href=\"https:\/\/www.theverge.com\/2023\/4\/20\/23689570\/activitypub-protocol-standard-social-network\">Can ActivityPub save the internet? | The Verge<\/a><\/li>\n  <li><a href=\"https:\/\/www.404media.co\/mastodon-is-the-good-one\/\">Mastodon is the Good One | 404 Media<\/a><\/li>\n  <li><a href=\"https:\/\/wordpress.com\/blog\/2023\/10\/11\/activitypub\/\">Engage a Wider Audience With ActivityPub | WordPress.com<\/a><\/li>\n  <li><a href=\"https:\/\/help.instagram.com\/169559812696339\">About Threads and the fediverse<\/a><\/li>\n  <li><a href=\"https:\/\/www.threads.net\/@mosseri\/post\/CuRtcYTNY3J\/\">Mosseri\u2019s committment to ActivityPub<\/a><\/li>\n  <li><a href=\"https:\/\/www.fediverse.to\">to the Fediverse!<\/a><\/li>\n  <li><a href=\"https:\/\/www.technologyreview.com\/2023\/10\/17\/1081194\/how-to-fix-the-internet-online-discourse\">How to fix the Internet<\/a><\/li>\n  <li><a href=\"https:\/\/adage.com\/article\/digital-marketing-ad-tech-news\/fediverse-everything-marketers-need-know-about-decentralized-social-media\/2525801\">Fediverse-Everything Marketers Need to Know about Decentralized Social Media<\/a><\/li>\n  <li><a href=\"https:\/\/techcrunch.com\/2023\/11\/03\/why-mozilla-is-betting-on-a-decentralized-social-networking-future\/\">Why Mozilla is betting on a decentralized social networking future<\/a><\/li>\n  <li><a href=\"https:\/\/www.threads.net\/@quillmatiq\/post\/Cx_OCt0v0B7\/\">quillmatiq on Threads<\/a><\/li>\n  <li><a href=\"https:\/\/www.threads.net\/@ngorby\/post\/Cy_8bZJrK5Y\/\">Who prefers Mastodon? | Threads<\/a><\/li>\n<\/ul>\n","pubDate":"Thu, 16 Nov 2023 07:40:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/16\/hark-threaders-the-fediverse-is-good-for-you","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/16\/hark-threaders-the-fediverse-is-good-for-you","category":["nablopomo","life","threads","mastodon","bestof"]},{"title":"Fitness quest","description":"<p>It\u2019s been over a year since I began a more committed fitness \u201cjourney\u201d. Here I reflect and share some thoughts on <a href=\"#my-background\">where I started<\/a>, what <a href=\"#my-plan\">my plan<\/a> has been, <a href=\"#how-its-going\">how it\u2019s been going<\/a> and what my ultimate <a href=\"#my-goals\">goals<\/a> are.<\/p>\n\n<h1 id=\"my-background\">My Background<\/h1>\n\n<p>I\u2019ve always been pretty lean, at certain points some might even say \u201cscrawny\u201d. In highschool I was 6\u20192\u201d and around 140 pounds. When I set off for college I was closer to 160 and after 4 long years (of \u201c<em>intense studying<\/em>\u201d \ud83d\ude1c) I began my post-university life at around 180. For years (like\u2026 <em>10 years<\/em>) I stayed in the 180-190 range, and then\u2026 the pandemic hit. I stopped going to the gym (where I played <em>a lot<\/em> of basketball) and my diet went from bad to worse. Things definitely started to get away from me and I did virtually nothing to backfill the activity I had lost. I knew I was getting out of shape but having never weighed myself or really tried to do much intense physical activity, it was hard to tell how bad it had gotten. It wasn\u2019t until I was at my grandmas house one day, she had a scale and I weighed myself and I realized something needed to change. I clocked in at <strong>210 pounds<\/strong> (some 20-30 lbs heavier than usual), the first time I had ever been over 200 and obviously the heaviest I had ever been, <em>and I felt it<\/em>. This was the turning point for me. It wasn\u2019t long after that that I signed up for the gym again and not only restarted playing basketball but also committed to lifting weights for the first time in my life. I had <a href=\"#my-plan\">a plan<\/a>, or something that resembled a plan and I was serious about losing weight and more importantly, getting stronger and in better shape.<\/p>\n\n<h1 id=\"my-plan\">My Plan<\/h1>\n\n<p>So what was the plan? Pretty simple actually, albeit somewhat unspecific - eat better, lift weights at the gym 5-6 times a week, add in supplemental home workouts\/exercises when appropriate and get back to playing basketball. The problem? I knew nothing about lifting weights and hadn\u2019t a clue about how and what to eat to both lose weight while putting on muscle. Some learning and research was required\u2026<\/p>\n\n<p>To learn more about gym equipment and how to put together workout sets, I signed up for a personal trainer at my gym (<a href=\"https:\/\/www.lifetime.life\">Lifetime Fitness<\/a>). I did a few sessions and learned the basics - proper form, how to use the machines, how to work different muscle groups, monitoring my heart rate and more! After that, I started putting together my own <a href=\"#training-splits\">training splits<\/a>. I enjoyed working with the trainer and wouldn\u2019t mind continuing, but it <em>is expensive<\/em> and for me, I think I can put together my own plan after learning the basics. If I find in the future I am plateau-ing or otherwise looking to accelerate my progression, I may grab a few more sessions.<\/p>\n\n<p>For diet, I learned (both from my trainer and through some online research) that I needed to hit a certain protein threshold to gain muscle - approximately 1g of protein per pound based on my <em>goal<\/em> weight. Beyond that, I needed to simply monitor calories - calorie deficit to lose weight and surplus to put on weight. My trainer suggested I use a protein powder supplement (namely, Lifetime brand <a href=\"https:\/\/shop.lifetime.life\/collagen-peptides\">collagen peptides<\/a>) to hit my daily protein number. I hadn\u2019t heard of and wasn\u2019t entirely sure what \u201ccollagen peptides\u201d were but I\u2019ve been using it for over a year now and love it. The vanilla flavor tastes great in smoothies, is less heavy than traditional whey, and has good benefits for digestion, hair, skin, etc\u2026 To help me more accurately hit my macro numbers (protein but also general calories) each day I use a calorie tracker app on my phone. At first I used <a href=\"https:\/\/www.myfitnesspal.com\">MyFitnessPal<\/a> and even paid for the subscription. The paid version gives you access to the barcode scanning feature which is important for quick adds to the app. More recently, I discovered the <a href=\"https:\/\/www.foodnoms.com\">FoodNoms<\/a> app which is very similar to MyFitnessPal and has the barcode scanning feature in the free tier. I canceled MyFitnessPal and now use FoodNoms. FoodNoms has a more attractive interface in my opinion but its catalog of foods is poor compared to MyFitnessPal. Fortunately, I can supplement FoodNoms lack of catalog with MyFitnessPal\u2019s as it is offered for free. I am off and on with diligently tracking macros\/calories. I think a calorie tracker is indispensible in the early days of a fitness journey as you need to learn more about what foods have what in them, how much to eat, etc\u2026 Later, once you\u2019re in more of a routine and have a decent idea of what you\u2019re putting into your body you can lay off more diligent tracking.<\/p>\n\n<p>When I first started my personal training sessions and actually lifting weights I was over 200 pounds (202 to be exact-ish) and at just over 20% body fat. So <a href=\"#how-its-going\">how\u2019s it been going<\/a> since then?<\/p>\n\n<h1 id=\"how-its-going\">How it\u2019s going<\/h1>\n\n<p>It\u2019s been just over a year since I first started lifting weights and eating better, my \u201cfitness journey\u201d if you will. Overall, it\u2019s going great! Some minor setbacks here and there but for the most part, I have been sticking with it and seeing results. Due to my current family life and work situation, I tend to go to the gym late, like 8pm+. I don\u2019t mind this as I am usually up late anyways, tend to have a good amount of energy, even at that time, and being there late gives me the ability to take my time with the workout versus an early morning or lunch-time workout where I would feel rushed to get back to work. The gym tends to be less crowded at this time too which is a plus.<\/p>\n\n<p>Up until recently, when at the gym I had my pick between lifting weights or playing pickup basketball and many a night, doing both. This was until Lifetime made the horrific decision to close <em>BOTH<\/em> of their basketball courts in favor of installing pickleball courts (<a href=\"https:\/\/mocoshow.com\/2022\/08\/17\/life-time-gaithersburg-to-convert-one-basketball-court-to-pickleball-courts\/\">one such example<\/a>). My rage at this decision can not be described using words of human tongue, <em>so I won\u2019t try<\/em>. I\u2019ll just say, <em>I don\u2019t get it<\/em>, and I\u2019m sad that I can no longer play basketball at the gym and now need to find a new place to play, which means likely having to find a new gym altogether. It\u2019s been a few weeks since I\u2019ve played basketball and not only can I feel the effects, I just miss playing. The cardio is important for my fitness but I also get an emotional release from playing so I need to find that again.<\/p>\n\n<p>My day-to-day <a href=\"#training-splits\">training splits<\/a> have <a href=\"https:\/\/shellsharks.com\/notes\/2023\/08\/08\/current-training-splits\">evolved over time<\/a>. I\u2019ve added, subbed and removed exercises to build a mildly efficient but seemingly effective workout routine to help me net the gains I am looking for. I\u2019m still no expert by any means and am always looking to learn and tweak the regimen. I actually get a lot of ideas for what to add to my routine through fitness \u201cinfluencers\u201d on Instagram.<\/p>\n\n<p>The hardest part of \u201cgetting in shape\u201d, or losing weight is <em>not<\/em> lifting weights\/working out, it\u2019s not even achieving the consistency of exercising every day. The hardest part is eating right. For me (and many others) exercise is <em>fun<\/em>! There is a chemical release associated with exercise and a primal satisfaction from using your body, the muscles, to do <em>stuff<\/em>. What <em>isn\u2019t<\/em> fun is eating healthy - <em>hah<\/em>! Eating right means focusing on healthier foods which means less sugar, less carbs and less fats (<strong>very<\/strong> generally speaking). Thus, eating healthier means sacrificing at times, related to eating foods you may prefer taste-wise. What makes eating right a lot of work is the planning and prepping, plus the constant vigilance in not straying too far from the plan week in and week out. I\u2019ve <em>never<\/em> really eaten healthy.<\/p>\n\n<p>I\u2019ve always been lean, always <em>very<\/em> active and my metabolism is maybe just good or something. Whatever this combination has been, it has let me compensate for the fact that I have never had a particularly healthy diet. To my credit, there are certain things I was always good at staying away from (i.e. soda), but I ate a lot of sweets, fried foods, drank a lot of beer, etc\u2026 Well once the pandemic came through, my diet stayed the same (or even got worse) but my exercise fell off a cliff. During this period of time where I\u2019ve been looking to get in better shape I haven\u2019t done a crazy amount of meal planning. There have been some weeks where I looked up \u201chealthy\u201d or otherwise protein-heavy meals and made them but for the most part I\u2019ve stuck with a few reliable dishes, making them again and again. Notably, a gym rat\u2019s go-to, chicken + rice + vegetables of some kind. Outside of chicken and rice, I tend to just focus on meals that are high-protein, even if they aren\u2019t particularly low calorie.<\/p>\n\n<p>For now, I\u2019ve been more focused on putting on muscle rather than dropping pounds. I wouldn\u2019t say I\u2019ve ever tried to go through a \u201cbulking\u201d phase, but rather just not caring whether I gain or lose weight at this point. That said, with my beach trip coming up I know I\u2019m going to want to go through a cut just to lose as much of the unwanted belly fat as I can. This is a problem for future Mike at this point =). Steak is one thing I <em>haven\u2019t<\/em> had much of in the last year or so but that I have been planning on adding as a (probably weekly) part of my diet. It\u2019s delicious and of course high protein. Though it\u2019d be great if I had a bunch of diverse, delicious, healthy, protein-packed recipes\/meals at my disposal, I\u2019m happy with the fact that I can eat the same thing every day and not really get sick of it.<\/p>\n\n<h3 id=\"challenges\">Challenges<\/h3>\n\n<p>So what challenges have I faced? Despite the fact that I\u2019ve had a second baby in this time, I\u2019ve been fortunate to have the time (and energy\/motivation) to continue going to the gym at night. I\u2019ve seen decent results, even if not the most accelerated gains and this has helped continue to motivate me with respect to <em>consistently<\/em> going. The biggest set backs have been illness (which I will admit isn\u2019t overly frequent, but <em>is<\/em> unavoidable thanks to having one kid in daycare) and diet flubs (i.e. sweets, alcohol, etc\u2026). Look, I don\u2019t police myself too hard on diet and I allow myself to have the things that I like, but I <em>do<\/em> feel guilty when I have a beer these days. It\u2019s just not something I really crave any more and I set myself back unnecessarily by having the lapse in discipline. When I go out with friends or to a restaurant with my wife, I like to have a drink, but do I really need one when just at the house? I need to master saying \u201cno\u201d to myself. My forthcoming challenge? Holiday season. This means delicious treats, cold weather keeping me inside and my favorite kinds of beers (i.e. heavier, sweeter stouts and the like). This combination of \u201cunhealthier\u201d foods coupled with not wanting to go outside to get my normal daily cardio might be a source of setback so I need to be vigilant!<\/p>\n\n<h3 id=\"measuring-progress\">Measuring Progress<\/h3>\n\n<p>So how can I measure progress? I can\u2019t say I\u2019ve done a great job tracking this and I really wish I had done some more measurements or even a picture of myself when I first started the \u201cjourney\u201d. I do have some rough numbers to go by in terms of measuring my progress though and more qualitatively I can see physical\/visual changes in my appearance. Let\u2019s look at a few numbers I\u2019ve captured<\/p>\n\n<p>I mentioned that when I first started going to the gym in October-ish of 2022 I was 202 pounds and over 20% body fat. I measured myself again 2 months later in December and clocked in at 203 pounds but only 16% body fat. A pretty big drop! A steadfast commitment to my diet and playing a lot of basketball at the time probably had a lot to do with it. I measured myself again in September of this year (2023) and came in at 200 pounds (so pretty much the same weight) but now 12% body fat. <em>Amazing!<\/em> I don\u2019t really have a body fat % <a href=\"#my-goals\">goal<\/a> but I\u2019m happy to see that I\u2019m maintaining weight while dropping fat. This means I\u2019m replacing the fat with muscle.<\/p>\n\n<p>The only other measurement I really have to help determine progress is to look at how much weight I\u2019m lifting for different exercises. I\u2019m not going to list every exercise I do, the weight I was lifting when I started and the weight I lift now, but I will provide some examples. Chest is a big focus of mine. I\u2019ve (clearly) never really had much in the way of chest muscles and it showed. I had some trouble even with the bar (45 lbs) when I first started, though I remember putting 20-50 extra lbs on there for <em>some<\/em> reps when I was in my early training sessions. Now, I\u2019ve hist 155-ish on bench press and 140 for dumbbells. Not bad! For arms, I was probably doing 25\u2019s for my curls and do 40\u2019s now. Similarly, I was probably doing 25\u2019s for dumbbell military presses (shoulders) and do 55\u2019s now. For leg day (which I actually enjoy) I went from squatting 115 maybe to doing well over two plates (so 225+ lbs). Anyways, I don\u2019t know if this comes off as braggy or anything, hopefully it does not. As I\u2019ve said before, I\u2019ve <em>never<\/em> lifted weights. 34 years of my life came and went and I had never actually went to the gym and lifted. What this says to me and I hope says to others is that with a little commitment and discipline you can see some decent progression in a relative short amount of time.<\/p>\n\n<p>Ok awesome! Things have been going pretty good I think, but what are <a href=\"#my-goals\">my goals<\/a>? Where do I want to be?<\/p>\n\n<h1 id=\"my-goals\">My goals<\/h1>\n\n<p>It\u2019s hard to describe in any sort of exact way what my \u201cgoals\u201d are. I have an idea of how I want to look but I don\u2019t have any overtly specific strength goals or body fat % goals. I have two young kids so keeping up with them both from a stamina and picking-them-up-and-playing-with-them perspective is key. Aesthetically, losing the gut and boosting upper body muscle (chest + arms) is a goal. I\u2019d like to stay in the 200-210 pound range while maintaining some amount of lean-ness. For my height (6\u20192\u201d) this requires putting on a fair bit of muscle I think. I\u2019m not looking to be \u201cshredded\u201d or anything, I just want to maintain an athletic build that is in fact athletic (i.e. I can run, play sports, keep up with my kids, etc\u2026)<\/p>\n\n<p>More tactically, my goal isn\u2019t to just reach a certain physique, but to reach it and then maintain it. This means building better habits around exercise and diet. To do so, I need to have consistency and efficiency in how I go about it. In the last year, I\u2019ve spent MORE time trying to right the (health) ship then I would like to once I hit maintenance mode. Not that I don\u2019t enjoy working out, but I have other responsibilities and time is one currency that is hard to claw back. I want eating right to be second nature and I want to have an exercise program that allows me to maintain a certain strength\/physique without me having to spend more hours than I need to at the gym.<\/p>\n\n<h1 id=\"conclusion\">Conclusion<\/h1>\n\n<p>I don\u2019t have any grand summary. I think I\u2019ve said it all in the ramblings above. I\u2019m glad I recognized the unhealthy path I was on at an \u201cearly\u201d stage and sought to correct it. I\u2019m fortunate to have the time, resources and support from my family to allow me to work towards it. For any one else out there like me who sees themselves in progressively worse shape and wants to turn it around but knows nearly <em>nothing<\/em> about doing it, maybe my story can be helpful. Sit down, make a plan for exercise and diet and then execute on it. It\u2019s not <em>easy<\/em>, but I promise it can be fun <em>and<\/em> rewarding in relative short order. Thanks for reading!<\/p>\n\n<hr \/>\n\n<h1 id=\"training-splits\">Training Splits<\/h1>\n<p>Here is an update to the <a href=\"https:\/\/shellsharks.com\/notes\/2023\/08\/08\/current-training-splits\">training splits routine I posted on 8\/8\/2023<\/a>.<\/p>\n\n<h5 id=\"day-1-legs\">Day 1: Legs<\/h5>\n<ul>\n  <li>BB Back Squat<\/li>\n  <li>BB Split Squat<\/li>\n  <li>BB Romanian Dead Lift<\/li>\n  <li>Leg Extension<\/li>\n  <li>Hamstring\/Leg Curl<\/li>\n  <li>Standing Machine Calf Raise<\/li>\n  <li>Leg Press Machine<sup>*<\/sup><\/li>\n<\/ul>\n\n<h5 id=\"day-2-chest\">Day 2: Chest<\/h5>\n<ul>\n  <li>Incline 30\u00b0 DB Bench Press<\/li>\n  <li>Incline 45\u00b0 DB Bench Press<\/li>\n  <li>DB Hex Press<\/li>\n  <li>BB Bench Press<sup>*<\/sup><\/li>\n  <li>High Cable Fly<\/li>\n  <li>Low Cable Fly<\/li>\n  <li>Incline BB Bench Press<\/li>\n  <li>Machine Press<\/li>\n  <li>Chest Fly Machine<sup>*<\/sup><\/li>\n  <li>Dips<\/li>\n<\/ul>\n\n<h5 id=\"day-3-arms--shoulders\">Day 3: Arms &amp; Shoulders<\/h5>\n<ul>\n  <li>DB Alternating Hammer Curl w\/ Static Hold<\/li>\n  <li>Sitting DB Military Press<\/li>\n  <li>DB Cross-Body Curl<\/li>\n  <li>DB Alternating Lateral Raise + Front Raise<\/li>\n  <li>DB Rear Delt Fly<\/li>\n  <li>Cable Straight Bar Tricep Extension<\/li>\n  <li>Cable Laterial Raise<\/li>\n  <li>Spider Curl<\/li>\n  <li>DB\/BB Wrist Flexion<sup>*<\/sup><\/li>\n<\/ul>\n\n<h5 id=\"day-4-back\">Day 4: Back<\/h5>\n<ul>\n  <li>Lat Pulldown<\/li>\n  <li>Machine Row<\/li>\n  <li>Wide-Grip Pull-Up (Assisted)<\/li>\n  <li>T-Bar Row+ (<em>There are some other machines but I don\u2019t know their names<\/em>)<\/li>\n  <li>DB Row<\/li>\n<\/ul>\n\n<h5 id=\"abscore\">Abs\/Core<\/h5>\n<p>I sprinkle in Ab workouts throughout the week.<\/p>\n\n<ul>\n  <li>Sit-Up \/ Crunch<\/li>\n  <li>Reverse Sit-Up<\/li>\n  <li>Russian Twist<\/li>\n  <li>Bicycle Crunch<\/li>\n  <li>Plank<\/li>\n<\/ul>\n\n<h5 id=\"cardio\">Cardio<\/h5>\n<p>Lots of basketball.<\/p>\n\n<p>* These exercise I do <em>sometimes<\/em> depending on time and vibe.<\/p>\n","pubDate":"Sat, 11 Nov 2023 06:26:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/11\/fitness-quest","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/11\/fitness-quest","category":["nablopomo","life","fitness"]},{"title":"The best of NoVA","description":"<p>I\u2019ve lived in Northern Virginia (<strong>NoVA<\/strong>) for nearly 25 years. It\u2019s a great place to live <em>if you can afford it<\/em>. Proximity to the beach, mountains and other states (WV, MD, DE, DC, NC, PA, NY, NJ), reliable job market and more! I wanted to capture a list of places\/things I enjoy most around here so I can share it with others and reference it for myself in the future!<\/p>\n\n<ul>\n  <li>\n    <p>Hiking <strong><a href=\"https:\/\/www.alltrails.com\/trail\/us\/virginia\/old-rag-mountain-loop-trail\">Old Rag<\/a><\/strong> - This is by far the best hike in the area. But there are lots of other <a href=\"https:\/\/www.alltrails.com\/parks\/us\/virginia\/shenandoah-national-park\">great hikes in Shenandoah<\/a> too!<\/p>\n  <\/li>\n  <li>\n    <p><strong>Appalachian Moutains<\/strong> \/ <strong>Shenandoah National Park<\/strong> - Lots to see and do and in my opinion, one of the most beautiful places in the US.<\/p>\n  <\/li>\n  <li>\n    <p><strong><a href=\"https:\/\/www.dcr.virginia.gov\/state-parks\/sky-meadows\">Sky Meadows State Park<\/a><\/strong> - Great hikes and an easy drive from most of NoVA.<\/p>\n  <\/li>\n  <li>The <strong>NoVA wine\/beer region<\/strong> is incredible. Here are some of my favorite spots\u2026\n    <ul>\n      <li><strong><a href=\"https:\/\/www.hillsboroughwine.com\/home\">Hillsborough Winery\/Brewery<\/a><\/strong> - Great views, extremely fresh and tasty beer.<\/li>\n      <li><strong><a href=\"https:\/\/www.oldbusthead.com\">Old Bust Head Brewing Co.<\/a><\/strong> - Home of some great beers including the <em>best<\/em> <a href=\"https:\/\/www.oldbusthead.com\/buckland-mill-milk-stout\">milk stout<\/a> in the world.<\/li>\n      <li><strong><a href=\"https:\/\/www.wheatlandspring.com\">Wheatland Spring Farm + Brewery<\/a><\/strong> - Small-batch beers that are delicious.<\/li>\n      <li><strong><a href=\"https:\/\/www.bluemontvineyard.com\">Bluemont Vineyard<\/a><\/strong> - Best views in the region. Good wine too.\n<br \/><br \/><\/li>\n    <\/ul>\n  <\/li>\n  <li>I don\u2019t have a lot of <em>go-to<\/em> restaurants but a few places I do adore are\u2026\n    <ul>\n      <li><strong><a href=\"https:\/\/www.rusticorestaurant.com\/ballston\">Rustico<\/a><\/strong> - Huge selection of hard-to-find craft beers. Good food too.<\/li>\n      <li><strong><a href=\"https:\/\/www.deliriumcafe.us\">Cafe Delirium<\/a><\/strong> - I <em>love<\/em> belgian beer. This place\u2019s got it.<\/li>\n      <li><strong><a href=\"https:\/\/www.tuskies.com\">The Barn Yard \u201cAu Jus\u201d sandwich at Tuscarora Mill<\/a><\/strong> - The best sandwich that I\u2019ve ever eaten.<\/li>\n      <li><strong><a href=\"https:\/\/downtownleesburgva.org\">Downtown Leesburg<\/a><\/strong> - A lot of great restaurants to be found.<\/li>\n    <\/ul>\n  <\/li>\n<\/ul>\n","pubDate":"Fri, 10 Nov 2023 05:27:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/10\/the-best-of-nova","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/10\/the-best-of-nova","category":["nablopomo","life","travel","food","hiking"]},{"title":"Where I find the time","description":"<p>I\u2019m <em>pretty busy<\/em>. I\u2019m a father, a husband and have a full-time job (in Cybersecurity fwiw). I have this blog that I frequently update, a podcast (that desperately needs my attention) and a ton of in-progress or neglected side projects. On top of all that, I spend a lot of time learning on the side, go the gym pretty much every day and like to travel. So where do I find the time?<\/p>\n\n<p>There are lots of ways to <em>make time<\/em> in the day, here are some strategies I employ (in no particular order)\u2026<\/p>\n\n<ul>\n  <li>\n    <p><strong>Sleep less<\/strong>: Some might argue this isn\u2019t the <em>healthiest<\/em> strategy and they\u2019re probably right. I am however one of those people who can get by on less sleep than maybe an average person (<em>5-6 hours usually<\/em>). Maybe it\u2019s not something you make a habit of, or maybe you learn you can live on less sleep than you are used to getting. Either way, this is a simple technique for making extra time.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Give things up<\/strong>: We all have time-wasting activities, some that are likely pretty chronic. Gaming, watching TV, scrolling social media, whatever it is - try to cut these things out completely to shore up time.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Cut back<\/strong>: If giving things up <em>completely<\/em> isn\u2019t an option, try instead to just cut back on something. Used to gaming an hour a day? Maybe try an hour every <em>other<\/em> day.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Mobility<\/strong>: Having a mobile workstation, i.e. laptop, tablet, etc\u2026, can give you the ability to do work anywhere in the house or on the go, including in the small windows of time you might otherwise not have been doing anything. As an example, when my son is busy with solo play or TV, I could use that as an opportunity to do a few quick tasks on my iPad!<\/p>\n  <\/li>\n  <li>\n    <p><strong>Multi-task<\/strong>: Doing more than one thing at a time can help you claw some time back. Can you take a meeting while you eat\/make lunch? Life is full of waiting for things, is it possible to get some work done in one of the many waiting times you have in a day?<\/p>\n  <\/li>\n  <li>\n    <p><strong>Side-project selectivity<\/strong>: I\u2019m a person who always keeps busy, always has ideas and always comes up with little side-projects. Over the years, this has led to a lot of half-finished\/abandoned projects which amounted to little more than time wasted. I\u2019ve had the luxury of being able to afford wasting time throwing things at the wall and seeing what stuck, but these days, with time at more of a premium, I need to be more selective with what I choose to embark upon. So scrap the projects you know are going nowhere, focus on the ones with real finishing power and only pick up new ones that are truly important to you or that you know you can finish.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Prioritize<\/strong>: Leverage some classic prioritization tools like to-do lists and calendar apps. Put all the meaningful things you need to do in your to-do app. Separate them into categories for home, work, side-project, etc\u2026 Give yourself due dates and look at \/ prioritize your list <strong>daily<\/strong> (this is among the first things I do each morning). Use a calendar app too to keep track of events you have for the day\/week\/month. Plan around your events and cancel things you don\u2019t need.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Goals<\/strong>: Goals are very important in terms of how you spend your time. If you\u2019re doing something that doesn\u2019t progress you to achieving one or more of your goals, than you could probably cut it. Goals could be family, fitness, career, or other-related.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Be Efficient<\/strong>: In doing anything, try to be <em>more<\/em> efficient at it. If doing task A would normally take you 30 minutes, find a way to do it in 20. Be better prepared, automate, know when things are \u201cgood enough\u201d and find other process improvements.<\/p>\n  <\/li>\n<\/ul>\n\n<p>Having a constant motor, i.e. maximizing your time by constantly achieving things that progress to one of your goals takes discipline, but it also takes understanding what your goals are and what subtasks comprise those goals. There will be times throughout the day where you only have 1 minute, 5 minutes, 30 minutes or whatever to do something and you need to know how to fill that time with something productive. If I have a very short window, maybe I use that to do a quick workout (e.g. pushups, ab exercises, dumbbell curls) or I triage email or I write out a few quick thoughts for a blog post I\u2019m working on. Keeping <strong>momentum<\/strong> is key here. Keeping the <strong>goal<\/strong> in mind is also crucial. It\u2019s easy to slack off, get side-tracked or feel lazy and no matter how good you are, you <em>will<\/em> likely fall prey to this to some extent. But get yourself back on track by visualizing your goal and then get started again on the tasks that help you achieve it!<\/p>\n\n<p>In the end, you can\u2019t do it all, so do what\u2019s <em>important<\/em>. Remember to set aside time for yourself, <em>though ideally that time would be goal-driven<\/em>. Know your limitations and don\u2019t burn yourself out!<\/p>\n","pubDate":"Thu, 09 Nov 2023 07:26:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/09\/where-i-find-the-time","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/09\/where-i-find-the-time","category":["nablopomo","life"]},{"title":"Tech EDC","description":"<p>Here is my <strong>\u201ctech\u201d EDC<\/strong> (<em>Every-Day-Carry<\/em>) <strong>*<\/strong><\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2023\/TechEDC.jpeg\" alt=\"TechEDC\" \/><\/p>\n\n<h1 id=\"tech-edc-inventory\">Tech EDC Inventory<\/h1>\n\n<ul>\n  <li>Osprey Comet Laptop Backpack (<em>Komodo Green<\/em> | <em>26.5L<\/em>)<\/li>\n  <li>iPad Pro (<em>2021, M1, 11-inch, Space Gray, 512GB, Wi-Fi<\/em>)<\/li>\n  <li>iPhone 15 Pro Max (<em>White, 512GB<\/em>)<\/li>\n  <li>Airpods Max (<em>Sky Blue<\/em>)<\/li>\n  <li>Airpods Pro (<em>2nd generation<\/em>)<\/li>\n  <li>Apple Watch charging cable<\/li>\n  <li>USB-A to Lightning cable (<em>1m<\/em>), w\/ wall adapter<\/li>\n  <li>Burts Bees chapstick<\/li>\n  <li>Bottle opener from the Azores<\/li>\n  <li>USB-C to USB-C cable (<em>2m<\/em>)<\/li>\n  <li>Lightning to 3.5mm headphone adapter<\/li>\n  <li>USB-C to 3.5mm headphone adapter<\/li>\n  <li>3.5mm Apple wired headphones<\/li>\n  <li>USB-C Apple Earpods<\/li>\n  <li>Black mask<\/li>\n  <li>Ethernet cable<\/li>\n<\/ul>\n\n<p><strong>*<\/strong> <em>Technically<\/em> I don\u2019t have much of an \u201cEDC\u201d since I work from home and when I do leave my house, it\u2019s <em>typically<\/em> not to a place where I plan on doing any work so I likely don\u2019t even have my backpack with me. But if\/when I do go somewhere where I want to do a little work, this is what I\u2019ll have with me.<\/p>\n","pubDate":"Wed, 08 Nov 2023 07:27:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/08\/tech-edc","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/08\/tech-edc","category":["nablopomo","life","technology"]},{"title":"Where I've traveled (US\/EU)","description":"<p>I like to consider myself a <a href=\"https:\/\/shellsharks.com\/about?about=travel\">fairly well-traveled<\/a> person and someone who just generally loves travel. Last I counted I had been to 25 countries and 28 US states. One fun way to visualize where I\u2019ve been has been these colorful where-i\u2019ve-traveled maps from <a href=\"https:\/\/googlemapsmania.blogspot.com\/2022\/10\/us-level-0.html\">Google Maps Mania<\/a> which have been making the rounds on social media lately. I decided to figure out my own US Level and Europe Level scores and share them with you here!<\/p>\n\n<h6 id=\"us-level\">US Level<\/h6>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2023\/USLevel.png\" alt=\"US Level\" \/><\/p>\n\n<p><br \/><\/p>\n\n<h6 id=\"eu-level\">EU Level<\/h6>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/notes\/2023\/EuropeLevel.png\" alt=\"EU Level\" \/><\/p>\n\n<p>These definitely make me want to get out there and travel more! Figure out your score and let me know about it on <a href=\"https:\/\/infosec.exchange\/@shellsharks\/111369273328967499\">Mastodon<\/a> or <a href=\"https:\/\/www.threads.net\/@mk3s\/post\/CzWGY8cOflh\">Threads<\/a>!<\/p>\n\n<hr \/>\n\n<h2 id=\"ten-travel-favorites\">Ten Travel Favorites<\/h2>\n<p>As a bonus, here\u2019s ten of my favorite things I\u2019ve done throughout my travels (in no particular order).<\/p>\n\n<ul>\n  <li>Going on safari in Kruger national park (<em>South Africa<\/em>)<\/li>\n  <li>Everything in Bruge - the eating, the drinking, the picturesque town (<em>Belgium<\/em>)<\/li>\n  <li>Driving through the mountains in Triglav national park (<em>Slovenia<\/em>)<\/li>\n  <li>Mountain climbing in the Faroe Islands (<em><a href=\"https:\/\/www.alltrails.com\/trail\/faroe-islands\/eysturoy\/villingardalsfjall\">Villingardalsfjall<\/a><\/em>)<\/li>\n  <li>Taking a history tour in Mostar (<em>Bosnia and Herzegovina<\/em>)<\/li>\n  <li>Walking the ramparts in the old city of Dubrovnik (<em>Croatia<\/em>)<\/li>\n  <li>Going to the beach and swimming in the Algarve (<em>Portugal<\/em>)<\/li>\n  <li>Enjoying the winter and winter markets of Budapest (<em>Hungary<\/em>)<\/li>\n  <li>Sightseeing the city of Prague (<em>Czech Republic<\/em>)<\/li>\n  <li>Drinking fresh draft Pilsner Urquell in Czech Republic<\/li>\n<\/ul>\n","pubDate":"Tue, 07 Nov 2023 06:46:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/07\/where-ive-traveled-us-eu","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/07\/where-ive-traveled-us-eu","category":["nablopomo","life","travel"]},{"title":"NaBloPoMo","description":"<p>November is here, and for bloggers that means <strong><a href=\"https:\/\/emkennedy.net\/blog\/2006\/10\/nablopomo.html\">National Blog Posting Month<\/a><\/strong> (or <em>#NaBloPoMo<\/em>) is upon us! To be honest, this is not something I had heard of before but thanks to <a href=\"https:\/\/social.design.systems\/@Amy_Hupe\/111334801635052328\">this post from Amy Hupe<\/a>, I am now aware. The NaBloPoMo challenge? Post each day of the month of November, so 30 posts in total.<\/p>\n\n<p>I\u2019ve spent some time <em>today<\/em> compiling a little over 30 ideas for things I can write about so I\u2019m off to a decent start. I have a wide range of topics (and micro-topics) planned, everything from Apple to gaming to techie stuff im up to and even some other general stuff goin\u2019 on in my life. Most of these daily writings will be published out through my <a href=\"https:\/\/shellsharks.com\/notebook\">notes<\/a> feed but some may also be published as full-fledged blog posts. Day one will simply be this starter post, but I\u2019ll spend some time today getting ahead of future days as well. Given the pace in which these need to be turned around, I suspect they will be rather short-form and a little rougher around the edges in general, but the idea here is as Amy put it, to break away from blogging perfectionism and just get your thoughts, ideas and work out into the world, so that is what I\u2019ll be doing.<\/p>\n\n<p><em>Off to it!<\/em><\/p>\n\n<h1 id=\"nablopomo-2023-archive\">NaBloPoMo 2023 Archive<\/h1>\n<p>The full list of writings from the 2023 <em>#NaBloPoMo<\/em> festivities here at shellsharks.<\/p>\n\n<ul>\n  <li><em>11\/1<\/em> - <a href=\"#\">NaBloPoMo<\/a><\/li>\n  <li><em>11\/2<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/02\/thoughts-on-apples-scary-fast-event\">Thoughts on Apple\u2019s \u201cScary Fast\u201d event<\/a><\/li>\n  <li><em>11\/3<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/03\/super-mario-wonder\">Super Mario Wonder<\/a><\/li>\n  <li><em>11\/4<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/04\/my-computer-inventory\">My computer inventory<\/a><\/li>\n  <li><em>11\/5<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/05\/security-is-magic\">Security is magic<\/a><\/li>\n  <li><em>11\/6<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/06\/keeping-current-in-infosec\">Keeping current in infosec<\/a><\/li>\n  <li><em>11\/7<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/07\/where-ive-traveled-us-eu\">Where I\u2019ve traveled (US\/EU)<\/a><\/li>\n  <li><em>11\/8<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/08\/tech-edc\">Tech EDC<\/a><\/li>\n  <li><em>11\/9<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/09\/where-i-find-the-time\">Where I find the time<\/a><\/li>\n  <li><em>11\/10<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/10\/the-best-of-nova\">The best of NoVA<\/a><\/li>\n  <li><em>11\/11<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/11\/fitness-quest\">Fitness quest<\/a><\/li>\n  <li><em>11\/12<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/12\/what-can-i-tell-you-about-bluesky\">What can I tell you about Bluesky?<\/a><\/li>\n  <li><em>11\/13<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/13\/decorporatization\">Decorporatization<\/a><\/li>\n  <li><em>11\/14<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/14\/stop-worrying-about-certification-paths\">Stop worrying about certification paths<\/a><\/li>\n  <li><em>11\/15<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/15\/nablopomo-half-way\">NaBloPoMo half-way<\/a><\/li>\n  <li><em>11\/16<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/16\/hark-threaders-the-fediverse-is-good-for-you\">Hark Threaders! The Fediverse is good for you<\/a><\/li>\n  <li><em>11\/17<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/17\/quantity-over-quality-quandary\">Quantity over quality quandary<\/a><\/li>\n  <li><em>11\/18<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/18\/mastodon-will-never-die\">Mastodon will never die<\/a><\/li>\n  <li><em>11\/19<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/19\/fixing-a-stale-rss-feed\">Fixing a stale RSS feed | Devlog Series 1<\/a><\/li>\n  <li><em>11\/20<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/20\/shellsharks-syndication-strategy\">Shellsharks Syndication Strategy<\/a><\/li>\n  <li><em>11\/21<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/21\/how-has-my-site-changed-my-life\">How has my site changed my life<\/a><\/li>\n  <li><em>11\/22<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/22\/retro-gaming-with-delta\">Retro gaming with Delta<\/a><\/li>\n  <li><em>11\/23<\/em> - <em>Thanksgiving break!<\/em><\/li>\n  <li><em>11\/24<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/24\/how-to-spend-my-time-off\">How to spend my time off<\/a><\/li>\n  <li><em>11\/25<\/em> - <em>Thanksgiving break!<\/em><\/li>\n  <li><em>11\/26<\/em> - <em>Thanksgiving break!<\/em><\/li>\n  <li><em>11\/27<\/em> - <em>Thanksgiving break!<\/em><\/li>\n  <li><em>11\/28<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/28\/reply-guy-community-poll\">Reply guy community poll<\/a><\/li>\n  <li><em>11\/29<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/29\/shellsharks-operating-costs\">Shellsharks.com operating costs<\/a><\/li>\n  <li><em>11\/30<\/em> - <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/30\/nablopomo-2023-wrap-up\">NaBloPoMo 2023 wrap-up<\/a><\/li>\n<\/ul>\n\n<p>Running Word Count for <em>#NaBloPoMo2023<\/em> posts: ~<strong>16526<\/strong><\/p>\n","pubDate":"Wed, 01 Nov 2023 15:05:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2023\/11\/01\/nablopomo-2023","guid":"https:\/\/shellsharks.com\/notes\/2023\/11\/01\/nablopomo-2023","category":["blogging","nablopomo","life"]},{"title":"Where we live on","description":"<p>I recently shared a <a href=\"https:\/\/shellsharks.com\/notes\/2023\/08\/16\/your-website-your-identity\">note<\/a> about why having a domain as your identity is so important these days thanks in large part to the enshittification of the large social platforms. But I extend this warning to those who have placed their trust in <em>any<\/em> platform, even something like Mastodon. See what has happend with <a href=\"http:\/\/outdoors.lgbt\">outdoors.lgbt<\/a> (i.e. catastrophic backup failure), <a href=\"https:\/\/honeytree.social\/@jeff\/110955710330098067\">newsie.social<\/a> (i.e. server upkeep costs), or what is <em>currently<\/em> happening with <a href=\"https:\/\/m6n.io\/@fuzzychef\/110936040096524936\">fosstodon<\/a> and you will see that even good intentioned server admins are still prone to failure. These failures can result in total loss of your online identity\/account. So put your faith in yourself. Buy a domain, host your stuff there, syndicate it out where you please, <strong>live on<\/strong>.<\/p>\n\n<hr style=\"width:50%\" \/>\n\n<p><a href=\"https:\/\/infosec.exchange\/@shellsharks\/110945885233382137\">I\u2019ll add to this<\/a>. Even here @ <a href=\"https:\/\/infosec.exchange\/\">infosec.exchange<\/a> this rings true. You can\u2019t ask for a better server admin than <a href=\"https:\/\/infosec.exchange\/@jerry\">@jerry<\/a> . Even-handed, extremely technically-proficient, community-oriented, you name it. But a day will inevitably come when Jerry has to hang it up one way or another, whether that be to pass admin-ship onto new worthy ownership or w\/e. With any luck, that new era of infosec.exchange will inherit the same awesome stability we will have enjoyed up to that point, but if not, better to have your own stable point on the web (i.e. your domain) that you can always fall back and point people to. Happy webbin\u2019!<\/p>\n","pubDate":"Thu, 24 Aug 2023 13:46:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2023\/08\/24\/where-we-live-on","guid":"https:\/\/shellsharks.com\/notes\/2023\/08\/24\/where-we-live-on","category":["technology","life","rss","indieweb"]},{"title":"Your website, your identity","description":"<p>I previously wrote about <a href=\"https:\/\/shellsharks.com\/you-should-blog\">why you should start a blog<\/a>. That piece is filled with solid reasons I still stand by today. But since that time, I\u2019ve come to understand a more meaningful reason to have a website and as part of that site, some form of syndicated content (i.e. a blog). For most, \u201cidentity\u201d on the web is tied to one, or fractured across a few, social media platform(s). Recent history has revealed the pitfalls of this approach. Enshittification, terrible management, or even platform collapse can result in catastrophic loss of your connections, communities, business income and more. So many refuse to leave Twitter (<em>er\u2026<\/em> \u201cX\u201d) because their too invested, to leave would be to sacrifice one or more of these things. Why do we continue to feed these platforms that always fail, that always betray us, that violate our privacy, that never represent who we truly are? Having a website, a place that is yours, that you can design to your specification, share anything you want, how you want and make <em>easily<\/em> available to all is such an obvious solution and it really isn\u2019t that much harder than creating a (pick your social media platform of choice) account. There are a TON of services these days that make it dead simple to get up and running with a customizable site and start publishing. The beauty of this (blogging), is that you can syndicate however you\u2019d like from there. So go ahead, share on Mastodon, or Threads, or wherever, but remember to link back to the true canonical representation on your site.<\/p>\n","pubDate":"Wed, 16 Aug 2023 00:26:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2023\/08\/16\/your-website-your-identity","guid":"https:\/\/shellsharks.com\/notes\/2023\/08\/16\/your-website-your-identity","category":["technology","life","blogging","indieweb"]},{"title":"Current Training Splits","description":"<p>My <em>current<\/em> training splits \/ workout. It varies somewhat week to week but this is the core of what I\u2019ve been doing for a few months now. I do all of these at ~4 sets, 6-12 reps.<\/p>\n\n<h5 id=\"day-1-legs\">Day 1: Legs<\/h5>\n<ul>\n  <li>BB Back Squat<\/li>\n  <li>BB Split Squat<\/li>\n  <li>BB Romanian Dead Lift<\/li>\n  <li>Leg Extension<\/li>\n  <li>Hamstring\/Leg Curl<\/li>\n  <li>Standing Machine Calf Raise<\/li>\n<\/ul>\n\n<h5 id=\"day-2-chest\">Day 2: Chest<\/h5>\n<ul>\n  <li>Incline DB Bench Press<\/li>\n  <li>DB Hex Press<\/li>\n  <li>BB Bench Press<\/li>\n  <li>High Cable Fly<\/li>\n  <li>Low Cable Fly<\/li>\n  <li>Machine Press<\/li>\n<\/ul>\n\n<h5 id=\"day-3-arms--shoulders\">Day 3: Arms &amp; Shoulders<\/h5>\n<ul>\n  <li>DB Alternating Hammer Curl w\/ Static Hold<\/li>\n  <li>Sitting DB Military Press<\/li>\n  <li>DB Cross-Body Curl<\/li>\n  <li>DB Lateral Raise<\/li>\n  <li>Cable Straight Bar Tricep Extension<\/li>\n<\/ul>\n\n<h5 id=\"day-4-back\">Day 4: Back<\/h5>\n<ul>\n  <li>Lat Pulldown<\/li>\n  <li>Machine Row<\/li>\n  <li>Wide-Grip Pull-Up<\/li>\n  <li>DB Row<\/li>\n<\/ul>\n\n<h5 id=\"abscore\">Abs\/Core<\/h5>\n<p>I sprinkle in Ab workouts throughout the week.<\/p>\n\n<ul>\n  <li>Sit-Up \/ Crunch<\/li>\n  <li>Reverse Sit-Up<\/li>\n  <li>Russian Twist<\/li>\n  <li>Bicycle Crunch<\/li>\n  <li>Plank<\/li>\n<\/ul>\n\n<h5 id=\"cardio\">Cardio<\/h5>\n<p>Lots of basketball.<\/p>\n","pubDate":"Tue, 08 Aug 2023 13:09:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2023\/08\/08\/current-training-splits","guid":"https:\/\/shellsharks.com\/notes\/2023\/08\/08\/current-training-splits","category":["life","fitness"]},{"title":"Split social personalities","description":"<p>I\u2019ve always tried to maintain two(ish) personas online, personal and professional (infosec). Over time these lines definitely have blurred but I still tend to have two separately maintained identities, e.g. LinkedIn vs Facebook (which I haven\u2019t really used in years), two Twitter accounts, two Mastodon accounts, etc\u2026 For my \u201cpersonal\u201d social media usage, honestly I could go anywhere - Mastodon, Threads, BlueSky, w\/e.<\/p>\n\n<p>For #infosec, I want to be where other infosec people are, and I need the ability to have a curated (just who I follow) feed, which is what Mastodon gives me. I came over to infosec.exchange\/Mastodon in earnest in late 2022 during one of the larger Twitter exoduses as did many other infosec folks. I really hope people keep at least their infosec selves here and continue to engage\/contribute but with all these new entrants (BlueSky, Threads, Spill, w\/e) and other drama with fedipact fracturing, I\u2019m a little worried the infosec-specific timeline and engagement could dry up.<\/p>\n\n<p>FWIW, I am committed to #Mastodon and the larger #Fediverse as my professional\/tech-chat home for the long term and hope to see (at least) this specific community continue to grow!<\/p>\n\n<hr \/>\n\n<p>A little more on this\u2026<\/p>\n\n<p>I\u2019ve always felt the need to maintain two identities not because I was worried about those in my professional sphere being exposed to my personal sphere\/chatter (or vice versa) but because I always appreciated those that I followed that kept their personal chatter to a minimum. Now I understand maintaining two identities like this is tough and certainly don\u2019t fault anyone for posting non-work things on their social accounts (i.e. maintaining a single all-encompassing identity), but I wanted to at least try to be that for others.<\/p>\n\n<p>Even if #Mastodon fades into relative obscurity and ceases to be a place where I can get breaking infosec news and conversations about infosec going, I feel good in my backup strategy of leveraging my comprehensive infosec #RSS <a href=\"https:\/\/shellsharks.com\/infosec-blogs\">library<\/a> for read-only news and the #threadiverse \/similar platforms for conversation.<\/p>\n\n<hr \/>\n\n<p>@keefer Honestly, even for me I can tolerate a good ratio of personal : professional stuff coming from most people\u2019s feeds. But there are those who post like 10x+\/day every day and &lt;1% is anything infosec\/tech-adjacent. These accounts are typically \u201cinfluencer\u201d types who have managed to cobble together a large following which seems to go their head a bit =P. I\u2019m probably on the more extreme end of follow-pruning and I don\u2019t mind the personal stuff - easy enough to scroll by.<\/p>\n\n<p>Despite Twitter\u2019s many faults over the years, I <em>did<\/em> get some professional\/infosec use out of it thanks to some high-fidelity feeds from cyber personalities and researchers. I aimed to be that while I was there, but never really found a niche posting anything out onto Twitter, so mostly I just lurked. I\u2019ve found on Mastodon that I have felt far more comfortable posting, engaging and things just seem very authentic. Because of this, the lines between the pure-infosec-professional persona and the \u201ceverything else\u201d persona have blurred quite a bit. I\u2019ll probably continue to keep things separate to some degree but would actually encourage you and most people to just feel comfortable sharing non-infosec or non-professional stuff on the same account as everything else. Unless you\u2019re one of those super high volume posters I don\u2019t think you\u2019ll run the risk of annoying anyone or losing followers or w\/e. If anything, you\u2019re more likely to build better, stronger connections - like, \u201chey! that person who also works in infosec loves hiking and thinks alligators are cool! same as me!\u201d<\/p>\n","pubDate":"Thu, 06 Jul 2023 13:42:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2023\/07\/06\/split-social-personalities","guid":"https:\/\/shellsharks.com\/notes\/2023\/07\/06\/split-social-personalities","category":["life","socialweb"]},{"title":"Beginning of the end for Reddit","description":"<p>Jeez. The speed at which I\u2019ve gone from \u201cman it sucks that Apollo is shutting down but I still really enjoy Reddit and will suffer the first-party client\u201d to \u201cwow, Reddit is really trying to destroy their service and it\u2019s probably best I don\u2019t invest any more time there\u201d is insane\u2026 going to draft up some thoughts and a probable farewell message for my frequented subs and followers there. End of an era.<\/p>\n","pubDate":"Sun, 11 Jun 2023 13:32:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2023\/06\/11\/beginning-of-the-end-for-reddit","guid":"https:\/\/shellsharks.com\/notes\/2023\/06\/11\/beginning-of-the-end-for-reddit","category":["technology","life","nosearch"]},{"title":"Socialization summary","description":"<p>My socialization summary (based on a weeks usage from my iPhone\u2019s Screen Time app).<\/p>\n\n<ul>\n  <li>Mastodon \u2014&gt; Infosec, general news (50%)<\/li>\n  <li>Instagram \u2014&gt; Posting travel pics, following gym-fluencers (18%)<\/li>\n  <li>Reddit \u2014&gt; Infosec, Apple, personal finance, other hobbies (10%)<\/li>\n  <li>Slack \u2014&gt; Work, other professional communities (6%)<\/li>\n  <li>iMessage &amp; Google Voice \u2014&gt; Most 1-1 communication (4%)<\/li>\n  <li>Linkedin \u2014&gt; Lurk, Job searching (3%)<\/li>\n  <li>Bluesky \u2014&gt; TBD (3%)<\/li>\n  <li>Discord \u2014&gt; Infosec, gaming (2%)<\/li>\n  <li>Blind \u2014&gt; TC or GTFO\u2019ing (2%)<\/li>\n  <li>Twitter \u2014&gt; Still have my username but don\u2019t really use (1%)<\/li>\n  <li>Nostr \u2014&gt; Barely use (&lt;1%)<\/li>\n  <li>Signal \u2014&gt; Chat with specific people (&lt;1%)<\/li>\n  <li>Matrix \u2014&gt; Barely use (&lt;1%)<\/li>\n<\/ul>\n\n<p>My takeaways\u2026<\/p>\n\n<ul>\n  <li>I main Mastodon<\/li>\n  <li>I need to delete Instagram<\/li>\n  <li>Slack % doesn\u2019t include work so that is skewed\u2026<\/li>\n  <li>Discord is low. I need to game more<\/li>\n  <li>At over a day (24h) of collective screen time, in a week\u2019s span, I need to re-prioritize some things in my life haha.<\/li>\n<\/ul>\n","pubDate":"Mon, 22 May 2023 19:53:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2023\/05\/22\/socialization-summary","guid":"https:\/\/shellsharks.com\/notes\/2023\/05\/22\/socialization-summary","category":["technology","life"]},{"title":"Threat Profile: Santa Claus","description":"<p><strong>Santa Claus<\/strong> (and his associates, <em><a href=\"https:\/\/en.wikipedia.org\/wiki\/Christmas_elf\">the elves<\/a><\/em>) are a north-pole-based physical threat group. Specializations include advanced reconnaissance-at-scale, payload manufacturing \/ delivery and initial access operations (IAO). Legends indicate this group began a series of world-wide campaigns as early as <a href=\"https:\/\/www.history.com\/topics\/christmas\/santa-claus\">280 AD<\/a> and continue to this day.<\/p>\n\n<hr \/>\n\n<p><strong>ID<\/strong>: G1225<br \/>\n<strong>Associated Names<\/strong>: Sinterklaas, Der Weihnachtsmann, Kriss Kringle, P\u00e8re No\u00ebl, Noel Baba, Babbo Natale, Shaka Santa<br \/>\n<strong>Version<\/strong>: 1.0 <br \/>\n<strong>Created<\/strong>: 24 Dec 2022 <br \/>\n<strong>Last Modified<\/strong>: 24 Dec 2022<\/p>\n<hr \/>\n\n<h4 id=\"techniques-used\">Techniques Used<\/h4>\n\n<table>\n  <thead>\n    <tr>\n      <th>Tactic<\/th>\n      <th>ID<\/th>\n      <th>Name<\/th>\n      <th>Use<\/th>\n    <\/tr>\n  <\/thead>\n  <tbody>\n    <tr>\n      <td>Reconnaissance<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1595\/\">T1595<\/a><\/td>\n      <td>Active Scanning<\/td>\n      <td>He see\u2019s you when you\u2019re sleeping, he knows when you\u2019re awake\u2026<\/td>\n    <\/tr>\n    <tr>\n      <td>Reconnaissance<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1592\/\">T1592<\/a><\/td>\n      <td>Gather Victim Host Information<\/td>\n      <td>Determines household ingress points<\/td>\n    <\/tr>\n    <tr>\n      <td>Reconnaissance<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1589\/003\/\">T1589.003<\/a><\/td>\n      <td>Gather Victim Identity Information<\/td>\n      <td>He makes a list (and checks it twice)<\/td>\n    <\/tr>\n    <tr>\n      <td>Resource Development<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1587\/\">T1587<\/a><\/td>\n      <td>Develop Capabilities<\/td>\n      <td>Toy manufacturing<\/td>\n    <\/tr>\n    <tr>\n      <td>Initial Access<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1189\/\">T1189<\/a><\/td>\n      <td>Fly-by Compromise<\/td>\n      <td>Reindeer-based delivery system<\/td>\n    <\/tr>\n    <tr>\n      <td>Initial Access<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1190\/\">T1190<\/a><\/td>\n      <td>Exploit Public-Facing Chimney<\/td>\n      <td>Preferred inital access vector via chimney<\/td>\n    <\/tr>\n    <tr>\n      <td>Initial Access<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1195\/\">T1195<\/a><\/td>\n      <td>Supply Chain Compromise<\/td>\n      <td>Elves make the toys, but what do they embed?<\/td>\n    <\/tr>\n    <tr>\n      <td>Initial Access<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1199\/\">T1199<\/a><\/td>\n      <td>Trusted Relationship<\/td>\n      <td>He\u2019s pretty much invited in yeah?<\/td>\n    <\/tr>\n    <tr>\n      <td>Execution<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1610\/\">T1610<\/a><\/td>\n      <td>Deploy Container<\/td>\n      <td>Lots of wrapped containers are delivered<\/td>\n    <\/tr>\n    <tr>\n      <td>Execution<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1053\/\">T1053<\/a><\/td>\n      <td>Scheduled Task\/Job<\/td>\n      <td>Every year, same time.<\/td>\n    <\/tr>\n    <tr>\n      <td>Persistence<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1525\/\">T1525<\/a><\/td>\n      <td>Implant Internal Image<\/td>\n      <td>Quite an impression is made on the little ones.<\/td>\n    <\/tr>\n    <tr>\n      <td>Defense Evasion<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1562\/004\/\">T1562.004<\/a><\/td>\n      <td>Impair Defenses<\/td>\n      <td>Disables or modifies system fireplace<\/td>\n    <\/tr>\n    <tr>\n      <td>Lateral Movement<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1210\/\">T1210<\/a><\/td>\n      <td>Exploitation of Remote Services<\/td>\n      <td>Moving from house to house<\/td>\n    <\/tr>\n    <tr>\n      <td>Exfiltration<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1052\/\">T1052<\/a><\/td>\n      <td>Exfiltration Over Physical Medium<\/td>\n      <td>He takes the cookies and back up the chimney he goes!<\/td>\n    <\/tr>\n    <tr>\n      <td>Impact<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1485\/\">T1485<\/a><\/td>\n      <td>Cookie Destruction<\/td>\n      <td><em>Nom nom nom<\/em> (and drinks the milk!)<\/td>\n    <\/tr>\n    <tr>\n      <td>Impact<\/td>\n      <td><a href=\"https:\/\/attack.mitre.org\/techniques\/T1491\/\">T1491<\/a><\/td>\n      <td>Defacement<\/td>\n      <td>Well between the tree, the lights, the decorations and the gift wrap, my house is always a mess\u2026<\/td>\n    <\/tr>\n  <\/tbody>\n<\/table>\n\n<h4 id=\"references\">References<\/h4>\n\n<ul>\n  <li><a href=\"https:\/\/www.dictionary.com\/e\/what-are-all-of-the-different-names-for-santa-claus\/\">12 Names for Santa Claus From Around the World<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Christmas_elf\">Christmas Elf<\/a><\/li>\n  <li>Shoutout to <a href=\"https:\/\/infosec.exchange\/@esheesle\/109546468654942476\">@esheesle@infosec.exchange<\/a> for the idea!<\/li>\n  <li><a href=\"https:\/\/attack.mitre.org\/groups\/\">MITRE ATT&amp;CK Groups<\/a><\/li>\n  <li><a href=\"https:\/\/attack.mitre.org\/matrices\/enterprise\/\">MITRE ATT&amp;CK Matrix - Enterprise<\/a><\/li>\n  <li><a href=\"https:\/\/www.history.com\/topics\/christmas\/santa-claus\">Santa Claus: Real Origins &amp; Legend<\/a><\/li>\n<\/ul>\n","pubDate":"Sat, 24 Dec 2022 10:24:00 -0500","link":"https:\/\/shellsharks.com\/santa-ttps","guid":"https:\/\/shellsharks.com\/santa-ttps","category":["infosec","life","infosec","life","blog"]},{"title":"What is my sacrifice?","description":"<blockquote>\n  <p>Calm. Kindness, kinship. Love. I\u2019ve given up all chance at inner peace, I\u2019ve made my mind a sunless space. I share my dreams with ghosts. I wake up every day to an equation I wrote 15 years ago from which there\u2019s only one conclusion: I\u2019m damned for what I do. My anger, my ego, my unwillingness to yield, my eagerness to fight, they\u2019ve set me on a path from which there is no escape. I yearned to be a savior against injustice without contemplating the cost, and by the time I looked down, there was no longer any ground beneath my feet.<\/p>\n\n  <p>What is\u2026 what is my sacrifice? I\u2019m condemned to use the tools of my enemy to defeat them. I burn my decency for someone else\u2019s future. I burn my life, to make a sunrise that I know I\u2019ll never see. No, the ego that started this fight will never have a mirror, or an audience, or the light of gratitude. So what do I sacrifice?<\/p>\n\n  <p><a href=\"https:\/\/www.youtube.com\/watch?v=GQMDmb3mOY8\">Everything<\/a>.<\/p>\n<\/blockquote>\n","pubDate":"Sun, 27 Nov 2022 12:58:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2022\/11\/27\/what-is-my-sacrifice","guid":"https:\/\/shellsharks.com\/notes\/2022\/11\/27\/what-is-my-sacrifice","category":["life","tv"]},{"title":"Stars, Boosts & Toots","description":"<p><em><a href=\"#mastodon\">Mastodon<\/a>!<\/em> <strong><a href=\"#twitter-migration\">Twitter is burning<\/a><\/strong>!! <em>Ahhhhh<\/em>!!! The drama, right?! So what is this <a href=\"https:\/\/joinmastodon.org\">Mastodon<\/a> thingy and what\u2019s going on w\/ Twitter? I\u2019m delighted to tell you that I won\u2019t really be writing much about either of those things as there are plenty of others who have done so. Never fear though, what I <em>will<\/em> do is provide you an awesome, aggregated list of guides, resources, analyses and other cool stuff that has come out on the topics of Mastodon, Twitter and the greater \u201c<a href=\"#expanded-fediverse\">Fediverse<\/a>\u201d. Now you\u2019re thinking, \u201c<em>A bunch of lists you say? That sounds kinda boring\u2026<\/em>\u201d. You\u2019re probably right, so in addition to that I\u2019m going to first drop <a href=\"#my-take-on-mastodon-so-far\">my own take on Mastodon<\/a>! <em>Woooo<\/em>!<\/p>\n\n<p><strong>*<\/strong> Shoutout to @mttaggart@fosstodon.org who <a href=\"https:\/\/fosstodon.org\/@mttaggart\/109325779303522758\">told me not to do this<\/a>. Here it is anyways!<\/p>\n\n<p><strong>*<\/strong> Oh, and if you\u2019re on Mastodon, and so inclined, please give those I have referenced in this piece a follow, boost, like, w\/e! They are awesome parts of this growing community.<\/p>\n\n<p><strong>Jump to Section<\/strong><\/p>\n\n<ul>\n  <li><a href=\"#my-take-on-mastodon-so-far\">My Take on Mastodon<\/a><\/li>\n  <li><a href=\"#intro-to-mastodon\">Mastodon Intro<\/a><\/li>\n  <li><a href=\"#verification\">Verification on Mastodon<\/a><\/li>\n  <li><a href=\"#security--privacy\">Security &amp; Privacy<\/a><\/li>\n  <li><a href=\"#infosec-community\">Infosec Community<\/a><\/li>\n  <li><a href=\"#hosting-a-mastodon-instance\">Hosting a Mastodon Instance<\/a><\/li>\n  <li><a href=\"#twitter-migration\">Twitter Migration<\/a><\/li>\n  <li><a href=\"#expanded-fediverse\">Expanded Fediverse<\/a><\/li>\n<\/ul>\n\n<hr \/>\n\n<h1 id=\"my-take-on-mastodon-so-far\">My Take On Mastodon So Far<\/h1>\n\n<p>There is <em>a lot<\/em> about <a href=\"#mastodon\">Mastodon<\/a> (and the <a href=\"#expanded-fediverse\">Fediverse<\/a>) that I have yet to learn, but what I do know is that <em>it<\/em> has (pretty much) already surpassed what Twitter was to me in both personal and professional contexts. I had a Twitter account for years, and try as I might, I never felt quite <em>comfortable<\/em> being anything more than a passive consumer - a lurker of those in the #infosectwitter community who had big followings. Though there was of course a decent amount of discussion\/engagement within the infosec Twitter world, it often seemed to me very clique-ey, reserved only to those with big followerships or with well-known personas and established circles. I also always had the sense that trying to cultivate a following on Twitter was, <em>sorta cringey<\/em>. People there seemed more interested in boosting their follower counts or their follower-to-following ratio than expanding their true community. This feeling was ever-perpetuated by the constant deluge of tweets sounding off about how many followers they had, or how close they were to a certain follower threshold, etc\u2026<\/p>\n\n<p>Look, <em>I get it<\/em> - I have a <a href=\"https:\/\/shellsharks.com\/\">blog<\/a>, a <a href=\"https:\/\/shellsharks.com\/podcast\">podcast<\/a>, I understand why people <em>crave<\/em> followers. It\u2019s the <em>engagement<\/em> I am after though, not so much just having my tweets\/toots\/posts\/<em>stuff<\/em> show up in a lot of people\u2019s timelines. I genuinely enjoy sharing my thoughts\/ideas, and even moreso hearing\/learning from others. Naturally, a good way to create this engagement is to network, follow a lot of people and of course, have others \u201cfollow\u201d me. I never had a big following on Twitter (~190ish as of the last time I looked), and I never got much engagement there (partially because I rarely posted). I\u2019ve been on Mastodon for nearly 2 weeks and already I\u2019ve seen <em>much<\/em> better engagement (and I am not alone). Maybe it\u2019s the novelty factor, or maybe it\u2019s because it hasn\u2019t had time to turn into a toxic stew, it could be because I am more actively engaging. I\u2019m not really sure yet, but what I do know is the <strong>vibe<\/strong> is different. That sense of community is definitely there and I am looking to make the most of it.<\/p>\n\n<p><em>Alright<\/em>, so I have a few other thoughts\/takes on my Mastodon experience so far, and as I am want to do, I will share via a list!<\/p>\n\n<ul>\n  <li>As others have pointed out, two reasons why Twitter always felt a bit, <em>icky<\/em>, was because of forced ads in your timeline and the bedeviling algorithm which fed not what <em>YOU<\/em> wanted into your timeline, but what Twitter thought would yield maximum engagement, which typically meant trying to fill you with rage. Mastodon is a breath of fresh air in comparison.<\/li>\n  <li>I joined the <a href=\"#infosecexchange\">infosec.exchange<\/a> instance, which is relatively quite large (~24k and growing) and have <a href=\"https:\/\/shellsharks.social\/@shellsharks\/following\">followed<\/a> nearly 400 people so far. What I\u2019ve seen across my home feed and the local timeline has been really great! No ads, literally just what I\u2019ve signed up for. I\u2019ve been consuming\/scrolling most of it so far and have encountered a lot of new people and genuinely look forward to (most) of what they have to share.<\/li>\n  <li>Mastodon is a series of unique, <a href=\"https:\/\/www.w3.org\/TR\/activitypub\/\">networked<\/a> <a href=\"https:\/\/instances.social\">instances<\/a>. When folks from other instances are <em>boosted<\/em> into my timeline, there is a sense of excitement, of exploration. For example, if I see someone with the handle <em>@hax@supercyber.pizza<\/em>, I think \u201cwow! I\u2019m happy to have discovered this indvidual in the wide Fediverse, and look forward to what they post\/boost into my timeline\u201d. That hunger to follow, to connect moreso than \u201cget followers\u201d is really great. I have this desire to collect as many cool instances and awesome people as I can into my <a href=\"https:\/\/shellsharks.social\/@shellsharks\/following\">following list<\/a>.<\/li>\n  <li>If you want people to follow you, or engage with you, I highly recommend spending some time to tell people what you\u2019re all about in your <a href=\"https:\/\/shellsharks.social\/@shellsharks\/\">account profile<\/a>. Also, toss a picture of some kind in there. Anything will do.<\/li>\n  <li>Each instance will likely have its own culture, traditions and of course rules. Spend some time trying to figure out what those are, and leverage the <a href=\"https:\/\/docs.joinmastodon.org\/user\/posting\/#cw\">content warning<\/a> (CW) feature to try and be a little less offensive. <em>It\u2019s not hard to do<\/em>!<\/li>\n  <li>Being on an instance which has a population that best shares your personal\/professional interests will give you a <a href=\"https:\/\/docs.joinmastodon.org\/methods\/timelines\/\">local timeline<\/a> that will help you find people to follow and consume your posts. This is true. <em>But<\/em>! With a little effort, you can, regardless of what instance you are on, curate a following of people <em>across<\/em> instances, building a home timeline that is perfect for you, void of ads or algorithmic influences. This feed\/timeline will continue to grow and mature thanks to the boosts and discussions of those you follow and engage with. So spend less time trying to find the perfect instance, and more time building that list.<\/li>\n<\/ul>\n\n<p>If there is any drawback to Mastodon so far that I have seen, it is the lack of full-text search (for privacy reasons). This makes some of the intel-gathering I used to do on Twitter a bit more difficult (I\u2019m not the only one with this sentiment). One frequent use-case was to search for info on CVEs (e.g. PoCs, research, etc\u2026). To address this concern, the <a href=\"#infosec-community\">infosec community<\/a> on Mastodon has been putting their heads together on how best to use hashtags to make intel-gathering possible on Mastodon. <sup><a href=\"https:\/\/infosec.exchange\/@shellsharks\/109312621380439732\">1<\/a>, <a href=\"https:\/\/infosec.exchange\/@_mattata\/109344401551654192\">2<\/a>, <a href=\"https:\/\/fosstodon.org\/@mttaggart\/109349346996034218\">3<\/a><\/sup><\/p>\n\n<hr \/>\n\n<h1 id=\"mastodon\">Mastodon<\/h1>\n\n<h2 id=\"intro-to-mastodon\">Intro to Mastodon<\/h2>\n\n<p>To avoid writing a regurgitated \u201c<em>how to get started w\/ Mastodon<\/em>\u201d section, I\u2019m going to first just link to the <a href=\"https:\/\/www.wired.com\">Wired<\/a> article on this - <strong><a href=\"https:\/\/www.wired.com\/story\/how-to-get-started-use-mastodon\/\">How to Get Started on Mastodon<\/a><\/strong>. Again, I want to emphasize - try not to stress too much on what \u201cinstance\u201d you choose. This should only really affect your \u201clocal\u201d timeline, not your ability to follow those anywhere, on any instance (unless you wish to follow the <a href=\"https:\/\/www.secjuice.com\/mastodon-child-porn-pedophiles\/\">dregs<\/a> of the <a href=\"#expanded-fediverse\">Fediverse<\/a> that tend to get de-<a href=\"https:\/\/www.jwz.org\/blog\/2022\/11\/mastodon-and-federation\/\">federated<\/a> from the upstanding servers). Alternatively, for those that are adventurous, have some free time and are relatively tech savvy, <a href=\"#hosting-a-mastodon-instance\">hosting your own instance<\/a> on a vanity domain is another option! If you don\u2019t end up liking an instance you\u2019ve landed on, check out <a href=\"https:\/\/blog.joinmastodon.org\/2019\/06\/how-to-migrate-from-one-server-to-another\/\">how to migrate from one server to another<\/a>. <em>OK<\/em>, that out of the way, here\u2019s a list of other Mastodon stuff\u2026<\/p>\n\n<ul>\n  <li>Find an instance via <a href=\"https:\/\/instances.social\">instances.social<\/a><\/li>\n  <li><a href=\"https:\/\/fedi.tips\/how-to-use-mastodon-and-the-fediverse-basic-tips\/\">How To Use Mastodon and the Fediverse<\/a> via <a href=\"https:\/\/fedi.tips\">Fedi.Tips<\/a><\/li>\n  <li>Some general <a href=\"https:\/\/infosec.exchange\/@chrisabides\/109309319819177873\">Mastodon etiquette<\/a> from <a href=\"https:\/\/infosec.exchange\/@chrisabides\">@chrisabides@infosec.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/escapingtech.com\/tech\/guides\/a-twitter-users-guide-to-mastodon.html\">A Twitter User\u2019s Guide to Mastodon<\/a> from <a href=\"https:\/\/mastodon.social\/@malwaretech\">Marcus Hutchins<\/a><\/li>\n  <li><a href=\"https:\/\/infosec.exchange\/@Em0nM4stodon\/109323504324459171\">Tips for Mastodon newcomers<\/a> from <a href=\"https:\/\/infosec.exchange\/@Em0nM4stodon\">@Em0nM4stodon@infosec.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.ie\/@klillington\/109287983727726762\">Useful Mastodon guides<\/a> courtesy of <a href=\"https:\/\/mastodon.ie\/@klillington\">@klillington@mastodon.ie<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.help\">Mastodon.help<\/a><\/li>\n  <li><a href=\"https:\/\/patricia.no\/2022\/11\/18\/twitter_off_ramp.html\">A Twitter Off Ramp<\/a><\/li>\n  <li><a href=\"https:\/\/2ality.com\/2022\/10\/mastodon-getting-started.html\">Getting started with Mastodon<\/a> per <a href=\"https:\/\/fosstodon.org\/@rauschma\/109347957045367913\">@rauschma@fosstodon.org<\/a><\/li>\n  <li>Some more <a href=\"https:\/\/mastodon.social\/@davewalker\/109325307961318659\">Mastodon tips<\/a> from <a href=\"https:\/\/mastodon.social\/@davewalker\">@davewalker@mastodon.social<\/a><\/li>\n  <li><a href=\"https:\/\/ajroach42.com\/what-everyone-seems-to-get-wrong-about-mastodon\/\">What Everyone Seems to Get Wrong About Mastodon<\/a> per <a href=\"https:\/\/retro.social\/@ajroach42\/109331218298356096\">@ajroach42@retro.social<\/a><\/li>\n  <li><a href=\"https:\/\/patricia.no\/2022\/11\/18\/mastodon_migration.html\">Mastodon migration, moving to a new server<\/a> per <a href=\"https:\/\/social.vivaldi.net\/@Patricia\/109395204448620858\">@Patricia@vivaldi.net<\/a><\/li>\n  <li><a href=\"https:\/\/arstechnica.com\/gadgets\/2022\/12\/mastodon-highlights-pros-and-cons-of-moving-beyond-big-tech-gatekeepers\/\">Mastodon\u2013and the pros and cons of moving beyond Big Tech gatekeepers<\/a><\/li>\n  <li><a href=\"https:\/\/mattbrown.dev\/mastodon\/\">How to talk to your relatives about Mastodon<\/a><\/li>\n  <li><a href=\"https:\/\/controlaltdelete.technology\/articles\/the-mastodons-guide-to-the-fediverse.html\">The Mastodon\u2019s Guide to the Fediverse<\/a><\/li>\n  <li><a href=\"https:\/\/zenodo.org\/records\/14170125\">Mastodon Quick Start Guide<\/a><\/li>\n<\/ul>\n\n<p>Quick (I promise) rundown of Mastodon verbiage\/mechanics\u2026<\/p>\n\n<ul>\n  <li><strong>Posts<\/strong> <del>are<\/del> <a href=\"https:\/\/gizmodo.com\/mastodon-toot-retired-twitter-tweet-equivalent-1849786221\">were<\/a> \u201c<strong>Toots<\/strong>\u201d, now they\u2019re just \u201cposts\u201d. Ask your instance admin to <a href=\"https:\/\/git.disroot.org\/badrihippo\/tootify\">tootify<\/a> the server if you miss tootin\u2019 (via <a href=\"https:\/\/fosstodon.org\/@benjaminhollon\/109355527163671306\">@benjaminhollon@fosstodon.org<\/a>)<\/li>\n  <li>A re-post (or re-tweet) is a \u201c<strong>Boost<\/strong>\u201d. <a href=\"https:\/\/mastodon.social\/@Gargron\/99662106175542726\">There is no quote-boost<\/a>, so don\u2019t ask. Boosting helps propagate stuff you like to all your followers and to your local timeline. This helps get stuff out to other instances. <em>Boosts are good<\/em>.<\/li>\n  <li>A \u201c<strong>Star<\/strong>\u201d simply communicates to the OP, \u201cI like that\u201d. It has no effect on anything else. So <em>star star star<\/em> away!<\/li>\n  <li><strong>Lists<\/strong> exist.<\/li>\n  <li>Unlike Twitter, Mastodon has no full-text search. It instead relies on <strong>hashtags<\/strong>. So use those liberally where applicable. You can also follow hashtags. (per <a href=\"https:\/\/infosec.exchange\/@tinker\/109330871957962166\">@tinker@infosec.exchange<\/a>)<\/li>\n  <li>The consensus seems to be that the first-party Mastodon client is bad. Try some of these other apps instead\u2026\n    <ul>\n      <li><a href=\"https:\/\/apps.apple.com\/us\/app\/metatext\/id1523996615\">Metatext<\/a> for iOS<\/li>\n      <li><a href=\"https:\/\/play.google.com\/store\/apps\/details?id=app.fedilab.android&amp;hl=en_US&amp;gl=DE&amp;pli=1\">Fedilab<\/a> for Android<\/li>\n      <li><a href=\"https:\/\/git.shadowfacts.net\/shadowfacts\/Tusker\">Tusker<\/a> (from <a href=\"https:\/\/infosec.exchange\/@jxhn\/109337746209475152\">@jxhn@infosec.exchange<\/a>)<\/li>\n    <\/ul>\n  <\/li>\n  <li>One cool thing you can do via Mastodon is retrieve a <a href=\"https:\/\/infosec.exchange\/@SteveD3\/109345603084458028\">.rss feed of an account\u2019s posts<\/a> per <a href=\"https:\/\/infosec.exchange\/@SteveD3\">@SteveD3@infosec.exchange<\/a><\/li>\n<\/ul>\n\n<p>Now get out there and <a href=\"https:\/\/infosec.exchange\/@tinker\/109321493379634906\">toot to your hearts content<\/a>!<\/p>\n\n<h2 id=\"verification\">Verification<\/h2>\n\n<p><a href=\"https:\/\/docs.joinmastodon.org\/user\/profile\/#verification\">Mastodon has a verification capability<\/a>, though it differs from what Twitter traditionally offered. Essentially, you can establish a \u201cverified\u201d relationship between your Mastodon account and other third-party endpoints, such as a website. What this can prove is that, for example, the identity\/person behind the <a href=\"https:\/\/shellsharks.social\/@shellsharks\">@shellsharks@sehllsharks.social<\/a> Mastodon account is the same person who runs <a href=\"https:\/\/shellsharks.com\/\">shellsharks.com<\/a>. Some other verification related resources are provided below.<\/p>\n\n<ul>\n  <li>Thoughts on <a href=\"https:\/\/infosec.exchange\/@barubary\/109324210823125234\">Mastodon verification<\/a> from <a href=\"https:\/\/infosec.exchange\/@barubary\/\">@barubary@infosec.exchange<\/a><\/li>\n  <li>How to verify your GitHub via a <a href=\"https:\/\/infosec.exchange\/@SeanWrightSec\/109315775506958979\">thread<\/a> on <a href=\"infosec.exchange\">infosec.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/keyoxide.org\">KeyOxide<\/a> - A privacy-friendly tool to create and verify decentralized online identities. For help using KeyOxide on Mastodon, check out <a href=\"https:\/\/infosec.exchange\/@projectdp\/109338598390126219\">this thread<\/a> per <a href=\"https:\/\/infosec.exchange\/@projectdp\">@projectdp@infosec.exchange<\/a> or <a href=\"https:\/\/law.builders\/@IntlLawGnome\/109345853950652817\">this from @IntlLawGnome@law.builders<\/a><\/li>\n  <li>If <a href=\"https:\/\/keybase.io\">Keybase<\/a> is your jam, check out <a href=\"https:\/\/0x58.medium.com\/create-a-verified-keybase-link-on-your-mastodon-profile-218c17e5e28c\">this article on Keybase verification<\/a> or this <a href=\"https:\/\/wiki.infosec.exchange\/faq\/verification\/keybase_io\">infosec.exchange wiki article on Keybase verification<\/a><\/li>\n  <li>For WordPress users, check out <a href=\"https:\/\/www.tindrasgrove.com\/2022\/11\/mastodon-wordpress-and-verification\/\">Mastodon, WordPress, and Verification<\/a> per <a href=\"https:\/\/infosec.exchange\/@TindrasGrove\/109331180844495978\">@TindrasGrove@infosec.exchange<\/a><\/li>\n  <li>For a Twitter-similar, centralized \u201cverification\u201d offering, check out <a href=\"https:\/\/fedified.com\">Fedified<\/a> (via <a href=\"https:\/\/infosec.exchange\/@gossithedog\/109349904070905858\">@gossithedog@infosec.exchange<\/a>)<\/li>\n  <li><a href=\"https:\/\/webmasters.stackexchange.com\/questions\/140821\/using-rel-me-on-wix-hosted-site\">Using rel=\u201dme\u201d on Wix-hosted site<\/a><\/li>\n<\/ul>\n\n<h2 id=\"security--privacy\">Security &amp; Privacy<\/h2>\n\n<p>Is <a href=\"#mastodon\">Mastodon<\/a> secure? Is my data private? Is it more secure than Twitter? (these days, <a href=\"https:\/\/www.cnn.com\/2022\/08\/23\/tech\/twitter-whistleblower-peiter-zatko-security\/index.html\">almost assuredly<\/a>). How can I best lock down my Mastodon account(s)? All great questions. I\u2019ll share a list of articles that best answer these questions but first, some basic security\/privacy hygiene advice. <strong>Use a strong\/unique password<\/strong>, <strong><a href=\"https:\/\/docs.joinmastodon.org\/user\/contacts\/#account\">enable 2FA<\/a><\/strong>, understand that your instance admin has access to your data.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.eff.org\/deeplinks\/2022\/11\/mastodon-private-and-secure-lets-take-look\">Is Mastodon Private and Secure?<\/a> via <a href=\"https:\/\/www.eff.org\/\">EFF.org<\/a><\/li>\n  <li><a href=\"https:\/\/grahamcluley.com\">Graham Cluley\u2019s<\/a> take on <a href=\"https:\/\/grahamcluley.com\/mastodon-what-you-need-to-know-for-your-security-and-privacy\/\">security and privacy<\/a> on Mastodon<\/li>\n  <li><a href=\"https:\/\/techpolicy.press\/can-mastodon-survive-europes-digital-services-act\/\">Can Mastodon Survive Europe\u2019s Digital Services Act?<\/a> per <a href=\"https:\/\/federate.social\/@profcarroll\/109353950776860720\">@profcarroll@federate.social<\/a><\/li>\n  <li><a href=\"https:\/\/freeradical.zone\/@missiggeek\/109348559768938197\">GDPR and Mastodon<\/a>, analysis by <a href=\"https:\/\/freeradical.zone\/@missiggeek\">@missiggeek@freeradical.zone<\/a><\/li>\n  <li>(<a href=\"https:\/\/gdpr-info.eu\">GDPR<\/a>-related) <a href=\"https:\/\/sciences.re\/ropa\/\">Record of Processing Activities<\/a> per <a href=\"https:\/\/social.sciences.re\/@RGrunblatt\/109342061792478407\">@RGrunblatt@sciences.re<\/a><\/li>\n  <li>The venerable <a href=\"https:\/\/portswigger.net\">PortSwigger<\/a> has already gone to work <a href=\"https:\/\/portswigger.net\/research\/stealing-passwords-from-infosec-mastodon-without-bypassing-csp\">bug hunting Mastodon<\/a> (<a href=\"https:\/\/portswigger.net\/daily-swig\/mastodon-users-vulnerable-to-password-stealing-attacks\">The Daily Swig<\/a>). Point being, vulns do exist. <em>Stay frosty<\/em><\/li>\n  <li>For those interested in <a href=\"https:\/\/infosec.exchange\/@tinker\/109349249316218078\">TOTP MFA on desktop<\/a> (per <a href=\"https:\/\/infosec.exchange\/@tinker\">@tinker@infosec.exchange<\/a>)<\/li>\n  <li>Private messaging is <strong>not<\/strong> recommended on Mastodon. For this, other options are available, as discussed by <a href=\"https:\/\/mastodon.social\/@atomicpoet\/109328033127146253\">@atomicpoet@mastodon.social<\/a><\/li>\n  <li><a href=\"https:\/\/fossacademic.tech\/2022\/10\/18\/notesOnNobreEtAl.html\">More Mastodon Scraping without Consent<\/a> per <a href=\"https:\/\/scholar.social\/@robertwgehl\/109332710012353135\">@robertwgehl@scholar.social<\/a><\/li>\n  <li>For those interested in security testing a live Mastodon instance, check out <a href=\"https:\/\/cybervillains.com\/explore\">cybervillains.com<\/a><\/li>\n  <li><a href=\"https:\/\/sts10.github.io\/\/2022\/11\/12\/mastodon-2fa-security-key.html\">How to use a security key as two-factor authentication on your Mastodon account<\/a><\/li>\n<\/ul>\n\n<hr \/>\n\n<h1 id=\"infosec-community\">Infosec Community<\/h1>\n\n<p>I have used Twitter for years, as there was a relatively vibrant <a href=\"https:\/\/infosec.exchange\/tags\/infosec\">#infosec<\/a> community that shared research, articles, etc\u2026 With the <a href=\"#twitter-migration\">meltdown of Twitter<\/a>, it seems the infosec-Twitter diaspora has gone full-force and we (as a community) now primarily exist across a <a href=\"#infosec-instances\">variety of Mastodon instances<\/a>. The community that has developed, and the speed at which it has developed, has been truly astounding to behold. For my part, <a href=\"https:\/\/shellsharks.social\/@shellsharks\">I<\/a> joined <a href=\"#infosecexchange\">infosec.exchange<\/a>.<\/p>\n\n<p>If you\u2019re looking to find others in the infosec world on Mastodon\u2026<\/p>\n<ul>\n  <li>Gsheet with a <a href=\"https:\/\/docs.google.com\/spreadsheets\/d\/1t13k5_cNhP9_TgoUmqDZk2ROkWkF6Bg3O5269vKIqWw\/htmlview\">mapping of Twitter\u2013&gt;Mastodon<\/a> accounts<\/li>\n  <li><a href=\"https:\/\/tisiphone.net\/2022\/11\/10\/infosec-mastodon-lists\/\">Infosec Mastodon Lists!<\/a> from <a href=\"https:\/\/tisiphone.net\/\">tisiphone.net<\/a><\/li>\n  <li>Or join an open <a href=\"#infosec-instances\">infosec instance<\/a> and just start following people! <strong>Pro tip<\/strong>: you can (for open instances) view the local timeline for any instance, whether you are a member or not<\/li>\n<\/ul>\n\n<p>I\u2019ve written up a quite note - a \u201c<a href=\"https:\/\/shellsharks.com\/notes\/2023\/10\/20\/infosec-mastodon-starter-pack\">starter pack<\/a>\u201d - for those new to Mastodon. It includes some bonus info for <em>infosec<\/em> folks.<\/p>\n\n<h2 id=\"infosecexchange\">infosec.exchange<\/h2>\n\n<p><a href=\"infosec.exchange\">infosec.exchange<\/a> is described as \u201c<em>a Mastodon instance for info\/cyber security-minded people.<\/em>\u201d No better way to describe it! It was stood up and is admin\u2019ed by <a href=\"https:\/\/infosec.exchange\/@jerry\">Jerry Bell<\/a> (host of the <a href=\"https:\/\/defensivesecurity.org\">Defensive Security Podcast<\/a> and seemingly trustworthy infosec fella.) So far, the experience as a member of this server has been great. The community is <em>very<\/em> infosec-ey, friendly and growing quickly. Some other cool tidbits on infosec.exchange have been provided below\u2026<\/p>\n\n<ul>\n  <li>There is an <a href=\"https:\/\/wiki.infosec.exchange\">infosec.exchange wiki<\/a>!<\/li>\n  <li>Currently, infosec.exchange supports <strong>11k word<\/strong> posts. ELEVEN THOUSAND! Plenty of elbow room<\/li>\n  <li><a href=\"#hosting-a-mastodon-instance\">Running a Mastodon instance<\/a>, and doing it as well as Jerry has takes time, expertise, patience and money. To help out, consider contributing via <a href=\"https:\/\/liberapay.com\/Infosec.exchange\/\">liberapay<\/a><\/li>\n  <li>Anecdotally (and from multiple accounts I have seen from infosec.exchange members so far), engagement on posts\/polls\/replies has been outstanding - easily outpacing what others saw on Twitter, even with much more massive follower counts<\/li>\n  <li>infosec.exchange <em>very quickly<\/em> ramped from ~300 to over 20k (24k at the time of this post) in a matter of weeks. So donate and consider configuring post auto-delete (per <a href=\"https:\/\/infosec.exchange\/@spapjh\/109325460580938968\">@spapjh@infosec.exchange<\/a>)<\/li>\n  <li>For those interested in Jerry\u2019s stance on GDPR, check <a href=\"https:\/\/wiki.infosec.exchange\/about\/data_privacy_compliance\">this wiki article<\/a> (from <a href=\"https:\/\/infosec.exchange\/@jerry\/109340004683906647\">@jerry@infosec.exchange<\/a>)<\/li>\n<\/ul>\n\n<h2 id=\"infosec-instances\">Infosec Instances<\/h2>\n\n<p>A running list of <a href=\"#infosec-community\">infosec<\/a>-related\/adjacent Mastodon instances.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/infosec.exchange\/\">infosec.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/ioc.exchange\/\">ioc.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/securitycafe.ca\/\">Securitycafe.ca<\/a><\/li>\n  <li><a href=\"https:\/\/cybersecurity.masto.host\/\">Cybersecurity.masto.host<\/a><\/li>\n  <li><a href=\"https:\/\/cybersecurity.theater\/\">cybersecurity.theater<\/a><\/li>\n  <li><a href=\"https:\/\/hackers.town\/\">hackers.town<\/a><\/li>\n  <li><a href=\"https:\/\/freeradical.zone\/\">freeradical.zone<\/a><\/li>\n  <li><a href=\"https:\/\/defcon.social\/explore\">defcon.social<\/a><\/li>\n  <li><a href=\"https:\/\/cyberplace.social\/\">cyberplace.social<\/a><\/li>\n  <li><a href=\"https:\/\/noc.social\">noc.social<\/a><\/li>\n  <li><a href=\"https:\/\/haunted.computer\/\">haunted.computer<\/a><\/li>\n  <li><a href=\"https:\/\/chaos.social\/\">chaos.social<\/a><\/li>\n  <li><a href=\"https:\/\/social.hackerspace.pl\/\">social.hackerpsace.pl<\/a><\/li>\n  <li><a href=\"https:\/\/swecyb.com\/\">swecyb.com<\/a><\/li>\n  <li><a href=\"https:\/\/hispagatos.space\/\">hispagatos.space<\/a><\/li>\n  <li><a href=\"https:\/\/infosec.town\">infosec.town<\/a> (<em>Iceshrimp<\/em>)<\/li>\n  <li><a href=\"https:\/\/infosec.place\/main\/public\">infosec.place<\/a> (<em>Akkoma<\/em>)<\/li>\n  <li><a href=\"https:\/\/infosec.space\/\">infosec.space<\/a><\/li>\n<\/ul>\n\n<hr \/>\n\n<h1 id=\"hosting-a-mastodon-instance\">Hosting a Mastodon Instance<\/h1>\n\n<p>There are plenty of great, open <a href=\"https:\/\/instances.social\">instances to join<\/a> if you are interested in <a href=\"#mastodon\">Mastodon<\/a>. But if you\u2019re interested in hosting your own server, that too is possible! In fact, I plan on trying this out at some point. For anyone interested, and for reference myself when the time comes, here are some resources\/discussions I have collected\u2026<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/blog.infosec.exchange\/2022\/12\/22\/scaling-mastodon-part-1\/\">Scaling Mastodon - Part 1<\/a><\/li>\n  <li><a href=\"https:\/\/someone.elses.computer\/@laurence\/109335661569754444\">Thread on running personal instance<\/a> from <a href=\"https:\/\/someone.elses.computer\/@laurence\">@laurence@someone.elses.computer<\/a><\/li>\n  <li>Spinning up <a href=\"https:\/\/blog.joinmastodon.org\/2019\/04\/mastodon-now-available-on-digitalocean\/\">Mastodon on DigitalOcean<\/a> (from <a href=\"https:\/\/infosec.exchange\/@tinker\">@Tinker<\/a>)<\/li>\n  <li>Thoughts on <a href=\"https:\/\/masto.host\/re-mastodon-media-storage\/\">Mastodon media storage<\/a> from <a href=\"https:\/\/mastodon.social\/@mastohost\/109321864549298922\">@mastohost@mastodon.social<\/a><\/li>\n  <li><a href=\"https:\/\/www.reddit.com\/r\/Mastodon\/comments\/yr95oc\/cheapest_most_efficient_and_scalable_mastodon\/\">Thread on Mastodon hosting<\/a> (from Reddit).<\/li>\n  <li>Notes on <a href=\"https:\/\/sick.social\/@sickcodes\/109331897031470832\">nginx confs<\/a> per <a href=\"https:\/\/sick.social\/@sickcodes\/109331897031470832\">@sickcodes@sick.social<\/a><\/li>\n  <li>Some <a href=\"https:\/\/github.com\/Anthchirp\/mastodon-defederate\">tools for running small instances<\/a> courtesy of <a href=\"https:\/\/mast.uxp.de\/@markus\/109332905203462824\">@markus@uxp.de<\/a><\/li>\n  <li><a href=\"https:\/\/nora.codes\/post\/scaling-mastodon-in-the-face-of-an-exodus\/\">Scaling Mastodon in the Face of an Exodus<\/a><\/li>\n  <li><a href=\"https:\/\/rixx.de\/blog\/on-running-a-mastodon-instance\/\">On Running a Mastodon Instance<\/a> from <a href=\"https:\/\/chaos.social\/@rixx\/107486676987936272\">@rixx@chaos.social<\/a><\/li>\n  <li><a href=\"https:\/\/www.bentasker.co.uk\/posts\/blog\/general\/running-mastodon-in-docker-compose.html\">Running a Mastodon Instance using docker-compose<\/a> per <a href=\"https:\/\/mastodon.bentasker.co.uk\/@ben\/109349116860032153\">@ben@mastodon.bentasker.co.uk<\/a><\/li>\n  <li>Enabling the <a href=\"https:\/\/github.com\/mastodon\/mastodon\/pull\/19218\">translation service<\/a> per <a href=\"https:\/\/infosec.exchange\/@charlesdardaman\/109349109086315077\">@charlesdardaman@infosec.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/www.youtube.com\/watch?v=2a9YrLsE45Y&amp;feature=youtu.be\">Build Your Own Mastodon Server on Debian<\/a> from <a href=\"https:\/\/fosstodon.org\/@donwatkins\/109354965867309656\">@donwatkins@fosstodon.org<\/a><\/li>\n  <li><a href=\"https:\/\/infosec.exchange\/@Adman\/109357323234464454\">Notes on setting up a Mastodon instance<\/a> from <a href=\"https:\/\/infosec.exchange\/@Adman\">@Adman@infosec.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/github.com\/widdix\/mastodon-on-aws\">mastodon-on-aws<\/a> per <a href=\"https:\/\/mastodon.social\/@honyocker\/109360631128484873\">@honyocker@mastodon.social<\/a><\/li>\n  <li>Mitigate potential liability by registering with copyright office and designating an agent to receive <a href=\"https:\/\/www.copyright.gov\/dmca-directory\/\">DMCA reports<\/a> - per <a href=\"https:\/\/twitter.com\/rahaeli\/status\/1593819064161665024\">@rahaeli@infosec.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/denise.dreamwidth.org\/91757.html\">A guide to potential liability pitfalls for people running a Mastodon instance<\/a><\/li>\n  <li><a href=\"https:\/\/medium.com\/@kris-nova\/hachyderm-infrastructure-74f518bc7472\">Hachyderm Infrastructure<\/a><\/li>\n  <li><a href=\"https:\/\/ae3.ch\/mastodon-docker-traefik\">Mastodon with Docker and Traefik<\/a><\/li>\n  <li><a href=\"https:\/\/blog.riemann.cc\/projects\/mastodon-privacy-policy-generator\/\">Mastodon Privacy Policy Generator<\/a> per <a href=\"https:\/\/chaos.social\/@rriemann\/109384055798565711\">@rriemann@chaos.social<\/a><\/li>\n  <li><a href=\"https:\/\/github.com\/flatcar\/flatcar-mastodon\">Single-node deployment of Mastodon on Linux w\/ Flatcar<\/a> per <a href=\"https:\/\/hachyderm.io\/@ahrkrak\/109404804707924178\">@ahrkrak@hachyderm.io<\/a><\/li>\n  <li><a href=\"https:\/\/www.markloveless.net\/blog\/2022\/12\/5\/mastodon-and-self-hosting\">Mastodon and Self-Hosting<\/a><\/li>\n  <li><a href=\"https:\/\/www.eigenmagic.com\/2022\/11\/29\/scaling-mastodon-with-systemd-template-units\/\">Scaling Mastodon with systemd Template Units<\/a><\/li>\n  <li><a href=\"https:\/\/philna.sh\/blog\/2022\/11\/23\/alias-your-mastodon-username-to-your-own-domain-with-jekyll\/\">Alias your Mastodon Username to your own Domain with Jekyll<\/a> per <a href=\"https:\/\/mastodon.social\/@philnash\/109393416507109263\">@philnash@mastodon.social<\/a><\/li>\n  <li><a href=\"https:\/\/page.romeov.me\/posts\/setting-up-mastodon-with-nixos\/\">Setting up your own Mastodon instance with Hetzner and NixOS<\/a> per <a href=\"https:\/\/social.romeov.me\/@romeo\/109300130246177513\">@romeo@social.romeov.me<\/a><\/li>\n  <li><a href=\"https:\/\/decoded.legal\/blog\/2022\/11\/notes-on-operating-fediverse-services-mastodon-pleroma-etc-from-an-english-law-point-of-view\">Notes on operating fediver services from an English law point of view<\/a><\/li>\n  <li><a href=\"https:\/\/www.eff.org\/deeplinks\/2022\/12\/user-generated-content-and-fediverse-legal-primer\">User Generated Content and the Fediverse: A Legal Primer<\/a><\/li>\n  <li><a href=\"https:\/\/dltj.org\/article\/mastodon-instance-reports\/\">Mastodon Instance Operators Report on the Impact of the #TwitterMigration<\/a><\/li>\n  <li><a href=\"https:\/\/blog.cloudflare.com\/welcome-to-wildebeest-the-fediverse-on-cloudflare\/\">Welcome to Wildebeest: the Fediverse on Cloudflare<\/a><\/li>\n  <li><a href=\"http:\/\/mastoreqs.com\/\">Mastoreqs.com<\/a> from <a href=\"https:\/\/vmst.io\/@vmstan\/110923949404950113\">@vmstan@vmst.io<\/a><\/li>\n  <li><a href=\"https:\/\/cyber.fsi.stanford.edu\/io\/news\/common-abuses-mastodon-primer\">Common Abuses on Mastodon: A Primer<\/a><\/li>\n  <li><a href=\"https:\/\/josh.is-cool.dev\/running-a-mastodon-instance-entirely-free-forever\/\">Running a Mastodon instance entirely free forever<\/a><\/li>\n  <li><a href=\"https:\/\/softwaremill.com\/the-architecture-of-mastodon\/\">The Architecture of Mastodon<\/a><\/li>\n<\/ul>\n\n<hr \/>\n\n<h1 id=\"twitter-migration\">Twitter Migration<\/h1>\n\n<p>I\u2019m not particularly interested in analyzing or writing much about what\u2019s going on w\/ Twitter. What I will say is that I\u2019ve pretty much left (my account <a href=\"https:\/\/twitter.com\/shellsharks\">still exists<\/a> but I am no longer looking at my feed and haven\u2019t signed in since I joined <a href=\"#mastodon\">Mastodon<\/a>), and generally speaking, the <a href=\"#infosec-community\">infosec community<\/a> seems to have almost fully disowned the platform. From what I have read and seen, it does seem to have turned into a <strong><a href=\"https:\/\/twitterisgoinggreat.com\">dumpster fire<\/a><\/strong>. I know not what the future holds for Twitter, but for many reasons <a href=\"#my-take-on-mastodon-so-far\">I am happy with where I have landed<\/a> and look forward to making Mastodon my long-term home, regardless of Twitter\u2019s ultimate fate. That said, if you are interested in moving yourself or reading more about the <a href=\"https:\/\/infosec.exchange\/tags\/twittermigration\">#twittermigration<\/a>, check out the resources below.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.hughrundle.net\/home-invasion\/\">Home Invasion<\/a>, thoughts on the mass-move to Mastodon.<\/li>\n  <li>Twitter migration <a href=\"https:\/\/mstdn.social\/@stevepdp\/109324712532921940\">resources<\/a> from <a href=\"https:\/\/mstdn.social\/@stevepdp\">@stevepdp@mstdn.social<\/a><\/li>\n  <li><a href=\"https:\/\/michae.lv\/deleting-dms-from-twitter\/\">Deleting DMs from Twitter using the GDPR<\/a> per <a href=\"https:\/\/someone.elses.computer\/@mikarv\/109326253999130984\">@mikarv@someone.elses.computer<\/a><\/li>\n  <li><a href=\"https:\/\/uxdesign.cc\/mastodon-is-antiviral-design-42f090ab8d51\">Twitter alternative: how Mastodon is designed to be \u201cantiviral\u201d<\/a> per <a href=\"https:\/\/saturation.social\/@clive\/109321191553242136\">@clive@saturation.social<\/a><\/li>\n  <li>Search for Mastodon accounts of the people you followed on Twitter via <a href=\"https:\/\/pruvisto.org\/debirdify\/\">Debirdify<\/a><\/li>\n  <li>Extract fediverse handles of your Twitter followings via <a href=\"https:\/\/fedifinder.glitch.me\">Fedifinder<\/a><\/li>\n  <li>Bulk-delete your tweets using <a href=\"https:\/\/tweetdelete.net\">tweetdelete<\/a> per <a href=\"https:\/\/infosec.exchange\/@gossithedog\/109349388730356691\">@gossithedog@infosec.exchange<\/a><\/li>\n  <li>Recover your Twitter threads using <a href=\"https:\/\/gist.github.com\/LeeHolmes\/4ebeed5df73ac04678d7c954f74701e6\">Get-TwitterThread<\/a> per <a href=\"https:\/\/infosec.exchange\/@Lee_Holmes\/109349124264564741\">@Lee_Holmes@infosec.exchange<\/a><\/li>\n  <li><a href=\"https:\/\/grahamcluley.com\/its-time-delete-your-twitter-dms\/\">It\u2019s time. Delete your Twitter DMs<\/a> (Graham Cluley)<\/li>\n  <li><a href=\"https:\/\/semiphemeral.com\">semiphemeral<\/a> - Automatically delete your old tweets, except for the ones you want to keep.<\/li>\n<\/ul>\n\n<hr \/>\n\n<h1 id=\"expanded-fediverse\">Expanded Fediverse<\/h1>\n\n<p><a href=\"https:\/\/mastodon.social\/@sass\">I joined Mastodon in 2018<\/a>, but never really made much of it at the time. I rejoined in earnest in November (2022) so I am obviously not a <a href=\"#mastodon\">Mastodon<\/a> pro nor particularly experienced\/knowledgeable about the wider \u201cFediverse\u201d. So I won\u2019t pretend to be. Instead, here is some stuff that you may be interested in, and that I will continue to dig into as I have time\u2026<\/p>\n\n<ul>\n  <li>Hints and tips about Mastodon and the Fediverse via <a href=\"https:\/\/mstdn.social\/@feditips\">Fedi.Tips<\/a><\/li>\n  <li><a href=\"https:\/\/joinbookwyrm.com\/\">BookWyrm<\/a> is the Fediverse altnernative to GoodReads<\/li>\n  <li>Some analysis on the <a href=\"https:\/\/news.ycombinator.com\/item?id=33545541\">existential threat<\/a> to the Fediverse\/Mastodon<\/li>\n  <li><a href=\"https:\/\/ariadne.space\/2022\/11\/12\/twitters-demise-is-activitypubs-future\/\">Twitter\u2019s demise is ActivityPub\u2019s future<\/a> per <a href=\"https:\/\/social.treehouse.systems\/@ariadne\/109331275534427283\">@ariadne@treehouse.systems<\/a><\/li>\n  <li><a href=\"https:\/\/cfenollosa.com\/blog\/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html\">After self-hosting my email for twenty-three years I have thrown in the towel. The oligopoly has won.<\/a><\/li>\n  <li><a href=\"https:\/\/tailscale.com\/blog\/2022-11-16-fediverse\/\">Tailscale on the Fediverse<\/a><\/li>\n  <li><a href=\"https:\/\/ar.al\/2022\/11\/09\/is-the-fediverse-about-to-get-fryed-or-why-every-toot-is-also-a-potential-denial-of-service-attack\/\">Is the fediverse about to get Fryed?\u2026<\/a> via <a href=\"https:\/\/mastodon.cloud\/@timbray\/109355955409064964\">@timbray@mastodon.cloud<\/a><\/li>\n  <li><a href=\"https:\/\/www.wired.com\/story\/the-man-behind-mastodon-eugen-rochko-built-it-for-this-moment\/\">The Man Behind Mastodon Built It for This Moment<\/a><\/li>\n  <li><a href=\"https:\/\/solidproject.org\">Solid Project<\/a> from <a href=\"https:\/\/noc.social\/@Dcuthbert\/109349466213486869\">@Dcuthbert@noc.social<\/a><\/li>\n  <li><a href=\"https:\/\/www.comeetie.fr\/galerie\/mapstodon\/\">Mapstodon<\/a> via <a href=\"https:\/\/infosec.exchange\/@crankylinuxuser\/109354229747733753\">@crankylinuxuser@infosec.exchange<\/a><\/li>\n  <li>Find verified journalists on Mastodon <a href=\"https:\/\/www.presscheck.org\">PressCheck.org<\/a><\/li>\n  <li><a href=\"https:\/\/www.eff.org\/deeplinks\/2022\/11\/fediverse-could-be-awesome-if-we-dont-screw-it\">The Fediverse Could be Awesome (if we don\u2019t screw it up)<\/a><\/li>\n  <li><a href=\"https:\/\/github.com\/nathanlesage\/academics-on-mastodon\">Academics on Mastodon<\/a><\/li>\n  <li><a href=\"https:\/\/minkiver.se\/~\/WebminkInDraft\/Fediverse\/\">The Fediverse As Composable Distributed Applications<\/a> per <a href=\"https:\/\/meshed.cloud\/@webmink\/109359937839481959\">@webmink@meshed.cloud<\/a><\/li>\n  <li><a href=\"https:\/\/docs.google.com\/spreadsheets\/d\/13No4yxY-oFrN8PigC2jBWXreFCHWwVRTftwP6HcREtA\/htmlview?resourcekey=undefined&amp;pru=AAABhH2W2zA*V1PG7hJSTbifNCcDu40zLA#gid=1320898902\">Journalists on Mastodon<\/a> per <a href=\"https:\/\/mstdn.social\/@terihannigan\/109390048645653181\">@terihannigan@mstdn.social<\/a><\/li>\n  <li><a href=\"https:\/\/mastodon.social\/@ChrisPirillo\/109378559690955379\">The many branches of the Fediverse<\/a><\/li>\n  <li><a href=\"https:\/\/x61.sh\/log\/2022\/10\/20221015T145211-honk.html\">honk<\/a><\/li>\n  <li><a href=\"https:\/\/hyperborea.org\/tech-tips\/fediverse-feeds\/\">Finding Fediverse Feeds<\/a> per <a href=\"https:\/\/wandering.shop\/@KelsonV\/109696121243401067\">@KelsonV@wandering.shop<\/a><\/li>\n  <li><a href=\"https:\/\/thefedi.wiki\">The Fediverse Wiki<\/a><\/li>\n  <li><a href=\"https:\/\/catodon.social\/@catodon\/pages\/introducing-catodon\">Catodon<\/a><\/li>\n  <li><a href=\"https:\/\/www.fediscanner.info\">FediScanner<\/a> - Check Hashtag in the Fediverse<\/li>\n  <li><a href=\"https:\/\/fediverse.fans\">Fediverse Fans<\/a> - Organize lists of users on Mastodon-compatible platforms by their interests<\/li>\n<\/ul>\n\n<h1 id=\"more\">More<\/h1>\n\n<ul>\n  <li><a href=\"https:\/\/mastodeck.com\">MastoDeck<\/a><\/li>\n  <li><a href=\"https:\/\/www.tootfinder.ch\">Tootfinder<\/a> - Proof of concept of an opt-in global Mastodon full text search.<\/li>\n  <li><a href=\"https:\/\/fediverse.info\/explore\/people\">Fediverse People Directory<\/a><\/li>\n  <li><a href=\"https:\/\/joinmastodon.org\/covenant\">Mastodon Server Convenant<\/a><\/li>\n  <li><a href=\"https:\/\/thedoodleprojectcom.network.thedoodleproject.net\/@derek\/posts\/204943312861091936\/\">the doodle project<\/a> - small hosted fediverse instances<\/li>\n  <li><a href=\"https:\/\/www.topmastodonposts.com\">Top Mastodon Posts<\/a><\/li>\n  <li><a href=\"https:\/\/mastometrics.com\">MastoMetrics<\/a><\/li>\n  <li><a href=\"https:\/\/www.analytodon.com\/\">Analytodon<\/a><\/li>\n  <li><a href=\"https:\/\/metricdon.com\/\">Metricdon<\/a><\/li>\n  <li><a href=\"https:\/\/communitywiki.org\/trunk\">Trunk<\/a><\/li>\n  <li><a href=\"https:\/\/infosec.exchange\/@catsalad\/111060637626965395\">Torified Fedi Links<\/a> - List of Fediverse instances that provide access through .Onion servers. (<em>per <a href=\"https:\/\/infosec.exchange\/@catsalad\">@catsalad<\/a><\/em>)<\/li>\n  <li><a href=\"https:\/\/fedionfire.stream\">Fedi on Fire \ud83d\udd25<\/a><\/li>\n  <li><a href=\"https:\/\/fedigov.eu\">Fedigov.eu<\/a><\/li>\n  <li><a href=\"https:\/\/agorasocial.app\">Agora<\/a><\/li>\n  <li><a href=\"https:\/\/news.feedseer.com\/welcome\">FeedSeer<\/a><\/li>\n  <li><a href=\"https:\/\/hashtag.place\">HashTag Place<\/a><\/li>\n  <li><a href=\"https:\/\/flathub.org\/apps\/dev.geopjr.Tuba\">Tuba<\/a><\/li>\n  <li><a href=\"https:\/\/disabled.social\/@kaveinthran\/111867085944367247\">Collections of Mastodon resources<\/a><\/li>\n  <li><a href=\"https:\/\/mastofeed.org\">MastoFeed<\/a><\/li>\n  <li><a href=\"https:\/\/justmytoots.com\/@username@instance\">JustMyToots<\/a> (<em>Change @username &amp; @instance as appropriate<\/em>)<\/li>\n  <li><a href=\"https:\/\/fediverse.info\">Fediverse.info<\/a><\/li>\n  <li><a href=\"https:\/\/fediview.com\">fediview<\/a><\/li>\n  <li><a href=\"https:\/\/sepiasearch.org\">Sepia Search<\/a> - PeerTube search engine<\/li>\n  <li><a href=\"https:\/\/fedicw.info\">Fedi CW<\/a><\/li>\n  <li><a href=\"https:\/\/mastovue.glitch.me\/#\/\">MastoVue<\/a> - Peek into any public Mastodon Timeline or search for Hashtags<\/li>\n  <li><a href=\"https:\/\/www.mastodonlistmanager.org\/main\">Mastodon List Manager<\/a><\/li>\n  <li><a href=\"https:\/\/data.natty.sh\/fedi-circles\/\">Fedi Circles<\/a><\/li>\n  <li><a href=\"https:\/\/podcastap.com\">PodcastAP<\/a><\/li>\n  <li><a href=\"https:\/\/qa.mastoadmin.social\">MastoAnswers<\/a><\/li>\n  <li><a href=\"https:\/\/markwrites.io\/guide-for-using-mastodon-search\">Guide for using Mastodon search<\/a><\/li>\n  <li><a href=\"https:\/\/the-counterforce.org\/guide-to-mastodon-fediverse\/\">THE COUNTERFORCE GUIDE TO MASTODON AND THE FEDIVERSE (FOR PUNKS!)<\/a><\/li>\n<\/ul>\n","pubDate":"Thu, 17 Nov 2022 09:39:00 -0500","link":"https:\/\/shellsharks.com\/mastodon","guid":"https:\/\/shellsharks.com\/mastodon","category":["infosec","life","technology","mastodon","fediverse","infosec","life","technology","blog","list"]},{"title":"Gladiator","description":"<p>\u201cIf you find yourself alone, riding in green fields with the sun on your face, do not be troubled. For you are on Mastodon, and not on Twitter!\u201d - <em>Mastodonius Decimus Meridius<\/em><\/p>\n\n<p>#Gladiator is the best movie of all time. I can\u2019t be convinced otherwise.<\/p>\n","pubDate":"Thu, 17 Nov 2022 08:11:00 -0500","link":"https:\/\/shellsharks.com\/notes\/2022\/11\/17\/gladiator","guid":"https:\/\/shellsharks.com\/notes\/2022\/11\/17\/gladiator","category":["life","movies"]},{"title":"Sky Meadows","description":"<blockquote>\n  <p><em>Meadow meets the sky,<\/em> <br \/>\n<em>Who am I?<\/em> <br \/>\n<em>Long lost, awanderin\u2019 afloat.<\/em> <br \/>\n<em>Again on the mountain, I wrote.<\/em> <br \/>\n<br \/>\n<em>Ridgeline canopied,<\/em> <br \/>\n<em>Scorched meado\u2019.<\/em> <br \/>\n<em>Leafy streams, that endless babble.<\/em> <br \/>\n<em>Not a poet\u2026 though I dabble.<\/em><\/p>\n<\/blockquote>\n","pubDate":"Sun, 31 Jul 2022 01:30:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2022\/07\/31\/sky-meadows","guid":"https:\/\/shellsharks.com\/notes\/2022\/07\/31\/sky-meadows","category":["life","poetry","travel"]},{"title":"The Science of Inbox Zero","description":"<p>Welcome to <strong>Part Two<\/strong> of my <a href=\"https:\/\/shellsharks.com\/tags?tag=inboxzero\">Inbox Zero series<\/a>! In <strong><a href=\"https:\/\/shellsharks.com\/inbox-zero#title\">Part One<\/a><\/strong>, I introduced the concept of <a href=\"https:\/\/www.youtube.com\/watch?v=z9UjeTMb3Yk\">Inbox Zero<\/a> (specifically, <em>my flavor of it<\/em>) and enumerated the <a href=\"https:\/\/shellsharks.com\/inbox-zero#lets-zero-it-out\">steps<\/a> I take to zero-out my inbox day-to-day. In this follow-up, I will cover some of the specific, <a href=\"#practical-mechanics\">practical mechanics<\/a> of how I execute my Inbox Zero playbook. I also provide the scientific basis in which this methodology has a very real, positive <a href=\"#psychology\">psychological<\/a> effect, improving efficiency, productivity and happiness.<\/p>\n\n<h6 id=\"jump-to-section\">Jump to Section<\/h6>\n<ul>\n  <li><a href=\"#practical-mechanics\">Practical Mechanics<\/a><\/li>\n  <li><a href=\"#email-processing-flow\">Email Process(ing) Flow<\/a><\/li>\n  <li><a href=\"#psychology\">Psychology<\/a><\/li>\n  <li><a href=\"#references\">References<\/a><\/li>\n<\/ul>\n\n<p>*<em>A shoutout to my wife, for which I owe my inspiration for doing this research and writing this post. I\u2019ll convert you one way or another!<\/em><\/p>\n\n<center>\n<img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/inboxzero.png\" alt=\"Inbox Zero\" \/>\n<\/center>\n\n<hr \/>\n\n<h1 id=\"practical-mechanics\">Practical Mechanics<\/h1>\n<p>In my <a href=\"https:\/\/shellsharks.com\/inbox-zero#title\">previous post<\/a> on Inbox Zero, I introduce a number of concepts and steps for <em>zeroing out<\/em> an inbox, but notably absent are some of the specifics on <em>how<\/em> I actually do it. In this section, I cover the tooling, procedures and other variables I use to churn through my email.<\/p>\n\n<p>In the sections below, I cover a variety of techniques, specifics and examples for steps <strong>3<\/strong> (<em>Take Action<\/em>), <strong>4<\/strong> (<em>Save For Later<\/em>) and <strong>5<\/strong>\/<strong>6<\/strong> (<em>Archive<\/em>\/<em>Delete<\/em>) of my previously detailed <a href=\"https:\/\/shellsharks.com\/inbox-zero#lets-zero-it-out\">zeroing-out methodology<\/a>. Steps <strong>1<\/strong> (<em>Unsubscribe<\/em>) and <strong>2<\/strong> (<em>Consume<\/em>) are pretty simple so I really don\u2019t have anything else of substance to add.<\/p>\n\n<h5 id=\"taking-action\">Taking Action<\/h5>\n<p>To succeed with Inbox Zero, it is crucial to attack emails with a very action-oriented mindset. Email can not be allowed to live rent-free in your inbox or in your head. If we\u2019re not unsubscribing, easily-consuming, archiving or deleting email right away it\u2019s important to ask ourselves, \u201c<em>what needs to be done to<\/em> <strong>complete<\/strong> <em>this email<\/em>\u201d. Some techniques I employ are described below\u2026<\/p>\n\n<ul>\n  <li>\n    <p><strong>Augment your inbox with a to-do system<\/strong>: Riding side-saddle to my inbox, I rely on my trusty <a href=\"https:\/\/todoist.com\/\">to-do app<\/a> to help me remember and prioritize items. Email apps are <strong>very ineffective<\/strong> to-do apps <strong><sup><a href=\"#references\">1<\/a><\/sup><\/strong> and thus shouldn\u2019t be used as one, but your inbox <em>does generate<\/em> a lot of to-do\u2019s! Naturally then, it makes sense to <em>create<\/em> a \u201cto-do\u201d for respective items in your inbox. By doing this, you can move an email out of your main inbox and into an appropriate folder, whether that be the \u201cFor Later\u201d folder <strong><sup><a href=\"https:\/\/shellsharks.com\/inbox-zero#lets-zero-it-out\">2<\/a><\/sup><\/strong> or somewhere else. With a stub for that email now in your to-do app, you can safely have it out of your inbox and take care of it based on your own to-do methodology (more on this later <strong><sup><a href=\"#references\">11<\/a><\/sup><\/strong>).<\/p>\n\n    <p>As an example, let\u2019s say you get an email from your dentist, reminding you to schedule your six-month cleaning. Rather than leaving it in the inbox, I would create an item in my to-do app with a subject such as \u201cschedule 6-month dentist appointment\u201d, then I\u2019d <em>delete<\/em> the email! If there is information in the email I need to help schedule the appointment, I could <em>instead<\/em> move the email to the \u201cFor Later\u201d folder rather than deleting it. Once I\u2019ve completed the task, I could then go back into that folder and delete it for good.<\/p>\n\n    <p>I personally take this approach to a particular extreme. For emails that require a substantive task to be completed (i.e. not just consuming information), I will <em>often<\/em> create a to-do, even if I can complete it right away! The very act of creating the to-do and then marking it as complete has a <a href=\"#psychology\">psychologically-positive<\/a> effect. Checking things off, no matter how small, can help build productive momentum <strong><sup><a href=\"#references\">12<\/a><\/sup><\/strong>. Just be sure to not overdo it here as creating endless tiny to-dos would certainly introduce counter-productive overhead when done at scale.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Stars and flags<\/strong>: Email systems usually have the concept of <em><a href=\"https:\/\/support.google.com\/mail\/answer\/5904\">starring<\/a><\/em> or <em><a href=\"https:\/\/support.apple.com\/guide\/mail\/flag-emails-mlhlp1052\/mac\">flagging<\/a><\/em> an email as a way to denote its relative importance. If you follow the guidance from the previous bullet (creating to-do\u2019s associated with emails and tackling them that way) then you <em>technically<\/em> don\u2019t <em>really<\/em> need to utilize stars\/flags as you would be taking things <em>out<\/em> of email and prioritizing them in your to-do system instead. With that said, I still star things in my email app as it does add that extra bit of emphasis and urgency for certain emails that I know I need to get to.<\/p>\n  <\/li>\n  <li>\n    <p><strong>The power of delegation<\/strong>: Delegation is an under-utilized action in the world of people\u2019s personal email (and to-do methodologies in general). There is plenty of email I receive that in order to fully \u201ctake action\u201d on it, there is a dependency on someone else.<\/p>\n\n    <p>As an example, I may get an email about picking something up from the store but need to coordinate with my wife on when to go. In this case, the dependency is getting a response from my wife about it. Here I could forward the email to my wife (or text her), suggesting a time for me to go pick it up. Now I can move this email to \u201cFor Later\u201d as it doesn\u2019t require any additional action from me. Further, I can create a task in my to-do with a subject such as \u201cpick up the thing from the store\u201d. Here I took decisive action on the email, I progressed the task and most importantly, I got one email closer to Inbox Zero!<\/p>\n  <\/li>\n  <li>\n    <p><strong>Inbox checking frequency<\/strong>: This is entirely up to you and really just depends on your own philosophy around \u201cdisconnecting\u201d. With that said, depending on the volume of email you receive, I recommend checking it <em>somewhat<\/em> frequently in order to be able to process it in smaller chunks. (<a href=\"#psychology\">More on this later<\/a>.)<\/p>\n  <\/li>\n<\/ul>\n\n<h5 id=\"saving-for-later\">Saving for Later<\/h5>\n<p><em>OK<\/em>, so as we have seen in the <a href=\"#taking-action\">previous section<\/a>, a lot of what \u201ctaking action\u201d means in reality is in fact <strong>not<\/strong> taking <em>immediate<\/em> action but rather storing the respective item for action at a later date. There are a few techniques <em>I use<\/em> for this. You can use one or more of these simultaneously to help stay on top of what you need to do while also keeping that inbox shiny and clean.<\/p>\n\n<ul>\n  <li>\n    <p><strong>The enigmatic \u201cFor Later\u201d folder<\/strong>: I put a fair amount of things in my <em>notorious<\/em> \u201cFor Later\u201d folder <strong><sup><a href=\"https:\/\/shellsharks.com\/inbox-zero#lets-zero-it-out\">2<\/a><\/sup><\/strong> - and for a <em>variety<\/em> of reasons. One could argue, \u201c<em>why is having a bunch of stuff in a separate For Later folder better than just keeping it in your inbox?\u201d<\/em> I\u2019ll cover the <a href=\"#psychology\">psychological benefits<\/a> of this concept later, but let me start with explaining the more mechanical benefits.<\/p>\n\n    <p>It\u2019s undeniable that there is <em>some amount<\/em> of time required to mentally process\/initially-triage emails within your inbox. As you work through your inbox - deleting, archiving, consuming, <em>whatever<\/em> - you spend some time on each. By leaving an email in your inbox (rather than taking an action that would remove it from your inbox), you open yourself up to having to mentally re-assess that item as it now lies adjacent to a new (or otherwise un-processed) email that <em>actually<\/em> requires fresh review. Rather than forcing yourself to reassess these emails each and every time you check your inbox, simply move them to the \u201cFor Later\u201d folder and then review <em>that<\/em> folder at a less-frequent cadence (more on this interval below!)<\/p>\n\n    <ul>\n      <li>\n        <p><strong>\u201cFor Later\u201d folder checking frequency<\/strong>:  <em>OK<\/em>, so let\u2019s say we are moving things into the \u201cFor Later\u201d folder - how often should we then consult this folder? Ultimately, I believe this would vary from person to person and it in some ways depends on the frequency in which someone generally checks their inbox. I check my inbox multiple times daily, but I only check \u201cFor Later\u201d every couple of days <em>at most<\/em>. Here you can immediately see the time savings as I am not needing to review these each and every time I check my inbox! The idea here is to check it at a <em>much less<\/em> frequent interval. If you find yourself checking it often and generally taking no actions, you can probably check it <em>less<\/em> frequently! With all this said, there\u2019s an even better way to deal with most \u201cFor Later\u201d items. (<em>Check out the next bullet<\/em>!)<\/p>\n      <\/li>\n      <li>\n        <p><strong>For Later triggers<\/strong>: Once we start sticking lots of things in \u201cFor Later\u201d rather than keeping them in the inbox, we could really benefit from a system that helps us remember to review those items while also not necessitating needless checking of each email in that folder when no action is yet needed. So how do we achieve this? Well, in a few ways!<\/p>\n\n        <ul>\n          <li>We previously covered creating corresponding to-do tasks for emails in the <a href=\"#taking-action\">taking action<\/a> section. If you are leveraging this technique, you can close out \u201cFor Later\u201d email items at the same time you close out to-do items based on your chosen to-do methodology. <em>Sweet!<\/em><\/li>\n          <li>As another example, let\u2019s say you have a \u201cFor Later\u201d email for a delivery you are expecting that you want to make sure you receive. In this case, I have a <a href=\"https:\/\/deliveries.app\/en.html\">delivery tracking app<\/a> that monitors the progress of my delivery. Once I receive it, I can archive\/delete that email in my \u201cFor Later\u201d box.<\/li>\n          <li><em>Essentially<\/em>, the idea behind the <em>majority<\/em> of \u201cFor Later\u201d items is that there should be an external trigger that fires, reminding you to consult the \u201cFor Later\u201d box and \u201cclose out\u201d or make progress towards closure, of the email item.\n<br \/><br \/><\/li>\n        <\/ul>\n      <\/li>\n      <li>\n        <p><strong>When to take substantive action<\/strong>: How do I decide whether to take substantive action vs setting it aside <em>for later<\/em>? I don\u2019t think there is a real amount-of-time threshold for how I decide when to deal with things (the \u201cTwo Minute Rule\u201d <strong><sup><a href=\"#references\">10<\/a><\/sup><\/strong> we will <a href=\"#psychology\">discuss later<\/a> pegs the threshold at, you guessed it! - <em>2 minutes<\/em>). For me, this is more of a, <em>what do I feel like doing right now<\/em> or <em>what do I have time to do right now<\/em> question. <strong><sup><a href=\"#references\">11<\/a><\/sup><\/strong><\/p>\n      <\/li>\n      <li>\n        <p><strong>Don\u2019t leave things in your inbox you will never get to<\/strong>! This is a simple axiom. Just get rid of it! (or archive somewhere)<\/p>\n      <\/li>\n      <li>\n        <p><strong>What actually ends up in the \u201cFor Later\u201d folder?<\/strong>: This will vary person to person, but for me it\u2019s things like tracking number emails, online order confirmations, future travel artifacts\/events (e.g. flight\/excursion confirmations), assorted to-do\u2019s (that of course have corresponding records in my to-do app), and really any other item that I <em>know<\/em> I want to get to eventually but don\u2019t really care when.\n<br \/><\/p>\n      <\/li>\n    <\/ul>\n  <\/li>\n  <li>\n    <p><strong>When do I leave things in the inbox?<\/strong>: In some cases, I leave things in my inbox rather than moving to the \u201cFor Later\u201d folder after triaging. <em>What<\/em>?? Isn\u2019t that contrary to what I suggested earlier? <em>Kinda<\/em>, but let me explain\u2026 I detailed earlier how items that make their way into the \u201cFor Later\u201d folder are typically tied to a to-do or some other external trigger. Well if there is an item that <em>doesn\u2019t<\/em> have a trigger, or a to-do, and needs to be addressed in relatively short-order, I will sometimes decide to just leave it in my inbox. Alternatively, for items that I want to constantly remind myself of, I leave it in the inbox as my eyes will continually be drawn to it each and every time I check my email.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Snoozing<\/strong>: One feature that a lot of email providers have adopted is \u201c<strong><a href=\"https:\/\/support.google.com\/mail\/answer\/7622010\">Snooze<\/a><\/strong>\u201d. This is a very easy way to move an item <em>for later<\/em> based on a chosen time-delay. I use this in cases where I know I need to check in on something at a particular date and don\u2019t want to create a to-do for it instead.<\/p>\n  <\/li>\n<\/ul>\n\n<h5 id=\"archival-vs-deletion\">Archival vs Deletion<\/h5>\n<p>I wanted to provide a quick (list driven, <em>of course<\/em>) process flow related to steps <strong>5<\/strong>\/<strong>6<\/strong> from my <a href=\"https:\/\/shellsharks.com\/inbox-zero#lets-zero-it-out\">high-level zero-out playbook<\/a>.<\/p>\n\n<p>Once you\u2019ve taken all non-storage\/deletion-related actions on an email, follow the following steps for processing.<\/p>\n\n<ol>\n  <li><strong>Do you need this email<\/strong>? <em>No?<\/em> Delete. <em>Yes?<\/em> Go to Step 2.<\/li>\n  <li><strong>Do I have an existing folder\/label that I can archive this email into<\/strong>? <em>Yes<\/em>? Put email in that folder. <em>No<\/em>? Go to Step 3.<\/li>\n  <li><strong>Does it make sense to create a new folder for emails of this type<\/strong>? <em>Yes<\/em>? Create folder, archive email into the new folder. <em>No<\/em>? <em>Generically<\/em> <a href=\"https:\/\/support.google.com\/mail\/answer\/6576\">archive<\/a> it rather than deleting it.<\/li>\n<\/ol>\n\n<p>The idea behind the final flow of Step 3 is that we can archive things \u201cgenerically\u201d so that we can search for and find things later. By doing so, we do not introduce unnecessary clutter into another folder\/label nor will we necessitate the creation of a new folder\/label that will never have much in it. <em>Nice<\/em>!<\/p>\n\n<h2 id=\"email-processing-flow\">Email Process(ing) Flow<\/h2>\n<p>To help illustrate the overall process flow of how I <em>process<\/em> my email, I\u2019ve developed the following diagram.<\/p>\n\n<center>\n<img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/EmailProcessFlow.png\" alt=\"Email Processing Flow\" \/>\n<\/center>\n\n<hr \/>\n\n<h1 id=\"psychology\">Psychology<\/h1>\n\n<p><em>Alright<\/em>, assuming you read the <a href=\"#practical-mechanics\">previous section<\/a>, you now know <em>WAY<\/em> more about my e-mail processing workflow than any normal human should. Let\u2019s now get into <strong>why<\/strong> managing your email in this way is good for you straight-up <em>emotionally<\/em>. This section will introduce a variety of semi-isolated topics, associating well and independently researched scientific studies with the relevant qualities of \u201cInbox Zero\u201d. <em>Buckle up<\/em>!<\/p>\n\n<blockquote>\n  <p><em>If a cluttered <strike>desk<\/strike> inbox is a sign of cluttered mind, of what, then, is an organized <strike>desk<\/strike> inbox a sign?<\/em> <strong><sup><a href=\"#references\">3<\/a><\/sup><\/strong><\/p>\n<\/blockquote>\n\n<ul>\n  <li>\n    <p>You may be familiar with <a href=\"https:\/\/en.wikipedia.org\/wiki\/Marie_Kondo\">Marie Kondo<\/a>\u2019s <a href=\"https:\/\/konmari.com\/about-the-konmari-method\/\">KonMari<\/a> method for organization, the main principle being you keep only those things that \u201cspark joy\u201d. I don\u2019t recommend following this <em>exactly<\/em> in the context of your email (as there is plenty of email I <em>need<\/em> that doesn\u2019t quite <em>spark joy<\/em>) but I think the underlying thought here makes sense. Keep only what you need (or of course, <em>enjoy<\/em>). For everything else, <strong>delete<\/strong> or <strong>unsubscribe<\/strong>! In this way, you can transform and then live your (digital) life the way you want.<\/p>\n  <\/li>\n  <li>\n    <p>The second tenant of the <em>KonMari<\/em> method is to ensure everything has a place to go. In the context of your email, this means for things you <em>do<\/em> want to keep, make sure they are filed away in an appropriate place. Essentially, this is digital house-keeping. Collectively, this methodology promotes mindfulness, introspection and an eye towards the future. <strong><sup><a href=\"#references\">4<\/a><\/sup><\/strong><\/p>\n  <\/li>\n  <li>\n    <p>A <em>2011 Princeton study<\/em> titled \u201c<a href=\"https:\/\/www.ncbi.nlm.nih.gov\/pmc\/articles\/PMC3072218\/\">Interactions of Top-Down and Bottom-Up Mechanisms in Human Visual Cortex<\/a>\u201d <strong><sup><a href=\"#references\">5<\/a><\/sup><\/strong>  (<em>inhales<\/em>) explains how clutter impairs focus, thus making it more difficult to complete tasks efficiently. I won\u2019t regurgitate the rather complex science introduced by the research, but what I <em>can<\/em> say is that when applied to how one might review\/process their email, it would follow that by actively reducing the amount of items in your inbox, you can maintain an environment (one with less overall emails) that is scientifically better suited for efficiency\/productivity. In other words, even if you can\u2019t achieve truly <strong>0<\/strong> emails (effectively, <em>Inbox Zero<\/em>), the sheer fact that you have very few emails in your inbox promotes a more effective working environment.<\/p>\n  <\/li>\n  <li>\n    <p>A <em>Dutch study from 2017<\/em> titled \u201c<a href=\"https:\/\/www.researchgate.net\/publication\/327022122_Impact_of_cleanliness_on_the_productivity_of_employees\">Impact of cleanliness on the productivity of employees<\/a>\u201d <strong><sup><a href=\"#references\">6<\/a><\/sup><\/strong> investigates the correlation between cleanliness and productivity. Unsurprisingly, it was found that cleanliness significantly increased perceived productivity and general work satisfaction. This follows with the previously mentioned research <strong><sup><a href=\"#references\">5<\/a><\/sup><\/strong> - having a clean or otherwise organized <em>environment<\/em> (whatever that may be) fosters productivity and efficiency! Traditional wisdom suggests that having an organized workstation helps promote productivity. Given our reliance on email as a primary means in which we collaborate and work, it makes sense for us to keep our inbox and other respective email folders clean and tidy.<\/p>\n  <\/li>\n  <li>To wrap up the theme of <strong>organization &amp; cleanliness<\/strong> and how it applies to email, consider some of the following statistics on <a href=\"https:\/\/www.simplyproductive.com\/2012\/03\/time-management-statistics\/\">Organizing &amp; Time Management<\/a> gathered by the author of the blog <a href=\"https:\/\/www.simplyproductive.com\/\">Simply Productive<\/a>. These stats lay bare the cost of clutter and disorganization.\n    <ul>\n      <li>One stat describes the amount of time (~150 hours\/year) wasted searching for lost information. The National Association of Professional Organizers (<a href=\"https:\/\/www.napo.net\">NAPO<\/a>) even claims that on average, we spend one year of our lives looking for lost items. With a properly pruned and sorted email system, you can significantly reduce the time it takes to find things in your email!<\/li>\n      <li>Email is increasing in print volume by <strong>40%<\/strong>! This is why ruthlessly <em>unsubscribing<\/em> is one of the more powerful tools at your disposal.<\/li>\n      <li>Using proper organization tools can improve time management by almost 40%. <em>Inbox Zero<\/em>, to-do lists, and all the other <a href=\"#practical-mechanics\">tactics<\/a> described in <a href=\"https:\/\/shellsharks.com\/tags?tag=inboxzero\">this series<\/a> can be certainly be considered as some of these tools.\n<br \/><br \/><\/li>\n    <\/ul>\n  <\/li>\n  <li>\n    <p>The benefits of <em>being organized<\/em> don\u2019t end with increased productivity though, there is also very compelling science which points to its stress-reduction qualities as well!<\/p>\n  <\/li>\n  <li>\n    <p>In one study, titled \u201c<a href=\"https:\/\/pubmed.ncbi.nlm.nih.gov\/19934011\/\">No place like home: home tours correlate with daily patterns of mood and cortisol<\/a>\u2026\u201d <strong><sup><a href=\"#references\">7<\/a><\/sup><\/strong> ( <a href=\"http:\/\/repettilab.psych.ucla.edu\/no%20place%20like%20home.pdf\"><i class=\"ph ph-file-text\"><\/i><\/a> ), the researchers identified a correlation between how individuals described their home, and the severity of depressed mood they experienced. In this experiment, even recounting the general cleanliness\/organizational-state of their home proved to be stressful (when the individuals in fact had cluttered homes). What I take away is that people who strive to, and succeed in maintaining an acceptable level of organization\/cleanliness will in turn be less stressed! This idea is enforced by a subsequent study, \u201c<a href=\"https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S0272494416300159?via%3Dihub\">The dark side of home: Assessing possession \u2018clutter\u2019 on subjective well-being<\/a>\u201d <strong><sup><a href=\"#references\">8<\/a><\/sup><\/strong>, which concludes that clutter has a negative impact on the psychological home and subjective well-being. This is due to our inherent need to identify self with our physical environment, of which a messy or cluttered one does not reflect well. Put it all together and one could surmise that messiness in general, whether it be in an inbox or in the home, can introduce unwanted stress.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Saving time<\/strong> - which can be achieved through improved <em>efficiency<\/em>, <a href=\"https:\/\/doi.org\/10.1080\/01443410.2013.785065\">has been proven to reduce\/prevent stress<\/a>. <strong><sup><a href=\"#references\">9<\/a><\/sup><\/strong><\/p>\n  <\/li>\n  <li>\n    <p>So we now have the basis for how <em>organization<\/em> and <em>cleanliness<\/em> can improve productivity, efficiency and even reduce stress. Let\u2019s talk about how we apply the psychology of task management \/ <a href=\"https:\/\/gettingthingsdone.com\/\">GTD<\/a> <strong><sup><a href=\"#references\">11<\/a><\/sup><\/strong> in the context of Inbox Zero\u2026<\/p>\n  <\/li>\n  <li>\n    <p>Let\u2019s start with the \u201c<a href=\"http:\/\/www.priorigami.com\/blog\/the-two-minute-rule\">Two Minute Rule<\/a>\u201d <strong><sup><a href=\"#references\">10<\/a><\/sup><\/strong>, first introduced by <a href=\"https:\/\/en.wikipedia.org\/wiki\/David_Allen_(author)\">David Allen<\/a> in \u201c<a href=\"https:\/\/gettingthingsdone.com\/\">Getting Things Done<\/a>\u201d. The rule simply states, \u201c<em>If you can complete a task in less than two minutes, you should just do it<\/em>.\u201d This is a core tenant of the Inbox Zero methodology. <em>Look<\/em>, no one loves procrastinating more than me, but by just <em>doing it<\/em>, you can clear things out of the inbox (reducing clutter) and start building productive momentum <strong><sup><a href=\"#references\">12<\/a><\/sup><\/strong> by completing the micro-tasks that these emails represent. <strong><sup><a href=\"#references\">13<\/a><\/sup><\/strong><\/p>\n  <\/li>\n  <li>\n    <p>At the end of the day, an inbox is really just a list of things <em>to do<\/em> (e.g. read, delete, archive, etc\u2026). A lot of peoples inboxes are PACKED, with 10\u2019s, 100\u2019s, even <a href=\"inbox-zero#title\">1000\u2019s+<\/a> of emails. This is naturally a bit overwhelming. Well David Allen is back with some really great advice on <a href=\"https:\/\/gettingthingsdone.com\/2021\/06\/are-you-overwhelmed-by-long-lists\/\">how to leverage a GTD philosophy to mentally tackle a large list of to-dos<\/a>. He condenses the complexities of every day task prioritization into three separate dynamics - <strong>limitations<\/strong>, <strong>adaptability<\/strong> &amp; <strong>life purpose<\/strong>.<\/p>\n  <\/li>\n  <li>\n    <p>E.J. Masicampo, a Psychology professor at <a href=\"https:\/\/psychology.wfu.edu\/about-the-department\/\">Wake Forest University<\/a>, has <a href=\"http:\/\/psychology.wfu.edu\/about-the-department\/faculty-and-staff\/e-j-masicampo\/\">documented research<\/a> examining the relationship between having too many \u201cgoals\u201d activated within one\u2019s environment and how that constrains mental faculties. In the context of email \/ lists in general, he <em>essentially<\/em> postulates that by having too many visible to-dos (or things on your list) at one time you compromise your mental effectiveness. He goes on to say that attention can be freed by satisfying \u201cactive goals\u201d, such as through <em>plan making<\/em> or goal completion. One way in which to \u201cmake plans\u201d in this context, and in the world of Inbox Zero, is to decompose a more complex task (originating in this case from an email) by creating a series of micro-tasks <strong><sup><a href=\"#references\">13<\/a><\/sup><\/strong>, thus devising a <em>plan<\/em> to complete the overall task.<\/p>\n  <\/li>\n  <li>\n    <p>The \u201c<a href=\"https:\/\/en.wikipedia.org\/wiki\/Zeigarnik_effect\">Zeigarnik Effect<\/a>\u201d states that \u201c<em>people tend to remember unfinished or incomplete tasks better than completed tasks<\/em>\u201d. This model suggests a key to overcoming procrastination is to simply, <em>just get started<\/em>. So by leveraging something like the <strong>Two Minute Rule<\/strong> <strong><sup><a href=\"#references\">10<\/a><\/sup><\/strong>, we can psychologically build productive momentum. Further, the Zeigarnik Effect suggests that mental health improvements can be achieved by <strong>A.<\/strong> <em>NOT<\/em> having incomplete items languishing in your to-do list and relatedly, <strong>B.<\/strong> the sense of accomplishment you get by completing tasks. <strong><sup><a href=\"#references\">13<\/a><\/sup><\/strong><\/p>\n  <\/li>\n  <li>\n    <p>In fact, it\u2019s well understood that when we humans <em>check things off<\/em>, <a href=\"https:\/\/facilethings.com\/blog\/en\/micro-tasks\">our brains release dopamine<\/a> that in turn makes us feel, <em>amazing<\/em>. That satisfaction and sense of accomplishment can have a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Snowball_effect\">snowball effect<\/a>, motivating us to continue completing <em>even more<\/em> tasks. By leveraging this simple psychology, we can overcome procrastination by starting small and working our way towards larger and larger tasks. Where a task may be too large and intimidating to begin, consider breaking it into smaller, more atomic micro-tasks, each of which is more easily individually digestable.<\/p>\n  <\/li>\n  <li><strong>A word of warning!<\/strong>: While leveraging to-do lists and <a href=\"https:\/\/gettingthingsdone.com\/\">GTD<\/a> <strong><sup><a href=\"#references\">11<\/a><\/sup><\/strong> methodologies has a lot of practical utility, be weary of over-generating to-dos in the name of micro-task-completing <strong><sup><a href=\"#references\">13<\/a><\/sup><\/strong>. This is the way towards developing an <a href=\"https:\/\/iocdf.org\/about-ocd\/\">OCD complex<\/a>.<\/li>\n<\/ul>\n\n<h5 id=\"outro\">Outro<\/h5>\n\n<p>At the end of the day, how and what you do with your email is somewhat personal and what\u2019s \u201cbest\u201d for one person will not necessarily be the same for someone else. If you are drowning in email or like the idea of <em>Inbox Zero<\/em>, consider this slightly tweaked approach!<\/p>\n\n<hr \/>\n\n<h1 id=\"references\">References<\/h1>\n<ul>\n  <li><a href=\"https:\/\/shellsharks.com\/inbox-zero#title\">The Zen of Inbox Zero<\/a><\/li>\n  <li><a href=\"https:\/\/www.youtube.com\/watch?v=z9UjeTMb3Yk\">Inbox Zero by Merlin Mann<\/a><\/li>\n  <li><a href=\"https:\/\/todoist.com\/\">Todoist<\/a><\/li>\n  <li><a href=\"https:\/\/support.google.com\/mail\/answer\/5904\">Starring<\/a>, <a href=\"https:\/\/support.apple.com\/guide\/mail\/flag-emails-mlhlp1052\/mac\">Flagging<\/a> &amp; <a href=\"https:\/\/support.google.com\/mail\/answer\/7622010\">Snoozing<\/a><\/li>\n  <li><strong><sup>1<\/sup><\/strong> <a href=\"https:\/\/blog.superhuman.com\/inbox-zero-method\/\">SUPERHUMAN | Everything you need to know about the Inbox Zero Method<\/a><\/li>\n  <li><strong><sup>2<\/sup><\/strong> <a href=\"https:\/\/shellsharks.com\/inbox-zero#lets-zero-it-out\">Let\u2019s Zero It Out - Step 4<\/a><\/li>\n  <li><a href=\"https:\/\/deliveries.app\/\">Deliveries<\/a><\/li>\n  <li><strong><sup>3<\/sup><\/strong> <a href=\"https:\/\/quoteinvestigator.com\/2017\/09\/02\/clutter\/\">Quote Investigator<\/a><\/li>\n  <li><strong><sup>4<\/sup><\/strong> <a href=\"https:\/\/konmari.com\/about-the-konmari-method\/\">KonMari Method<\/a><\/li>\n  <li><strong><sup>5<\/sup><\/strong> <a href=\"https:\/\/www.ncbi.nlm.nih.gov\/pmc\/articles\/PMC3072218\/\">Interactions of Top-Down and Bottom-Up Mechanisms in Human Visual Cortex<\/a><\/li>\n  <li><strong><sup>6<\/sup><\/strong> <a href=\"https:\/\/www.researchgate.net\/publication\/327022122_Impact_of_cleanliness_on_the_productivity_of_employees\">Impact of cleanliness on the productivity of employees<\/a><\/li>\n  <li><a href=\"https:\/\/www.simplyproductive.com\/\">Simply Productive<\/a><\/li>\n  <li><strong><sup>7<\/sup><\/strong> <a href=\"https:\/\/pubmed.ncbi.nlm.nih.gov\/19934011\/\">No place like home: home tours correlate with daily patterns of mood and cortisol\u2026<\/a><\/li>\n  <li><strong><sup>8<\/sup><\/strong> <a href=\"https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S0272494416300159?via%3Dihub\">The dark side of home: Assessing possession \u2018clutter\u2019 on subjective well-being<\/a><\/li>\n  <li><strong><sup>9<\/sup><\/strong> <a href=\"https:\/\/www.tandfonline.com\/doi\/abs\/10.1080\/01443410.2013.785065\">Stress prevention through a time management training intervention: an experimental study<\/a><\/li>\n  <li><strong><sup>10<\/sup><\/strong> <a href=\"http:\/\/www.priorigami.com\/blog\/the-two-minute-rule\">Two Minute Rule<\/a><\/li>\n  <li><strong><sup>11<\/sup><\/strong> <a href=\"https:\/\/gettingthingsdone.com\/\">Getting Things Done | GTD<\/a><\/li>\n  <li><a href=\"http:\/\/psychology.wfu.edu\/about-the-department\/faculty-and-staff\/e-j-masicampo\/\">E.J. Masicampo Research Interests<\/a><\/li>\n  <li><strong><sup>12<\/sup><\/strong> <a href=\"https:\/\/en.wikipedia.org\/wiki\/Zeigarnik_effect\">Zeigarnik Effect<\/a><\/li>\n  <li><strong><sup>13<\/sup><\/strong> <a href=\"https:\/\/facilethings.com\/blog\/en\/micro-tasks\">Micro-Tasks. The Pleasure of Checking Off<\/a><\/li>\n<\/ul>\n","pubDate":"Wed, 27 Jul 2022 02:50:00 -0400","link":"https:\/\/shellsharks.com\/inbox-zero-part-2","guid":"https:\/\/shellsharks.com\/inbox-zero-part-2","category":["technology","life","inboxzero","technology","life","blog"]},{"title":"The Shellsharks Logo Chronicles","description":"<p>This piece details the craziness that is the <a href=\"https:\/\/shellsharks-images.s3.amazonaws.com\/shellsharks.png\">Shellsharks logo<\/a>. <img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/shellsharks.png\" style=\"display:inline; height:2em;\" \/><\/p>\n\n<style>\n\/* (A) TIMELINE CONTAINER *\/\n\/* https:\/\/code-boxx.com\/simple-pure-css-timeline\/#sec-altv *\/\n.vtl {\n  \/* (A1) RELATIVE POSITION REQUIRED TO PROPERLY POSITION THE TIMELINE *\/\n  position: relative;\n\n  \/* (A2) RESERVE MORE SPACE TO THE LEFT FOR THE TIMELINE *\/\n  padding: 10px 10px 10px 50px;\n\n  \/* (A3) OPTIONAL WIDTH RESTRICTION *\/\n  max-width: 100%;\n}\n.vtl, .vtl * { box-sizing: border-box; }\n\n\/* (B) DRAW VERTICAL LINE USING ::BEFORE *\/\n.vtl::before {\n  \/* (B1) VERTICAL LINE *\/\n  content: \"\";\n  width: 5px;\n  background-color: #CA3342;\n\n  \/* (B2) POSITION TO THE LEFT *\/\n  position: absolute;\n  top: 0; bottom: 0; left: 15px;\n}\n\n\/* (C) COSMETICS FOR EVENTS *\/\ndiv.event {\n  padding: 20px 30px;\n  background-color: #D5D5D5;\n  position: relative;\n  border-radius: 6px;\n  margin-bottom: 10px;\n}\n\n\/* (D) COSMETICS FOR EVENT DATE & TEXT *\/\nh3.date {\n  font-size: 1.1em;\n  font-weight: 700;\n  color: #CA3342;\n}\np.txt {\n  margin: 10px 0 0 0;\n  color: #222;\n}\n\na.txt { color: #CA3342;}\n\n\/* (E) EVENT \"SPEECH BUBBLE CALLOUT\" *\/\ndiv.event::before {\n  \/* (E1) \"MAGIC TRIANGLE\" *\/\n  content: \"\";\n  border: 10px solid transparent;\n  border-right-color: #ffebeb;\n  border-left: 0;\n\n   \/* (E2) POSITION TO THE LEFT *\/\n  position: absolute;\n  top: 20%; left: -10px;\n}\n\n\/* (F) CIRCLE ON TIMELINE *\/\ndiv.event::after {\n  \/* (F1) \"MAGIC CIRCLE\" *\/\n  content: \"\";\n  background: #D5D5D5;\n  border: 4px solid #CA3342;\n  width: 16px; height: 16px;\n  border-radius: 50%;\n\n  \/* (F2) POSITION TO THE LEFT *\/\n  position: absolute;\n  top: 20%; left: -44px;\n}\n\n\/* https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/CSS\/CSS_Grid_Layout\/Basic_Concepts_of_Grid_Layout *\/\n.wrapper {\n  display: grid;\n  grid-template-columns: 1fr 1fr 1fr;\n}\n\n<\/style>\n\n<p><em>Ok<\/em>, so I realize it\u2019s less of a <em>logo<\/em> and more of a complicated graphic I use as the \u201csplash screen\u201d of sorts for the site. I understand that logos, generally speaking, are <a href=\"https:\/\/shellsharks.com\/pro\">far simpler<\/a> and this is anything but. <em>In any case<\/em>\u2026 let\u2019s get into it!<\/p>\n\n<h1 id=\"inner-space\">Inner Space<\/h1>\n\n<p>I like to think of the logo in terms of two distinct <em>regions<\/em>, the \u201c<a href=\"#inner-space\">Inner Space<\/a>\u201d which houses the <a href=\"#shellsharks-logo-symbology\">7 individual smaller circular symbols<\/a> and the \u201c<a href=\"#outer-space\">Outer Space<\/a>\u201d which is essentially the large red ring with the <a href=\"#sharks\">3 sharks<\/a>, <a href=\"#qr\">QR code<\/a> and <a href=\"#cipher-challenge\">ring of binary characters<\/a>.<\/p>\n\n<h2 id=\"the-cyber-kill-chain\">The Cyber Kill Chain<\/h2>\n\n<p>The primary inspiration for the symbology in the <a href=\"#inner-space\">Inner Space<\/a> is Lockheed Martin\u2019s <a href=\"https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.htm\">Cyber Kill Chain<\/a>. Though I know this model has been somewhat deprecated in favor of newer frameworks such as <a href=\"https:\/\/attack.mitre.org\">MITRE ATT&amp;CK<\/a>, I still think the <em>Kill Chain<\/em> has valuable (albeit more simplistic) applicability. Also, capturing <em>ATT&amp;CK<\/em> in a graphic similar to the existing one would be even more insanely complex!<\/p>\n\n<h2 id=\"shellsharks-logo-symbology\">Shellsharks Logo Symbology<\/h2>\n\n<p>Let\u2019s walkthrough the sequence of 7 symbols and how they visually represent each phase of the <em><a href=\"https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.htm\">Kill Chain<\/a><\/em>. (<strong>Note<\/strong>: You may need to zoom in on the individual icons as we go).<\/p>\n\n<div class=\"vtl\">\n  <div class=\"event\">\n    <h3 class=\"date\" id=\"reconnaissance\">Reconnaissance<\/h3>\n    <p class=\"txt\">Starting on the left, we see a variety of satellites, satellite dishes and cameras all pointing towards the <a href=\"#actions-on-objectives\" class=\"txt\">center circle<\/a>. This represents <i>reconnaissance<\/i> performed against the target which is, again represented by the center icon. Note how the reconnaissance logo is the first one the <a href=\"#sharks\" class=\"txt\">sharks<\/a> on the left are swimming to, which is meant to signify that it is the first step for the attacker (i.e. the sharks).<\/p>\n    <center><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/shellsharks-reconnaissance.png\" width=\"600px\" \/><\/center>\n  <\/div>\n  <div class=\"event\">\n    <h3 class=\"date\" id=\"weaponization\">Weaponization<\/h3>\n    <p class=\"txt\">The second circle represents <i>weaponization<\/i>. As such, I've put a lot of weapon-related icons (e.g. swords, arrows) and <a href=\"https:\/\/military-history.fandom.com\/wiki\/Laurel_wreath\" class=\"txt\">military-invoking visuals<\/a> into the icon.<\/p>\n    <center><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/shellsharks-weaponization.png\" width=\"600px\" \/><\/center>\n  <\/div>\n  <div class=\"event\">\n    <h3 class=\"date\" id=\"delivery\">Delivery<\/h3>\n    <p class=\"txt\">Here we can see a rocket launch, simply depicting payload <i>delivery<\/i>.<\/p>\n    <center><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/shellsharks-delivery.png\" width=\"600px\" \/><\/center>\n  <\/div>\n  <div class=\"event\">\n    <h3 class=\"date\" id=\"exploitation\">Exploitation<\/h3>\n    <p class=\"txt\">There is quite a bit of symbology going on in this icon. We have the <i>exploit<\/i> \"chain\" (meant to look like 1's and 0's) going around the outside portion of the circle. There is a computer with a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Kraken\" class=\"txt\">kraken<\/a> on it (meant to just be menacing). We are running our exploit (on a Unix-based machine presumably) via <i>.\/exploit<\/i>. Finally, we have a soup of 1's and 0's interspersed and spilling out of the logo into the following phase.<\/p>\n    <center><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/shellsharks-exploitation.png\" width=\"600px\" \/><\/center>\n  <\/div>\n  <div class=\"event\">\n    <h3 class=\"date\" id=\"installation\">Installation<\/h3>\n    <p class=\"txt\">Here we see the stream of 1's and 0's from our exploitation phase being piped into the victim computer. The computer has a downward arrow to very plainly represent <i>installation<\/i> of malicious code.<\/p>\n    <center><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/shellsharks-installation.png\" width=\"600px\" \/><\/center>\n  <\/div>\n  <div class=\"event\" id=\"c2\">\n    <h3 class=\"date\">Command &amp; Control (C2)<\/h3>\n    <p class=\"txt\">This icon depicts a terminal interacting with a seemingly remote installation (i.e. one on a distant planet). This particular icon I've always really loved as it reminds me of the <a href=\"https:\/\/starwars.fandom.com\/wiki\/Endor_shield_generator_bunker\" class=\"txt\">Endor shield generator dish<\/a> from <a href=\"https:\/\/www.imdb.com\/title\/tt0086190\/\" class=\"txt\">Return of the Jedi<\/a>.<\/p>\n    <center><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/shellsharks-c2.png\" width=\"600px\" \/><\/center>\n  <\/div>\n  <div class=\"event\">\n    <h3 class=\"date\" id=\"actions-on-objectives\">Actions on Objectives<\/h3>\n    <p class=\"txt\">Finally, we have the \"<i>Actions on Objectives<\/i>\" icon. Here we see a road to a building that's meant to be \"Capitol-esque\" with fireworks and the letters \"DC01\" above it. The idea here is that the objective was to capture the DC (i.e. Domain Controller). <i>Basic, I know right<\/i>?<\/p>\n    <center><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/shellsharks-actions.png\" width=\"600px\" \/><\/center>\n  <\/div>\n<\/div>\n\n<hr \/>\n\n<h1 id=\"outer-space\">Outer Space<\/h1>\n\n<p>Now we blast into Outer Space (the area of the logo which contains the <a href=\"#sharks\">sharks<\/a>, <a href=\"#qr\">QR code<\/a> and <a href=\"#cipher-challenge\">enciphered binary ring<\/a>)\u2026<\/p>\n\n<p><i class=\"ph ph-rocket-launch lg\"><\/i><\/p>\n\n<h2 id=\"sharks\">Sharks<\/h2>\n\n<p>Threat actors, hackers, red teamers, etc\u2026<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/sharks.png\" width=\"175px\" \/><\/p>\n\n<h2 id=\"qr\">QR<\/h2>\n\n<p>Scan it (<em>or click<\/em>) and find out! Probably not malware\u2026<\/p>\n\n<p><a href=\"https:\/\/shellsharks.com\/qr\"><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/qr.PNG\" width=\"175px\" \/><\/a><\/p>\n\n<h2 id=\"cipher-challenge\">Cipher Challenge<\/h2>\n\n<p>The binary stream encircling the logo is in fact ciphertext. Older variants of the logo contained clues for decryption. The current logo <em>doesn\u2019t really<\/em>. I should probably add some clues back\u2026 To get ya started, I have provided the ciphertext below. <em>Good luck<\/em>!<\/p>\n\n<p class=\"primarycolor\" style=\"font-family: 'Courier New'; font-weight:bold;\">01010111 00110110 01000101 01101111<br \/>01010101 01101001 01110111 01001110<br \/>01100111 01001110 00110111 01000001<br \/>01001001 01010000 01010100 01111010<br \/>01000100 01011010 01100001 01101100<br \/>01110110 01110111 00111101 00111101<\/p>\n\n<hr \/>\n\n<h1 id=\"history\">History<\/h1>\n\n<p><strong>Behold<\/strong>! The evolution of the logo\u2026 I don\u2019t think either of the first two were ever actually on the public site though.<\/p>\n\n<div class=\"wrapper\">\n  <div class=\"box box1\"><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/logo-gen1.png\" \/><\/div>\n  <div class=\"box box2\"><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/logo-gen2.png\" \/><\/div>\n  <div class=\"box box3\"><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2022\/logo-gen3.png\" \/><\/div>\n<\/div>\n","pubDate":"Mon, 25 Jul 2022 07:00:00 -0400","link":"https:\/\/shellsharks.com\/shellsharks-logo","guid":"https:\/\/shellsharks.com\/shellsharks-logo","category":["shellsharks","infosec","life","infosec","life","blog"]},{"title":"A rant on traditional resumes","description":"<p>I recently re-thought the visuals and content-approach for my professional resume, the outcome of which you can find a <a href=\"https:\/\/shellsharks.com\/resume\">digital version of on my site<\/a>. The big difference between this <em>new<\/em> approach and the <em>traditional<\/em> approach is I have not included the <em>list-of-each-job-in-chronological-order-with-what-I-did-at-each-place<\/em> <strong>stuff<\/strong> that you typically see. Instead, I have summarized the projects and skills that best summarize my experience and included an alphabetical list of places I have worked. Let me explain why I don\u2019t like the traditional approach\u2026<\/p>\n\n<ul>\n  <li>\n    <p>I find that the focus being on <strong>where you\u2019ve worked<\/strong> as opposed to <em>what your achievements are<\/em> is really just a means by which prospective hiring teams can discriminate against you or otherwise discount valuable experience you have because they don\u2019t like or know the company that that experience was associated with. That\u2019s not to say that 5 years of experience at Google is the same as 5 years experience at some small company, but in the end, I\u2019ve never been in an actual interview where it\u2019s seemed like I\u2019ve gotten points based on where I\u2019ve worked in the past. Ultimately, I still needed to prove my knowledge in the interview and that can be done by anyone with the skills\/confidence required, not just by those with the \u201cbest\u201d companies listed.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Total years experience<\/strong>. This <em>is<\/em> and <em>has always been<\/em> a dreadful way of judging someone\u2019s relative skill. There are <em>plenty<\/em> of 10+ year pros who can\u2019t do half of what some talented up-starts with 3 years experience can do. In a traditional resume, you have to list time and duration for <em>every<\/em>. <em>single<\/em>. <em>job<\/em>. This artificial handicap serves only to limit otherwise equally\/more-talented younger professionals.<\/p>\n  <\/li>\n  <li>\n    <p>Speaking of \u201ctotal years experience\u201d, what about having to <strong>include jobs you held 7+ or even 10+ years ago<\/strong>? This is often expected \/ required on traditional resumes but does little to help bolster the way you market yourself. Companies should care about what relevant skills you have, not what you were up to <em>that<\/em> long ago. This serves only as a way for companies to potentially profile or judge you based on what you did in the past. For example, let\u2019s say you served on a help desk 10 years ago, maybe a company will think negatively of that experience. Why share your entry-level experience when they are looking for what you have done at a more senior level?<\/p>\n  <\/li>\n  <li>\n    <p><strong>Project\/job held duration<\/strong>. This is one of my <em>least<\/em> favorite things that is expected on traditional resumes. The point here I guess is that companies want to know if you\u2019re some sort of serial job hopper. But there are <em>LOTS<\/em> of reasons to leave a job, many of which do not or <em>should not<\/em> reflect poorly on a prospective candidate. But, despite this, I think most prospective hiring panels see short stints on a resume and think the worst, even in areas (DC metro anyone?) where short-term consulting gigs are not only common, but potentially the norm!<\/p>\n  <\/li>\n<\/ul>\n\n<p>Instead of having to conform to this exact resume format, why not market yourself how <em>YOU<\/em> want to market yourself? Traditional resume formats are designed to put <em>you<\/em> at a disadvantage, revealing everything about yourself while the company has to reveal nothing about itself. Does the company you\u2019re applying for have to reveal everyone it has fired and why? Does it have to reveal past or future lay-off plans? Though some companies are more transparent than others, all of them - and I mean 100% of them reveal less about themselves to a prospective employee as you must divulge to them. A background check is a good example of this, when\u2019s the last time you ran a background check on a company? We, as a society of professionals need to change our mindset on resumes, and begin to collectively accept non-standard resume formats.<\/p>\n","pubDate":"Wed, 01 Sep 2021 01:30:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2021\/09\/01\/a-rant-on-traditional-resumes","guid":"https:\/\/shellsharks.com\/notes\/2021\/09\/01\/a-rant-on-traditional-resumes","category":["life","rant"]},{"title":"Shock & Awe, a Tesla Revue","description":"<div class=\"poem\">\n<center><i class=\"ph ph-lightning lg\" style=\"color:yellow; margin: 0 auto;\"><\/i><br \/><br \/><\/center>\nWith thunderous prose,<br \/>\nI conduct this review.<br \/>\nI'm amped to share,<br \/>\nand transform your view. <br \/><br \/>\nThe joule of my garage,<br \/>\nit never stays static.<br \/>\nCaught lightning in a bottle,<br \/>\ndid Elon so emphatic.<br \/><br \/>\nIn a flash you will see,<br \/>\nwhat I bring to light.<br \/>\nMy current thoughts of Tesla,<br \/>\nso don't storm off, take flight.<br \/><br \/>\nMy poetic energy fades,<br \/>\nwe must bolt to it.<br \/>\nSo watt are we waiting for,<br \/>\nWe've come full circuit.\n<\/div>\n\n<hr \/>\n\n<center><div class=\"containbox\"><b>Update as of January 30, 2025:<\/b> <i>Given the current state of things with Tesla, and more specifically, with its owner, I felt compelled to add a quick note here. I still love EVs, and I think... despite everything, that Teslas are \\*still\\* great cars. BUT! I wouldn't recommend you buy one, not anymore. I also want to emphatically state that what Elon has chosen to stand for, is anti- <b>everything<\/b> I stand for.<\/i><\/div><\/center>\n\n<p><em>Yes<\/em>, that is a poem about a review about <a href=\"https:\/\/www.tesla.com\">Tesla<\/a>. <em>No<\/em>, I\u2019m not ashamed of this. As you may be able to tell, <a href=\"https:\/\/shellsharks.com\/about?about=tesla\">I\u2019m a big fan of Tesla<\/a>! I\u2019ve been a Tesla EVangelist for years and have answered many a question during that time. And though there are <a href=\"https:\/\/theicct.org\/publications\/ev-update-us-cities-aug2020\">far more EV\u2019s<\/a> (<em>especially Teslas<\/em>) on the road now than there were 3 years ago when I took delivery of my Model 3, I still see a lot of the same questions, <a href=\"https:\/\/en.wikipedia.org\/wiki\/Fear,_uncertainty,_and_doubt\">FUD<\/a> and unquenched curiosity. This piece is designed to address these areas.<\/p>\n\n<p>More specifically though, this is a review of my (2018) <a href=\"https:\/\/www.tesla.com\/model3\">Model 3<\/a>, which I've newly renamed \"<span style=\"color:yellow;\">Thundermage<\/span>\" in honor of this review.<\/p>\n\n<ul>\n  <li><a href=\"#common-questions--misconceptions\">Common Questions &amp; Misconceptions<\/a><\/li>\n  <li><a href=\"#positives\">Positives<\/a><\/li>\n  <li><a href=\"#negatives\">Negatives<\/a><\/li>\n  <li><a href=\"#other-neutral-stuff\">Other, Neutral Stuff<\/a><\/li>\n<\/ul>\n\n<h1 id=\"common-questions--misconceptions\">Common Questions &amp; Misconceptions<\/h1>\n\n<p>In this first section, I will answer the most common questions I am asked about Tesla and EV\u2019s in general. I\u2019ll also address some common misconceptions. For other information, check out Tesla\u2019s <a href=\"https:\/\/www.tesla.com\/support\/new-owner-frequently-asked-questions\">new owner FAQ<\/a>!<\/p>\n\n<ul>\n  <li><a href=\"#how-do-i-charge-it\">How do I charge it?<\/a><\/li>\n  <li><a href=\"#how-fast-does-it-charge\">How fast does it charge?<\/a><\/li>\n  <li><a href=\"#how-much-does-it-cost-to-charge\">How much does it cost to charge?<\/a><\/li>\n  <li><a href=\"#what-kind-of-range-does-it-have\">What kind of range does it have?<\/a><\/li>\n  <li><a href=\"#how-do-i-get-into-or-out-of-the-car\">How do I get into or out of the car?<\/a><\/li>\n  <li><a href=\"#will-i-get-stuck\">Will I get stuck?<\/a><\/li>\n  <li><a href=\"#evs-arent-any-more-green-than-gas-cars\">EVs aren\u2019t any more green than gas cars<\/a><\/li>\n<\/ul>\n\n<h3 id=\"how-do-i-charge-it\">How do I charge it?<\/h3>\n\n<p>Tesla provides a relatively <a href=\"https:\/\/www.tesla.com\/charging\">comprehensive guide<\/a> to charging on their site. In that guide, they discuss <a href=\"https:\/\/www.tesla.com\/home-charging\">home charging<\/a>, <a href=\"https:\/\/www.tesla.com\/destination-charging\">destination charging<\/a> and <a href=\"https:\/\/www.tesla.com\/supercharger\">supercharging<\/a>. The bottom line is, you have <em>a lot<\/em> of options when it comes to charging. I\u2019ll dive into these options below.<\/p>\n\n<ul>\n  <li>\n    <p><strong>120v outlet<\/strong> : <em>Yep<\/em>! You can charge on a standard wall outlet, and many people go this route for their primary, every-day charging solution! <a href=\"#how-fast-does-it-charge\">Charge times<\/a> are a little slower but it <em>can<\/em> get the job done, especially if you have all night to juice up. This is great when you think about it because outlets such as these are pretty ubiquitous. Anywhere where you can charge your phone, you can charge your car! At your grandma\u2019s house? Plug it in! At an <a href=\"https:\/\/www.airbnb.com\">Airbnb<\/a>? <em>Plug it in<\/em>! You can charge this thing anywhere.<\/p>\n  <\/li>\n  <li>\n    <p>In fact, all Teslas come with the <a href=\"https:\/\/shop.tesla.com\/product\/gen-2-mobile-connector-bundle\">Mobile Connector Bundle<\/a> which includes the 120v outlet adapter.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Tesla Wall Connector<\/strong> : For home charging, Tesla\u2019s (<em>and my<\/em>) recommended method is the Tesla <a href=\"https:\/\/shop.tesla.com\/product\/wall-connector?tesref=true\">Wall Connector<\/a>. At $500 it\u2019s a little pricey, but if you\u2019ve purchased a $50,000 car that <em>relies on being charged<\/em>, I think the investment is worth it. I also recommend getting the longer cable (18\u2019) as it gives you a little additional versatility. For help installing the unit (and I strongly recommend getting professional help), Tesla has provided a <a href=\"https:\/\/www.tesla.com\/support\/find-electrician\">resource to find licensed electricians<\/a> that can take on the project.<\/p>\n  <\/li>\n  <li>\n    <p><strong>240v outlet<\/strong> : If you want a little faster charging but don\u2019t want to fully commit to <a href=\"https:\/\/shop.tesla.com\/product\/wall-connector?tesref=true\">Tesla\u2019s Wall Connector<\/a>, the 240v outlet is likely the way to go. Typically seen in garages for use with a refrigerator or laundry machine, this is a good EV-agnostic way to get faster charging speeds. In other words, the 240v outlet is a good option if you don\u2019t want to spend the extra $$ on the <a href=\"https:\/\/shop.tesla.com\/product\/wall-connector?tesref=true\">Wall Connector<\/a> or if you plan on having a non-Tesla EV.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Destination Charger<\/strong> : So you won\u2019t always be able to charge at home, so what are your options when out on the road? Well it turns out, there are a TON - and not just bumming small amounts of charge off of random 120v outlets either. Enter <a href=\"https:\/\/www.tesla.com\/destination-charging\">Destination Charging<\/a> - from hotels to restaurants to resorts, destination charging is available at over 4500 sites (and counting). Destination charging is typically on par-with or close-to what you get out of a Tesla Wall Connector or standard 240 outlet. I\u2019ve even found plenty of destination charging that is offered completely for free. What\u2019s better than free fuel!?<\/p>\n  <\/li>\n  <li>\n    <p>For other destination charging, Tesla themselves recommend <a href=\"https:\/\/www.plugshare.com\/\">Plughsare.com<\/a><\/p>\n  <\/li>\n  <li>\n    <p><strong>DC Fast Charger<\/strong> : Though I haven\u2019t used one of these myself (thanks to Tesla\u2019s Supercharger network being so robust), Teslas are also capable of utilizing third-party DC fast charging networks such as <a href=\"https:\/\/www.electrifyamerica.com\">Electrify America<\/a> and <a href=\"https:\/\/www.evgo.com\">EVgo<\/a>. All you\u2019ll need is the $400 <a href=\"https:\/\/shop.tesla.com\/product\/chademo-adapter.\">CHAdeMO Adapter<\/a> - <em>ouch!<\/em><\/p>\n  <\/li>\n  <li>\n    <p><strong>Tesla Supercharger<\/strong> : Saving the best for last, there is Tesla\u2019s incredible <a href=\"https:\/\/www.tesla.com\/supercharger\">Supercharger<\/a> network. This network represents the largest collection of fast-chargers in the world and they are designed and made available exclusively to Teslas (<a href=\"tesla opening up superchargers\">for now<\/a>). This is <em>the<\/em> primary means for charging while on road trips. It\u2019s fast, convenient and with 25000+ stalls world-wide, available pretty much no matter where you are. Superchargers are typically located in parking lots within shopping areas so you can grab food, use the restroom or stay somewhat entertained while you charge up.<\/p>\n  <\/li>\n<\/ul>\n\n<h3 id=\"how-fast-does-it-charge\">How fast does it charge?<\/h3>\n\n<p>Charging speeds are typically separated into three categories, <strong>L1-L3<\/strong>. These categories are described below.<\/p>\n\n<ul>\n  <li>\n    <p><strong>L1<\/strong> : This typically means the standard 120v outlets. You can expect anywhere from 3-5 miles\/hour on average. For a car that needs 300 miles range, this means a charge time of 60-100 hours to charge from zero to full. A little slow but will work in many situations where you only need to get 50 miles or so with an overnight charge.<\/p>\n  <\/li>\n  <li>\n    <p><strong>L2<\/strong> : Level 2 charging includes 240v outlets, <a href=\"https:\/\/www.tesla.com\/support\/home-charging-installation\/wall-connector\">Wall Connectors<\/a> and <a href=\"https:\/\/www.tesla.com\/destination-charging\">Destination Charging<\/a>. L2 will typically net you around 25-45 miles\/hour. A zero-to-full charge session would thus take you anywhere from 7-12 hours. Perfect for overnight charging. <em>I should mention though that the top-end of L2 charging (approx. 44 miles\/hour) is obtained by using the Tesla <a href=\"https:\/\/www.tesla.com\/support\/home-charging-installation\/wall-connector\">Wall Connector<\/a> with 48 amp output.<\/em><\/p>\n  <\/li>\n  <li>\n    <p><strong>L3<\/strong> : Finally, we have the top end charging, Level 3. For Teslas, this typically means <a href=\"https:\/\/www.tesla.com\/supercharger\">Superchargers<\/a>, but would also include <a href=\"https:\/\/www.chargepoint.com\/blog\/when-and-how-use-dc-fast-charging\/\">DC Fast Chargers<\/a>. To answer, \u201chow fast does a Supercharger charge\u201d though is a little trickier to answer. Current-gen, \u201c<a href=\"https:\/\/www.tesla.com\/blog\/introducing-v3-supercharging\">V3<\/a>\u201d Superchargers can charge at speeds of up to 1000 miles\/hour. Wow! But those speeds are only obtained at certain Superchargers and when the vehicle\u2019s state-of-charge (SoC) is low. When actively charging, as the battery is closer to max capacity, charging speeds dip. Rather than give you numbers here, I can say that anecdotally, while on my road trips, I stop every 2 hours or so to stretch my legs or use the restroom and in that time I plug the car in. After 10-15 minutes, I return to the car with more than enough juice to get to the next stop. This is the recommended approach for road-tripping in a Tesla. <em>Note<\/em>: Having never used a \u201cDC Fast Charger\u201d, I really can\u2019t speak to it\u2019s charging speeds. Sorry!<\/p>\n  <\/li>\n<\/ul>\n\n<h3 id=\"how-much-does-it-cost-to-charge\">How much does it cost to charge?<\/h3>\n\n<p>This depends where you charge, and the <a href=\"https:\/\/www.electricchoice.com\/electricity-prices-by-state\/\">price of electricity<\/a> during the time\/region you are charging. But to give you an example, I pulled some numbers from my own home charging. Based on my last electric bill, I am on-average billed $.13\/kWh. The Tesla Model 3\u2019s battery pack is a 75 kWh pack (<a href=\"https:\/\/electrek.co\/2020\/11\/10\/tesla-model-3-82-kwh-battery-pack-new-cells\/\">newer packs have more kWh<\/a>). This means it costs $9.75, or about $10, to charge the pack from zero to full. On that 75 kWh, my car gets about 300 miles. So let\u2019s say 10$ will get you 300 miles range.<\/p>\n\n<p>Now let\u2019s take a traditional <a href=\"https:\/\/en.wikipedia.org\/wiki\/Internal_combustion_engine\">ICE<\/a> car, like a <a href=\"https:\/\/www.toyota.com\/corolla\/\">Toyota Corolla<\/a>. With a 13.2 gallon tank and <a href=\"https:\/\/gasprices.aaa.com\">gas prices<\/a> hovering around $3\/gallon, it costs about $40 for a full tank. With approximately 400 miles range, we can take 75% of both the range and that cost and come up with a value of $30 to go an equivalent 300 miles in the Corolla.<\/p>\n\n<p>What we end up with is a difference in price for home-charging the Tesla at <strong>1\/3 the price of gas<\/strong> as compared with the Corolla for the same amount of miles.<\/p>\n\n<p>Now many also ask about the price of <a href=\"https:\/\/www.tesla.com\/supercharger\">Supercharging<\/a>. The cost of Supercharging is about 2x the cost of home charging, typically around $.26-$.28\/kWh (<em>compared to the $.13\/kWH I was getting at home<\/em>). Doubling the cost of electricity still leaves you with a final cost of <strong>2\/3 the amount of gas<\/strong>.<\/p>\n\n<p>I will add that the numbers I used for home charging were based on <em>average<\/em> cost of electricity during a one month span. It is important to note that charging your car in off-peak hours will result in cheaper costs per kWh. So if you are home-charging in the dead of night, it will actually be even <em>cheaper<\/em> than calculated to juice up the car.<\/p>\n\n<h3 id=\"what-kind-of-range-does-it-have\">What kind of range does it have?<\/h3>\n\n<p>When I first took delivery of my car, it was rated at <strong>310 miles<\/strong> of range.<\/p>\n\n<p>With that said, three years into ownership and after a full charge, my car normally reports that I have about 290 miles range. This <em>may<\/em> be due in part to <a href=\"https:\/\/electrek.co\/2020\/06\/06\/tesla-battery-degradation-replacement\/\">battery degradation<\/a>, but I know from speaking with Tesla engineers that it is more likely due (in large part) to the way Tesla calculates range. Essentially, the car will determine range based off my normal efficiency, i.e. the way I typically drive. In other words, since I tend to drive somewhat, <em>spirited<\/em>, the car adjusts my range calculation to take into account the lower efficiency. <em>Neat<\/em>!<\/p>\n\n<h3 id=\"how-do-i-get-into-or-out-of-the-car\">How do I get into or out of the car?<\/h3>\n\n<p>This isn\u2019t a question I get, but it always seems to be a challenge for people when first learning how to get in and out of a Model 3.<\/p>\n\n<ul>\n  <li><a href=\"https:\/\/www.youtube.com\/watch?v=icNLL8j4J_k\">Unlocking\/Getting into a Model 3<\/a><\/li>\n  <li><a href=\"https:\/\/www.youtube.com\/watch?v=DMzejxP_9x4\">Getting out of a Model 3<\/a><\/li>\n<\/ul>\n\n<h3 id=\"will-i-get-stuck\">Will I get stuck?<\/h3>\n\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Range_anxiety\">Range anxiety<\/a> and uncertainty around how and where to charge is by far the biggest fear amongst prospective EV purchasers. And though Teslas and similar EVs have really good range (250+ miles), driving long distances is, in reality, not as simple as just getting in your car and going. There is <em>some<\/em> level of planning that should go into your drive. In a Tesla, this can be calculated for you by the onboard computer. It will plan your route and give you all the places you should stop to charge. It bases this on a number of factors including distance, elevation gain, temperature and more. What\u2019s important to take away is that you really need to <a href=\"https:\/\/www.tesla.com\/trips\">plan your route<\/a> and understand where you would like to stop. When driving along major throughways, you can generally count on there being charging <a href=\"https:\/\/www.tesla.com\/findus?v=2&amp;bounds=63.232619366399604%2C-40.511719937500004%2C5.176252916331986%2C-158.0214855625&amp;zoom=4&amp;filters=store%2Cservice%2Csupercharger%2Cdestination%20charger%2Cbodyshop\">every 50 miles or so<\/a> though. In this case, less planning may be required.<\/p>\n\n<h3 id=\"evs-arent-any-more-green-than-gas-cars\">EVs aren\u2019t any more green than gas cars.<\/h3>\n\n<p>A common argument amongst EV-haters is that EVs are no more eco-friendly than gas cars because the way the electricity that is used to charge the car is sourced is not-in-fact \u201cgreen\u201d. <strong>This is not accurate<\/strong>.<\/p>\n\n<p><strong>A Quick Study<\/strong>: Using the EPA\u2019s <a href=\"https:\/\/www.epa.gov\/egrid\/power-profiler\">Power Profiler<\/a> I can get an idea of my carbon emissions based on the number of kWh I consume in a year in my region (SRVC). Estimating 15000 miles of driving distance with my car that has about 300 miles range, that comes to about 50 complete zero-to-full fill-ups. With a 75 kWh battery pack, this means a total of 3750 kWh of electricity used for charging in a year or 312.50 kWh\/month.<\/p>\n\n<p>At the bottom of the Power Profiler there is an Emissions Estimate function which can take a monthly kWh value and calculate an annual emissions rate based on your particular eGRID subregion (mine is SRVC - SERC Virginia\/Carolina). With a usage of approx. 313 kWh\/month, my annual estimated emissions is 2,928 pounds CO2.<\/p>\n\n<p><em>OK<\/em>, so now let\u2019s use the <a href=\"https:\/\/calculator.carbonfootprint.com\/calculator.aspx?tab=4\">carbonfootprint.com calculator<\/a> to determine the annual CO2 emissions for the <a href=\"https:\/\/www.toyota.com\/corolla\/\">Toyota Corolla<\/a>. Using the calculator, I plug in 15k miles, the 2020 Toyota Corolla CVT 2WD (which according to this calculator has an efficiency score of 165.363) and I end up with an annual emissions value of 3.99 metric tons or about 8,000 pounds CO2.<\/p>\n\n<p>So the Corolla produces about 2.66x more carbon emissions than the Tesla. <em>Not good<\/em>!<\/p>\n\n<h1 id=\"positives\">Positives<\/h1>\n\n<p>As I\u2019ve said, I love my Tesla, and there are <em>so<\/em> many reasons why. I\u2019ve tried to compile these reasons here.<\/p>\n\n<ul>\n  <li>\n    <p><strong><a href=\"#how-do-i-charge-it\">Charging at home<\/a><\/strong> : Never having to go to a gas station is really one of my favorite perks of the car. You get to <a href=\"https:\/\/www.teslarati.com\/tesla-ev-memes-win-skeptics-gas-crisis\/\">laugh smugly<\/a> as you drive past the sad folk putting stinky dinosaur juice into their cars. Plus, you\u2019ll always have a \u201cfull tank\u201d, or as much juice as you need (as long as you remember to plug it in) thanks to the ability to charge at home.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Electricity is cheaper than gas<\/strong> : Mile for mile, electricity is on average <a href=\"#how-much-does-it-cost-to-charge\">much cheaper than gas<\/a>. <em>Oh<\/em>, and there are <a href=\"https:\/\/www.tesla.com\/destination-charging\">many places<\/a> where you can charge completely for free - try getting free gas anywhere! Features like <em>scheduled departure<\/em> and <em>scheduled charging<\/em> can help get the most cost-efficient home charging as well.<\/p>\n  <\/li>\n  <li>\n    <p><strong>It\u2019s fast<\/strong> : My car (Model 3 Dual Motor) goes 0-60 in about 4 seconds. Even after three years, I still find that punch to be pretty exhilarating. That speed isn\u2019t just for fun though, being able to quickly position yourself is a highly practical feature, especially when merging on highways.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Very bright headlights<\/strong> : I don\u2019t like driving at night. The headlights on my car makes it a lot more bearable.<\/p>\n  <\/li>\n  <li>\n    <p><strong>The glass roof is cool<\/strong> : The glass roof not only looks great but gives the inside of the car a very open feeling. I also love to watch planes as they fly overhead or look at the towering trees\/buildings when I am in a wooded or city area. (<em>All of course while I\u2019m not driving<\/em>).<\/p>\n  <\/li>\n  <li>\n    <p><strong>Frunk space<\/strong> : Where a gas car normally has an engine, a Tesla has a storage area known as the \u201cFrunk\u201d! Who wouldn\u2019t appreciate having a little additional storage space?<\/p>\n  <\/li>\n  <li>\n    <p><strong>Handles wind well<\/strong> : What I mean here is that even in heavy cross-winds, this car feels incredibly stable. The weight of the car, low center of gravity and the (short) height of the car are primary contributors.<\/p>\n  <\/li>\n  <li>\n    <p><strong>The display<\/strong> : The 15\u201d screen is not only hyper-versatile, it also looks really really cool. Navigation is huge, gaming and other entertainment looks great, it\u2019s just a really nice experience. The screen takes the place of the traditional instrument cluster. What this means is that your speed gauge is on the screen which is to the right of you rather than directly behind the wheel. Some people fear that this will inhibit them from being able to see their speed as easily. I find that it is just as easy if not easier to see it in large print on the huge screen.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Purchase experience<\/strong> : <em>No contest here<\/em>. Buying a car with a few clicks online is infinitely better than going into a dealership. You can even use <a href=\"https:\/\/9to5mac.com\/2018\/03\/19\/tesla-apple-pay-model-3-reservations\/\">Apple Pay<\/a>!<\/p>\n  <\/li>\n  <li>\n    <p><strong>Eco-friendly<\/strong> : As discussed in <a href=\"#evs-arent-any-more-green-than-gas-cars\">the section above<\/a>, this car will produce less carbon emissions than a traditional ICE car. What\u2019s not to like about that? Especially considering the <a href=\"https:\/\/www.washingtonpost.com\/weather\/2021\/07\/14\/western-heat-wave-rockies\/\">insane heat wave<\/a> the US has been experiencing.<\/p>\n  <\/li>\n  <li>\n    <p><strong><a href=\"#what-kind-of-range-does-it-have\">Range is superb<\/a><\/strong> : At 300+ miles, my car has more than enough range for any trip I have thrown at it. Sure, it\u2019s not as much raw range as some equivalent gas cars, but I <em>never<\/em> drive 300+ miles in one sitting, so getting to stop and charge up is always a nice respite from sitting in the car.<\/p>\n  <\/li>\n  <li>\n    <p><strong>The Supercharger network is great<\/strong> : <a href=\"https:\/\/www.tesla.com\/supercharger\">Superchargers<\/a> are <a href=\"https:\/\/www.tesla.com\/findus?v=2&amp;bounds=63.232619366399604%2C-40.511719937500004%2C5.176252916331986%2C-158.0214855625&amp;zoom=4&amp;filters=store%2Cservice%2Csupercharger%2Cdestination%20charger%2Cbodyshop\">everywhere<\/a>! They are typically found in shopping centers so you have access to food and more while charging. Supercharging is cheaper than gas and in my experience (driving on the East Coast), I have never had to wait for a spot.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Low maintenance<\/strong> : Tesla\u2019s <a href=\"https:\/\/www.tesla.com\/support\/car-maintenance\">guidance on maintenance<\/a> is very simple. From this guide, there really isn\u2019t that much that goes into taking care of the car! In the three years I\u2019ve owned the car, I\u2019ve only taken it into the dealership once (a few days after taking delivery to fix a few small aesthetic things). What\u2019s even better is that when you do have an issue with the car, it\u2019s highly likely that Tesla will be able to send a <a href=\"https:\/\/www.tesla.com\/support\/mobile-service\">Mobile Service<\/a> vehicle to you which can resolve your maintenance issue without you ever having to leave your house. <em>Awesome<\/em>!<\/p>\n  <\/li>\n  <li>\n    <p><strong>Regenerative braking<\/strong> : Arguably the biggest difference in driving an EV versus driving a traditional ICE car is the <a href=\"https:\/\/driving.ca\/column\/how-it-works\/how-it-works-regenerative-braking\">regenerative braking<\/a>. Once you\u2019re used to it though, I think it offers a superior and far less exhausting driving experience. Essentially, regen-braking allows you to never really have to take your foot completely off the accelerator and put it on your brake. Over the course of a long drive, your feet and legs are less tired without the constant moving and placing.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Very safe &amp; secure vehicle<\/strong> : All Teslas are extremely safe cars. <a href=\"https:\/\/www.nhtsa.gov\/ratings\">NHTSA<\/a> consistently scores Teslas at 5-stars across the board in their crash-safety tests. Tesla scores so well for a few reasons. First, Teslas are very hard to roll - their low center-of-gravity thanks to the very heavy battery pack in the floor of the car helps contribute to this. Second, with no gas motor, there is less risk of fire\/explosion in the event of a crash, plus, the lack of the motor in the front allows the front to be a crumple zone. Finally, Teslas come with a lot of cool, <a href=\"https:\/\/www.tesla.com\/support\/car-safety-security-features\">advanced security features<\/a> standard. Things like the Dashcam, cabin camera, security alarm, pin to drive, sentry mode, intrusion sensors, auto lane adjust, obstacle aware braking, etc\u2026<\/p>\n  <\/li>\n  <li>\n    <p><strong>Onboard Dashcam<\/strong> : Though i\u2019ve just mentioned the Dashcam, it\u2019s worth mentioning again. Having a built in Dashcam which captures not only the view out of the front of the car but also the sides is really cool and very useful in the event of an accident. What\u2019s better, you can view Dashcam footage right inside the car on the huge screen. <em>Amazing<\/em>!<\/p>\n  <\/li>\n  <li>\n    <p><strong>Control with your phone<\/strong> : Being able to control the car with my phone is great. I hate carrying keys and now I don\u2019t have to! I can control climate, charging, trunk\/frunk, windows, and even request service all from my <a href=\"https:\/\/apps.apple.com\/us\/app\/tesla\/id582007913\">Tesla app<\/a>.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Make\u2019s fart noises<\/strong> : There\u2019s a built-in <a href=\"https:\/\/electrek.co\/2021\/01\/19\/how-to-make-your-tesla-fart\/\">whoopie cushion<\/a>. Hilarious.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Gaming<\/strong> : <a href=\"https:\/\/www.tesla.com\/event\/experience-tesla-arcade\">Tesla Arcade<\/a> includes a number of games including Polytopia, Cat Quest, Fallout Shelter, Stardew Valley, CupHead, BeachBuggy Racing 2, backgammon, solitaire, chess and a bunch of Atari-classics including 2048, Asteroids, Centipede, Super Breakout, Lunar Lander, Missile Command, Millipede, Tempest and Gravitar. <em>Phew!<\/em> These games are playable via the touch screen, the steering wheel and even via a classic game controller such as an Xbox or Playstation controller. <em>So fun<\/em>!<\/p>\n  <\/li>\n  <li>\n    <p><strong>Entertainment<\/strong> : As long as you have <a href=\"https:\/\/www.tesla.com\/support\/connectivity\">Premium Connectivity<\/a>, you can enjoy a number of other entertainment options in the car. Netflix, Twitch, Hulu and Youtube are some of the available options at this time. This isn\u2019t a feature I use much, but when I do need it, it makes sitting in the car really great.<\/p>\n  <\/li>\n  <li>\n    <p><strong>OTA updates<\/strong> : A lot of the software-enabled features I have mentioned in this section are things that the car did not originally ship with. Rather, they are features that have been added to the car, <em>all for free<\/em>. This includes everything from Dashcam to Sentry Mode to Tesla Arcade to the entertainment features. My car has even had improved acceleration pushed to it via software based optimizations. Truly incredible.<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"negatives\">Negatives<\/h1>\n\n<p>Though I love my car, it isn\u2019t perfect. There are a number of things I wish we\u2019re different or that are just bad. I\u2019ve listed these below.<\/p>\n\n<ul>\n  <li>\n    <p><strong>AC unit is a little weak<\/strong> : I find that the onboard Tesla AC unit is a bit weak. It doesn\u2019t ever seem to get as cold or as hot as I\u2019d like it to and it doesn\u2019t seem to cool or heat very quickly. Compared to my old <a href=\"https:\/\/www.toyota.com\/corolla\/\">Toyota Corolla<\/a>, it definitely falls short. You don\u2019t really want to lose to a Toyota Corolla.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Not a hatchback<\/strong> : My biggest gripe with this car after 3 years is the trunk. It\u2019s actually quite roomy but really, I wish it was a hatchback. The <a href=\"https:\/\/www.tesla.com\/modely\">Model Y<\/a> has this feature and it\u2019s much better.<\/p>\n  <\/li>\n  <li>\n    <p><strong>EV tax credit has expired<\/strong> : The $7500 <a href=\"https:\/\/www.fueleconomy.gov\/feg\/taxevb.shtml\">federal tax credit<\/a> for EVs has <a href=\"https:\/\/www.taxwarriors.com\/blog\/electric-vehicle-tax-credit-explained-tesla-no-longer-eligible\">run out<\/a> for Tesla. At the time I bought my car, I actually got the full amount. But for those looking to purchase a Tesla these days, you won\u2019t get any help from the federal government. With that said, there are other <a href=\"https:\/\/www.tesla.com\/support\/incentives\">state\/local incentives<\/a> to consider.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Charging on 120v is slow<\/strong> : Though charging on 120v is really cool and a very useful feature, it doesn\u2019t change the fact that it is <a href=\"#how-fast-does-it-charge\">very slow<\/a>. If you only have an over-night to charge or need to charge up quickly, you\u2019re going to be disappointed relying on 120v.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Self-park does not come standard<\/strong> : The self-parking feature is bundled with the exorbitantly expensive <a href=\"https:\/\/www.tesla.com\/autopilot\">FSD package<\/a>. I think this is ridiculous. Self-parking has been a feature of far less advanced cars for a long time. I really wish this came standard or was bundled with some other sort of much cheaper premium upgrade.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Horn is difficult to trigger<\/strong> : Maybe i\u2019m just too gentle with my car, but I always find when I try to honk I\u2019m either not pressing the right spot, or I am not smashing the wheel hard enough. I wish there was just a button.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Engaging windshield wipers is not ideal<\/strong> : A couple issues with the windshield wipers. First, the rain-sensing auto-wipers do not work very well. I find that they either don\u2019t wipe fast enough, fail to wipe at all or wipe when it\u2019s not really needed. Tesla is apparently attacking this problem with\u2026 a <a href=\"https:\/\/tesla-info.com\/blog\/tesla-deep-rain.php\">neural net solution<\/a>? Second, engaging the wipers is a little clunky and non-ideal. You can click the button at the tip of the left wheel stalk to invoke a single wipe, at which point the modal for the wiper speed is brought up on-screen. From there, you must look down and press the speed you\u2019d like the wipers to be at. This isn\u2019t great since typically when you are needing the wipers, especially at a higher speed, it is raining and not the best time to take your eyes of the road.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Turning radius isn\u2019t great<\/strong> : Compared to my old <a href=\"https:\/\/www.toyota.com\/corolla\/\">Toyota Corolla<\/a>, I find that the Model 3 has a really bad turning radius.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Tires wear quickly<\/strong> : You\u2019ll find that <em>spirited driving<\/em> is a common occurrence with a Tesla. This tends to wear the tires down quicker. This means more $$ for new tires.<\/p>\n  <\/li>\n  <li>\n    <p><strong>People will try to race you<\/strong> : It could be that I\u2019m just hyper-sensitive to people accelerating off the line, but I always get the sense that people want to race me. The good news is, I always win =).<\/p>\n  <\/li>\n  <li>\n    <p><strong>Premium connectivity costs extra<\/strong> : If you want live traffic, video\/music streaming or internet browsing capability, you\u2019ll need to subscribe to Tesla\u2019s <a href=\"https:\/\/www.tesla.com\/support\/connectivity\">Premium Connectivity<\/a> at $9.99\/month. This isn\u2019t ideal, but i rarely use any of those features outside of live traffic.<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"other-neutral-stuff\">Other, Neutral Stuff<\/h1>\n\n<p>Beyond the good and the bad, there are the things that just, <em>are<\/em>. I list these \u201cneutral\u201d items below.<\/p>\n\n<ul>\n  <li><strong>Warranty<\/strong> : Tesla has what I consider to be a pretty good warranty. The warranty is described as follows\u2026 Basic Vehicle - 4 years or 50,000 mi, whichever comes first + Battery &amp; Drive Unit - 8 years or 120,000 mi, whichever comes first.<\/li>\n<\/ul>\n\n<h1 id=\"wrap-up\">Wrap Up<\/h1>\n\n<p>It\u2019s amazing to see Elon\u2019s <a href=\"https:\/\/www.tesla.com\/blog\/secret-tesla-motors-master-plan-just-between-you-and-me\">master plan<\/a> for Tesla come to life, I really do believe what he has created is the <a href=\"https:\/\/twitter.com\/elonmusk\/status\/1068215834877685760\">most fun you could possibly have in a car<\/a>.<\/p>\n\n<p><em>Alright!<\/em> That\u2019s the end of the \u201cRevue\u201d. I thank you for reading and I\u2019d love to hear your feedback. Are you planning on ordering a Tesla? If so, please use my <a href=\"https:\/\/ts.la\/michael65140\">referral code<\/a>! Agree or disagree with any of the points I made? <a href=\"https:\/\/shellsharks.com\/contact\">Let me know about it<\/a>!<\/p>\n\n<p>Finally, I highly recommend you check out <a href=\"https:\/\/theoatmeal.com\/comics\/tesla_model_s\">this amazing comic\/review<\/a> by <a href=\"https:\/\/theoatmeal.com\/\">The Oatmeal<\/a>. It does a better job than I ever could of summing up the real magic of owning a Tesla.<\/p>\n","pubDate":"Thu, 15 Jul 2021 10:50:00 -0400","link":"https:\/\/shellsharks.com\/tesla","guid":"https:\/\/shellsharks.com\/tesla","category":["life","technology","tesla","review","life","technology","blog"]},{"title":"Why I Blog. You Should Too!","description":"<p><strong>You should start a blog<\/strong>. If you disagree, I certainly understand the hesitancy. I was once like you! The thought of building + maintaining a website, or \u201cblogging\u201d might evoke worrisome thoughts. But fear not! I can help <a href=\"#what-not-to-worry-about\">allay these fears<\/a>. Once you overcome that initial anxiety, you can settle in and reap the <a href=\"#so-why-blog\">many benefits<\/a> of having a website. Trust me, it will be time well spent. Just <a href=\"#with-all-that-said\">be careful<\/a> though! You may find yourself completely obsessed with your site before long!<\/p>\n\n<h1 id=\"historical-context\">Historical Context<\/h1>\n\n<p>I started the <span class=\"shellsharks-com\"><a href=\"https:\/\/shellsharks.com\/\">shellsharks<\/a><\/span> site in <a href=\"https:\/\/shellsharks.com\/notes\/2024\/05\/30\/5-years\">mid-2019<\/a>. At that time, I had but two ideas for topics to write about\u2014a \u201c<a href=\"https:\/\/shellsharks.com\/getting-into-information-security#title\">Getting Into Infosec<\/a>\u201d guide and the idea to catalog all of the <a href=\"https:\/\/shellsharks.com\/designer-vulnerabilities#title\">\u201cnamed\u201d vulnerabilities<\/a> (e.g. \u201c<a href=\"https:\/\/heartbleed.com\">Heartbleed<\/a>\u201d). Prior to 2019, I tried at least two other times to blog or otherwise \u201cwrite\u201d\u2014both of which fizzled out before I even got to a second post. At the time, I blamed this on the <a href=\"#what-not-to-worry-about\">usual reasons<\/a>\u2014not enough time, didn\u2019t know what to write about, couldn\u2019t find my \u201cniche\u201d, etc\u2026 What I failed to realize then are <a href=\"#so-why-blog\">a number of things<\/a> I fully appreciate today, and I\u2019d like to share this understanding with you. Let me start with what <em>not<\/em> to <a href=\"#what-not-to-worry-about\">worry<\/a> about when starting a blog\u2026<\/p>\n\n<h1 id=\"what-not-to-worry-about\">What Not To Worry About<\/h1>\n\n<p>In this section is a list of common concerns &amp; fears people have when faced with the thought of starting a blog. Many of these slowed me down <a href=\"#historical-context\">in the beginning<\/a> but I am here to tell you, <em>don\u2019t worry about it<\/em>!<\/p>\n\n<ul>\n  <li>\n    <p><strong>I don\u2019t know how to host a blog<\/strong> : This is an easy fix and it is only a quick <a href=\"https:\/\/www.google.com\/?q=how+to+host+a+blog\">web search<\/a> away! You have plenty of <a href=\"https:\/\/shellsharks.com\/indieweb#hosting\">options<\/a> too. There are a lot of fully-managed hosting platforms, some where you have only partial control of the overall stack, and then of course fully self-hosted options. Just pick the one you feel most comfortable with and get started!<\/p>\n  <\/li>\n  <li>\n    <p><strong>I don\u2019t know which blog hosting provider is best<\/strong> : <em>OK<\/em>, so you\u2019re <em>still<\/em> stuck on which <a href=\"https:\/\/shellsharks.com\/indieweb#hosting\">hosting provider<\/a> to go with. As long as your selection allows you to <strong>BYO domain name<\/strong> and where your <strong>data\/writing is portable<\/strong>, you should have no problems migrating to a new hosting provider at any time, for any reason. So just pick one that meets those two criteria and get moving! Rather than worrying about your tech stack (all of which is almost always interchangeable), you can focus on what really matters\u2014<em>writing<\/em> and <em>site design<\/em>. I argue for site design being important here because afterall, your website is your new <a href=\"https:\/\/shellsharks.com\/welcome-home\">digital home<\/a>.<\/p>\n  <\/li>\n  <li>\n    <p><strong>No one will read my blog<\/strong> : Will you become a well-known blogger? Statistically speaking, probably not. Will <em>someone<\/em> read what you put on the Internet? Statistically speaking, <em>absolutely<\/em>! The Internet is vast, and even the most remote corners receive <em>some<\/em> sort of traffic (not that you should care about pageviews or analytics at all). But you don\u2019t <em>have<\/em> to write for anyone else y\u2019know. <em>Write for <a href=\"https:\/\/shellsharks.com\/notes\/2024\/04\/17\/having-a-website-is-about-you\">you<\/a><\/em>! Your experiences matter and documenting them for your own historical purposes and reference is more than sufficient reason to have your own site. I had similar concerns when I started my site but I have found, over time, that people <em>are<\/em> interested. People will <em>inevitably<\/em> find and <a href=\"https:\/\/chronosaur.us\/ill-read-it\/\">read<\/a> what you <a href=\"https:\/\/shellsharks.com\/notes\/2024\/03\/13\/you-have-something-to-say-someone-will-listen\">have to say<\/a>! People will even eventually comment or give you feedback. That feedback may also even be <a href=\"https:\/\/shellsharks.com\/kindness\">positive<\/a>! Whether people read it or not though is inconsequential. There are <a href=\"#so-why-blog\">plenty of benefits<\/a> regardless.<\/p>\n  <\/li>\n  <li>\n    <p><strong>I don\u2019t have anything to write about<\/strong> : You write about what you are interested in, working on, or generally doing. Unless you are interested in \/ working on \/ doing <em>NOTHING<\/em>, you will always <a href=\"https:\/\/shellsharks.com\/just-put-it-on-your-blog\">have material<\/a>!<\/p>\n  <\/li>\n  <li>\n    <p><strong>What I publish will be bad or uninteresting<\/strong> : This could only possibly be true if you write about something that <em>literally<\/em> no one else is interested in or that no one else is working on something related to. In a world with close to 5 <em>billion<\/em> Internet users, I doubt you are writing about anything that is <em>THAT<\/em> niche. In other words, there are like-minded folks out there. They want to read what you <a href=\"https:\/\/shellsharks.com\/notes\/2024\/03\/13\/you-have-something-to-say-someone-will-listen\">have to say<\/a>. If you\u2019re worried you aren\u2019t a strong writer, don\u2019t worry, you can get better. Everyone starts somewhere. Say what you want to say in the <a href=\"https:\/\/shellsharks.com\/writing-mannerisms\">way<\/a> you say it.<\/p>\n  <\/li>\n  <li>\n    <p><strong>I have nothing novel to contribute<\/strong> : I write <em>mostly<\/em> about <a href=\"https:\/\/shellsharks.com\/tags?tag=infosec\">infosec topics<\/a>. You know who else does that? Lots of people. <em>Like<\/em>, <a href=\"https:\/\/shellsharks.com\/infosec-blogs#title\">so many people<\/a>. It didn\u2019t deter me, nor did it deter all of <em>those<\/em> awesome creators. It shouldn\u2019t deter you either. Even if it\u2019s been said before, it hasn\u2019t been said in the <a href=\"https:\/\/shellsharks.com\/writing-mannerisms\">way<\/a> you\u2019re going to say it. People benefit from different perspectives on the same thing. People also benefit from the <em>same<\/em> perspective on the same thing. Not every creator has the same <a href=\"https:\/\/shellsharks.com\/notes\/2024\/01\/23\/how-the-internet-discovers-my-site\">audience<\/a> either. You may reach someone that no one else has yet, or offer something a <a href=\"https:\/\/shellsharks.com\/manual-of-style\">little different<\/a>, or extra, that helps someone where nothing else had.<\/p>\n  <\/li>\n  <li>\n    <p><strong>I don\u2019t have a niche<\/strong> : You don\u2019t need one! Write about <a href=\"https:\/\/shellsharks.com\/be-weird\">whatever<\/a> you want, as broadly as you want. <em>Sure<\/em>, some may say that by writing across a broad range of topics you run the risk of alienating some of your potential readership that would only be interested in your core topics\u2014and this <em>may<\/em> be true, but the way I consume content from blogs is by <a href=\"https:\/\/shellsharks.com\/an-ode-to-rss#how-to-rss\">scrolling through a feed<\/a> of blogs I follow, and if the post looks interesting to me, I read it. Otherwise, I scroll past. So don\u2019t box yourself in creatively. <a href=\"https:\/\/shellsharks.com\/notes\/2024\/05\/01\/be-yourself\">Be yourself<\/a> and write about whatever you like. I\u2019ll add that people in general have broad interests. If you write broadly, you will reach a larger audience. I for example write about <a href=\"https:\/\/shellsharks.com\/tags?tag=infosec\">infosec<\/a>, <a href=\"https:\/\/shellsharks.com\/tags?tag=technology\">non-infosec-tech stuff<\/a>, and <a href=\"https:\/\/shellsharks.com\/tags?tag=life\">life in general<\/a>!<\/p>\n  <\/li>\n  <li>\n    <p><strong>I\u2019m not an expert<\/strong> : You don\u2019t need to be. A lot of people aren\u2019t \u201cexperts\u201d. You don\u2019t have to be the foremost expert on a topic for your perspective to be valuable. Sometimes a more <em>relatable<\/em> approach, and thus more digestible, comes from someone with less experience. Simply explain who you are, what your experience is and then write about your topic from your perspective. You will likely find that people can learn more from someone who is in a similar situation as them then from some expert who might not understand how the layman thinks.<\/p>\n  <\/li>\n  <li>\n    <p><strong>What if I say something incorrect or it isn\u2019t written perfectly?<\/strong> : Perfection is the enemy of productivity. Don\u2019t worry about being flawless, and don\u2019t sweat the times you are incorrect. With any luck, someone will call you out on something you post that\u2019s wrong and you will have a chance to learn from that mistake and you can update the post at that time! No one knows everything, not even the big names in your given industry or field. It\u2019s ok to be wrong, and it\u2019s also OK to change your mind, update\/fix your content, etc\u2026 Since you own &amp; control your site, and your content, each and every page and post on your site can exist as living documents. You are free to update, edit, modify or even delete things at will. Focus on the quality of your work over time and you will have no problem.<\/p>\n  <\/li>\n  <li>\n    <p><strong>I don\u2019t know if I can post regularly<\/strong> :  You don\u2019t have to post every week. You don\u2019t have to post every month. Just post when you have <a href=\"https:\/\/shellsharks.com\/just-put-it-on-your-blog\">something<\/a> to write about. It\u2019s also perfectly acceptable to post something that is a work-in-progress, and add to it in increments as you work on finishing the complete piece.<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"so-why-blog\">So Why Blog?<\/h1>\n\n<p>OK, so hopefully some of your <a href=\"#what-not-to-worry-about\">common fears<\/a> have been allayed. Now let\u2019s get into the reasons <a href=\"https:\/\/shellsharks.com\/why\">why<\/a> I, and the reasons why <strong>YOU<\/strong> should start a blog. I should accentuate the fact that <em>each<\/em> of the items listed below I actively benefit from, and you can too!<\/p>\n\n<ul>\n  <li>\n    <p><strong>It gives meaning to the time you spend on things<\/strong> : Have you ever learned something only to forget it later? Or worked hard on something only for it to go seemingly unnoticed or unappreciated? Do you ever just forget what you did last year? Or even last week? <em>Yeah<\/em>, me too. Instead of losing it to time, why not document what you did, how you did it, what you learned, etc\u2026? In doing so, you can preserve a historical record which can be shared, remembered, or referenced long into the future. Over time, there is a cumulative effect to writing about the things you do, learn and accomplish. You can <a href=\"https:\/\/shellsharks.com\/hyperlink-travel\">link<\/a> to this past work and build an incredibly useful quasi-second-brain along the way.<\/p>\n  <\/li>\n  <li>\n    <p><strong>It can help you remember how you did something<\/strong> : Let your blog be a reference for yourself. In my career, and in my life, I have forgotten <em>a lot<\/em> of what I have learned. If I had taken the time to document these things, in my own way, with my own context, I\u2019d have the best possible reference to go back and remember it all.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Documenting can help you retain it long-term<\/strong> : Similar to the point above, the simple act of documenting\/writing things will help you retain that knowledge long-term. Worst case scenario though, if you do end up forgetting, you have it documented!<\/p>\n  <\/li>\n  <li>\n    <p><strong>It can look good on a resume or as part of a professional portfolio<\/strong> : Having a place where you document your research and other work can impress current or future employers. This will supplement your <a href=\"https:\/\/shellsharks.com\/resume\">resume<\/a> by speaking to the skills and experience you claim to possess.<\/p>\n  <\/li>\n  <li>\n    <p><strong>It can help you network<\/strong> : Ultimately, when people <em>do<\/em> read your material, they may reach out to you. In those moments, you have an opportunity to make a meaningful <a href=\"https:\/\/shellsharks.com\/cyber-clout\">connection<\/a> either personally or professionally.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Your content can help someone<\/strong> : If you\u2019ve learned something, chances are, you aren\u2019t the only person in the world who didn\u2019t know that thing. Which means, someone else out there can benefit from what you learned and how you learned it.<\/p>\n  <\/li>\n  <li>\n    <p><strong>It can trigger other bursts of creativity and productivity<\/strong> : As you write and as you create, you tend to come up with even <em>more<\/em> ideas. Good begets great, <em>inspire yourself<\/em>!<\/p>\n  <\/li>\n  <li>\n    <p><strong>You will likely learn more by creating<\/strong> : Some say the best way to learn is to teach. By teaching, or in this case, by documenting what you learn in such a way that it is consumable by others than yourself, you will further cement that material in your own mind. In other words, for you to confidently teach something, you need to know it <em>very<\/em> well. So learn to create, create to teach and then teach to learn!<\/p>\n  <\/li>\n  <li>\n    <p><strong>It can help create a social\/professional identity tied to YOU rather than where you work<\/strong> : What I mean here is, you can market yourself through your <em>site<\/em> rather than through traditional mediums like <a href=\"https:\/\/shellsharks.com\/notes\/2024\/02\/11\/linkedin-s-value-to-me\">Linkedin<\/a> or (*<em>grumble<\/em>*) your <a href=\"https:\/\/shellsharks.com\/notes\/2021\/09\/01\/a-rant-on-traditional-resumes\">resume<\/a>. Linkedin is focused on your professional history alone. This makes it hard to decouple your identity, who you really are, from where you\u2019ve worked and what titles you held. Your resume is even worse! It boxes you in to just 1-2 pages where you hope to fully explain your professional worth. A website you own and control allows you to fully document and share your <a href=\"https:\/\/shellsharks.com\/notes\/2024\/05\/01\/be-yourself\">authentic self<\/a>, what you can do, what you have done, what <a href=\"https:\/\/shellsharks.com\/why\">matters<\/a> to you, etc\u2026<\/p>\n  <\/li>\n  <li>\n    <p><strong>It\u2019s fun!<\/strong> : I\u2019m not saying having a blog isn\u2019t work, <a href=\"#with-all-that-said\">it is<\/a>. But work can be fun. Especially when it\u2019s done at your own pace and leisure. I personally get a lot of <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/21\/how-has-my-site-changed-my-life\">enjoyment<\/a> out of maintaining my site.<\/p>\n  <\/li>\n  <li>\n    <p><strong>It can turn into something more<\/strong> : Who knows, your innocent, low-volume, professional-<i>ish<\/i> blog could turn into something more. Maybe it becomes popular, maybe you can monetize it, maybe it will yield business opportunities, there is a lot of potential. This potential remains untapped unless you try.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Secure your identity on the web<\/strong> : Don\u2019t rely on traditional social media to be your identity on the web. Tie your identity to your domain. Read more about why this is important <a href=\"https:\/\/shellsharks.com\/notes\/2023\/08\/16\/your-website-your-identity\">here<\/a>.<\/p>\n  <\/li>\n  <li>\n    <p><strong>For humanity<\/strong>: Don\u2019t let the web become exclusively the soulless blended slop of humanities exploits pre-2020\u2019s. You can continue to inject your real, <a href=\"https:\/\/sightlessscribbles.com\/posts\/the-colonization-of-confidence\/\">messy<\/a>, <em>human<\/em> voice into an increasingly inhuman web.<\/p>\n  <\/li>\n<\/ul>\n\n<h1 id=\"with-all-that-said\">With All That Said<\/h1>\n\n<p><em>Great<\/em>! Your <a href=\"#what-not-to-worry-about\">fears are quelled<\/a> and you are now excited to reap <a href=\"#so-why-blog\">the rewards<\/a> of starting a blog. But not so fast! Let me share just a few teeny-tiny \u201cgotchas\u201d.<\/p>\n\n<ul>\n  <li>\n    <p><strong>It does take time<\/strong> : No surprise here, <em>but yes<\/em>, writing takes <a href=\"https:\/\/shellsharks.com\/notes\/2023\/11\/09\/where-i-find-the-time\">time<\/a>. I personally feel the time it takes to document something is worth it though, given <a href=\"#so-why-blog\">all the benefits<\/a>.<\/p>\n  <\/li>\n  <li>\n    <p><strong>You may get wrapped up in it<\/strong> : What I mean is, you may end up spending more time than you had originally thought you would. This is both good and bad! I think it is a really productive and healthy outlet, but you need to be conscious of your other time commitments.<\/p>\n  <\/li>\n  <li>\n    <p><strong>You should put care and diligence into what you post<\/strong> : Though I have said that your material doesn\u2019t need to be perfect, you should still take care to post accurate and quality material.<\/p>\n  <\/li>\n<\/ul>\n\n<p>Finally, here are a few other <a href=\"https:\/\/shellsharks.com\/blog-things-i-wish-i-had-known\">things to consider<\/a> before starting on your site-having journey.<\/p>\n\n<h1 id=\"wrap-up\">Wrap-Up<\/h1>\n\n<p>So that\u2019s my pitch. Tons of people do it. You can do it. Your perspective is valuable. The <a href=\"#so-why-blog\">benefits<\/a> are immense. <strong>You should start a blog<\/strong>.<\/p>\n\n<p>So are you convinced? I\u2019d love to hear about it! <a href=\"https:\/\/shellsharks.com\/contact\">Let me know<\/a> your blog idea or share your URL with me. If its an infosec-related blog, I\u2019ll even add it to <a href=\"https:\/\/shellsharks.com\/infosec-blogs#boutique-security-blogs\">my collection<\/a>! Still not convinced? I\u2019d like to hear about that too. Thanks for reading!<\/p>\n\n<h1 id=\"resources\">Resources<\/h1>\n\n<ul>\n  <li><a href=\"https:\/\/getblogging.org\">Get Blogging!<\/a><\/li>\n  <li><a href=\"https:\/\/library.xandra.cc\/everyone-should-blog\/\">EveryoneShouldBlog.txt<\/a><\/li>\n  <li><a href=\"https:\/\/bringback.blog\">Bring Back Blogging<\/a><\/li>\n  <li><a href=\"https:\/\/sethmlarson.dev\/writing-for-the-internet\">Writing a blog on the internet<\/a><\/li>\n  <li><a href=\"https:\/\/nora.zone\/manifesto.html\">You should have a website<\/a><\/li>\n  <li><a href=\"https:\/\/manuelmoreale.com\/blog-platforms\">Blog Platforms | Manuel Moreale<\/a><\/li>\n  <li><a href=\"https:\/\/landchad.net\">LandChad.net<\/a><\/li>\n  <li><a href=\"https:\/\/web.pixelshannon.com\/make\/\">Make Your Own Website<\/a><\/li>\n  <li><a href=\"https:\/\/adamcaudill.com\/2026\/01\/04\/lessons-learned-from-20-years-why-you-should-blog\/\">Lessons Learned from 20 Years &amp; Why You Should Blog<\/a><\/li>\n<\/ul>\n","pubDate":"Tue, 13 Jul 2021 10:50:00 -0400","link":"https:\/\/shellsharks.com\/you-should-blog","guid":"https:\/\/shellsharks.com\/you-should-blog","category":["infosec","life","technology","blogging","bestof","life","technology","blog","indieweb"]},{"title":"The Zen of Inbox Zero","description":"<p>Email is ubiquitous. Email is a <em>deluge<\/em>. Email is a <strong>mess<\/strong>. But there is a way\u2026 a way to quell the torrent of spam, subscriptions, notifications, alerts, reminders, social media updates, promotions, confirmations and whatever else seeks to wreak havoc on your inbox - <strong>Inbox Zero<\/strong>.<\/p>\n\n<p>This concept was <a href=\"https:\/\/www.youtube.com\/watch?v=z9UjeTMb3Yk\">first introduced by Merlin Mann during a Google TechTalk<\/a> in 2007. I\u2019ve never <em>actually<\/em> watched this video nor do I remember when I was first introduced to the idea of \u201cInbox Zero\u201d but I\u2019ve been very successful in remaining true to <em>my idea of this concept<\/em> for well over a decade and I\u2019m here to say it has brought sanity and control to my digital life and it can for you too.<\/p>\n\n<center><a href=\"https:\/\/mail.google.com\/\"><i class=\"ph ph-envelope-simple lg\"><\/i><\/a><\/center>\n\n<p>What you see below is madness\u2026<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2021\/toomanyemails.png\" alt=\"toomanyemails\" \/><\/p>\n\n<p><a href=\"https:\/\/www.youtube.com\/watch?v=G7AinOjDiNQ\">\u2026Madness? This. is. EMAIL!<\/a><\/p>\n\n<h1 id=\"lets-zero-it-out\">Let\u2019s Zero It Out<\/h1>\n\n<p>Despite it\u2019s name, <em>Inbox Zero<\/em> is not about having <em>nothing<\/em> in your inbox. Rather, it is about having a <strong>repeatable<\/strong> process by which you can deal with each email you receive, which in turn gives you control over your inbox and reduces what remains to only the items that are either pending and\/or actionable. Let\u2019s walk through this process\u2026<\/p>\n\n<ol>\n  <li>\n    <p><strong>Unsubscribe<\/strong>: I recommend a scorched-earth approach to unsubscribing to subscription-based emails. Unless you absolutely need something, click that \u201cunsubscribe\u201d button and be rid of it. <strong>Pro Tip<\/strong>: If an email doesn\u2019t have an \u201cUnsubscribe\u201d link, mark it as spam or even create a mail rule to auto-send it where it belongs - anywhere but your inbox.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Consume<\/strong>: A lot of email is simply informational. Anything in your inbox that matches this criteria can easily be archived (Step 5) or deleted (Step 6) once you have consumed the necessary information. If you find the information not-useful, perhaps consider Step 1.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Take Action<\/strong>: Does the email represent something that needs to be done? If so, do what needs to be done and then archive (Step 5) or delete (Step 6) the respective email. If it can\u2019t be done right now due to a dependency, see Step 4. <strong>*If it CAN be done but you don\u2019t have time for it, simply leave it in your inbox until you can get to it<\/strong>. In this way, these emails will serve as constant reminders of things that need to and can be done.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Save For Later<\/strong>: If an email represents something that needs to be done but can\u2019t be done due to a dependency, move it to a separate folder (or label if your a Gmail person). I have a folder literally called \u201cFor Later\u201d that these <em>to-do<\/em> emails go to. All of these to-do emails should go to the same special \u201cFor Later\u201d folder. <strong>*It is important to revisit this folder on a frequent basis to see if there is anything that no longer has dependencies and is thus actionable<\/strong>. Here, you can do what needs to be done and then proceed to archive (Step 5) or delete (Step 6) the email.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Archive<\/strong>: When you are through with an email but would like to keep it for later-reference, archive it or move it to a folder of your choosing. This will effectively remove it from your inbox.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Trash<\/strong>: For everything else, <em>trash it<\/em>. You don\u2019t need it. Get it out of your inbox. <strong>Pro Tip<\/strong>: Be mindful of what you are trashing. Chances are, if you are trashing an email, it should have never been in your inbox to begin with. I recommend unsubscribing from as many of these would-be-trashed emails as you can.<\/p>\n  <\/li>\n<\/ol>\n\n<h1 id=\"wrapping-up\">Wrapping Up<\/h1>\n\n<p>I\u2019ve always fancied myself a <strong>minimalist<\/strong>. This mindset helps me make \u201ctough\u201d decisions when it comes to unsubscribing, trashing or otherwise being \u201creal\u201d with myself about what I need or don\u2019t need in my life. I\u2019m also a particularly <strong>organized<\/strong> individual, especially with respect to my <em>digital<\/em> life. <em>Inbox Zero<\/em> is a manifestation of these two virtues and is a philosophy that with some practice, can be exercised by anyone. With it, you too can reclaim your inbox, get things done and achieve digital zen.<\/p>\n\n<p>For more on the <em>science<\/em> of Inbox Zero, check out <a href=\"https:\/\/shellsharks.com\/inbox-zero-part-2#title\">Part Two<\/a>!<\/p>\n","pubDate":"Tue, 02 Mar 2021 09:52:00 -0500","link":"https:\/\/shellsharks.com\/inbox-zero","guid":"https:\/\/shellsharks.com\/inbox-zero","category":["technology","life","inboxzero","technology","life","blog"]},{"title":"Herman Miller Logitech Embody Review","description":"<p>Like many of us these days (in the pandemic-age), I spend a large portion of any given week <em>sitting<\/em> in my home-office at my desk. For too long I had resigned myself to sitting in a chair that featured no customization, no back support and no particular ergonomic advantages. Given the time I spend in a chair, I decided I need an upgrade and resolved to find an amazing chair, no matter the cost.<\/p>\n\n<div class=\"containbox\">\n<b>TL;DR<\/b>: The <a href=\"https:\/\/store.hermanmiller.com\/gaming\/herman-miller-x-logitech-g-embody-gaming-chair\/2517590.html?lang=en_US\">Logitech G Embody<\/a> has a critical design flaw which results in the chair being very uncomfortable to sit in. This flaw makes this chair a no-go at any price, much less $1500.\n<\/div>\n\n<p>In my search for the best possible chair, I consistently came across positive reviews for chairs from <a href=\"https:\/\/www.hermanmiller.com\">Herman Miller<\/a>. Specifically, the <a href=\"https:\/\/www.hermanmiller.com\/products\/seating\/office-chairs\/aeron-chairs\/\">Aeron<\/a> and the <a href=\"https:\/\/www.hermanmiller.com\/products\/seating\/office-chairs\/embody-chairs\/\">Embody<\/a> were two models that I saw mentioned again and again. After seeing pictures of the Embody, I fell in love with the design (specifically the cool-looking back of the chair). It was then of course that I then discovered the <strong><a href=\"https:\/\/store.hermanmiller.com\/gaming\/herman-miller-x-logitech-g-embody-gaming-chair\/2517590.html?lang=en_US\">Logitech variant<\/a><\/strong> of the traditional Embody chair. Right off the bat though, the problem with this chair is the price. $1500\u2026 For a chair\u2026 But! My mission was to find the best chair for me, and I wasn\u2019t going to let the cost be too much of an obstacle.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2021\/hermanmiller\/Screen+Shot+2021-02-07+at+1.15.23+AM.png\" alt=\"Price\" \/><\/p>\n\n<p>The Logitech version of the chair features the same design and features of the regular version but now sports an \u201c<em>enhanced gaming seat<\/em>\u201d (ironic as I\u2019ll soon find out), which is basically an added layer of cushion on the bottom as well as a copper-infused \u201ccooling\u201d foam embedded within that seat cushion. Couple these added comfort features with (awesome) blue color accents unique to the Logitech version of this chair and I was sold. Yes, this chair costs $1500. But surely this is a worthy investment if it makes sitting for extended periods of time both enjoyable, comfortable and better-for-me right?!<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2021\/hermanmiller\/Screen+Shot+2021-02-12+at+8.53.27+PM.png\" alt=\"Picture of Chair\" \/><\/p>\n\n<h1 id=\"the-review\">The Review<\/h1>\n\n<p>The chair arrives in a massive box, completely assembled. You need only open the box and roll it on out - sweet! That said, the chair has a certain heft to it and carrying up a few flights of stairs to my office took a bit of effort. Once I did get it in front of my desk though, I took a step back to admire it. If nothing else, it certainly looked cool! (Please ignore my poor cable-management.)<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2021\/hermanmiller\/IMG_1426.jpeg\" alt=\"Desk Shot w\/ chair\" \/><\/p>\n\n<p>With the chair in place, I sat down and ran through Herman Miller\u2019s <a href=\"https:\/\/www.hermanmiller.com\/content\/dam\/hermanmiller\/documents\/user_information\/herman_miller_x_logitech_g_embody_gaming_chair_adjustment_guide.pdf\">adjustment guide<\/a> to get it tweaked to my liking. With the first (fully adjusted) sit, my initial opinion was\u2026 \u201c<em>the chair seems comfortable, maybe not $1500 comfortable, but comfortable all the same<\/em>.\u201d But as I would find out, first impressions only go so far\u2026<\/p>\n\n<p>Before I get to what I didn\u2019t like about this chair, let me gush about what it gets right. The seat-back is in my mind the best part of this chair. Moving beyond it\u2019s unique and interesting design, the PostureFit \/ BackFit spinal support tech built into the back of this chair feels really good. It not only supports your back in a way that is very comforting but it flexes and moves as you do which helps maintain this support as you change posture or wiggle about in the chair. <strong>But<\/strong>(t)!, (pun intended) the seat itself, the bottom of this chair, is where things begin to fail.<\/p>\n\n<p>The Logitech variant of the Embody chair features an \u201cenhanced gaming seat\u201d, the main feature of which is an added 1\/2-inch layer of copper-infused cooling foam. What\u2019s not to like about a little extra cooling-cush for your tush right? Among the many adjustment options this chair supports, there is the ability to extend the <em>seat depth<\/em>. The problem here is when you extend the seat (which those who are a little taller would likely want to do), the added foam is not extended as well. The result is a very pronounced <strong>end<\/strong> to the foam which may not seem like much when you first sit down but as time passes, I began to <em>feel<\/em> the divide between the normal cushioned part of the chair and the extended, non-cushioned part of the chair. After sitting in the chair a while, I began to feel what seemed like a bar, jutting into my legs and running across the underside of my thighs. It was only after disconnecting the seat flap and inspecting the underside of the seat that I realized it was this exact boundary line where I was feeling the protrusion.<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2021\/hermanmiller\/IMG_1428.jpeg\" alt=\"Seat Flap Foam\" \/><\/p>\n\n<p>The irony here of course is that the <strong>one<\/strong> (functional) added feature made to the Logitech version of this chair, the \u201cenhanced gaming seat\u201d is also the feature which dooms it (in my opinion). Though I haven\u2019t tried the Embody classic, I would suspect it doesn\u2019t suffer this or any similar design flaw. Only after I made this unfortunate discovery did I find reviews of the chair on Herman Miller\u2019s website lamenting the same problem\u2026<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2021\/hermanmiller\/Screen+Shot+2021-02-07+at+1.50.49+AM.png\" alt=\"Review 1\" \/><\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2021\/hermanmiller\/Screen+Shot+2021-02-07+at+1.52.56+AM.png\" alt=\"Review 2\" \/><\/p>\n\n<hr \/>\n\n<p>Backing up for a second. After I determined the chair was uncomfortable due to the \u201cprotruding bar-like sensation\u201d but before I realized why exactly I was feeling that, I contacted Herman Miller support, explaining the discomfort. This is the response I received\u2026<\/p>\n\n<p>\u201c<em>Sorry for the delay. You\u2019re feeling the extra cushion. There is no defect in the chair. That\u2019s just the way the fabric and extra cushion were designed.<\/em>\u201d<\/p>\n\n<p>Well alright then, it\u2019s definitely a feature not a bug!<\/p>\n\n<h3 id=\"pros\">Pros<\/h3>\n<ul>\n  <li>Awesome design. Will definitely look cool in your work-space.<\/li>\n  <li>Ergonomics of the seat-back were really fantastic. Lower-back support and it\u2019s adherence to my spine seemed uniquely impressive.<\/li>\n  <li>The chair is very adjustable. (Arm height and width, back fit, seat depth, seat height, etc\u2026)<\/li>\n  <li>Smaller profile seat-back made swiveling my legs out from under my desk easier as I did not have to push the chair out from under the desk in order to get out of the chair.<\/li>\n<\/ul>\n\n<h3 id=\"cons\">Cons<\/h3>\n<ul>\n  <li>Foam padding does not extend all the way to the front of the chair. This makes sitting in the chair very uncomfortable.<\/li>\n  <li>Seat bottom is generally uncomfortable.<\/li>\n  <li>Arm rests are clunky, a little wonky to adjust and are too easily pushed out or in with accidental pressure.<\/li>\n  <li>The chair is very creaky\/noisy.<\/li>\n<\/ul>\n\n<h1 id=\"an-attempt-to-fix-the-chair\">An Attempt to Fix the Chair<\/h1>\n\n<p>I spent $1500 on this piece and despite Herman Miller\u2019s lack-of-support from their support staff, I still liked enough about it that I felt compelled to try and fix the fundamental flaw plaguing this chair if could. From my previous dissection, I knew I had access to the underside of the seat flap where the built-in padding was. My proposed solution was to buy a <a href=\"https:\/\/www.amazon.com\/gp\/product\/B08D8Z1BJR\/ref=ppx_yo_dt_b_asin_title_o01_s00?ie=UTF8&amp;psc=1\">1\/2 inch-thich foam yoga mat<\/a> and cut a piece of it to fit the portion of the extended seat that was foam-less. You can look in wonder upon this brilliance below\u2026<\/p>\n\n<p><img src=\"https:\/\/shellsharks-images.s3.amazonaws.com\/2021\/hermanmiller\/IMG_1427.jpeg\" alt=\"Extra foam\" \/><\/p>\n\n<p>Unfortunately, even with this addition, after some time I still felt that same uncomfortable divide. Perhaps the newly introduced foam wasn\u2019t quite the same thickness? Or maybe the yoga mat depressed a different amount than the built-in foam? In any case, the chair was still equally uncomfortable. In the end, I take solace in knowing I tried to make it work, but in the end, the <em>enhanced seat cushion<\/em> did not only fail to enhance the chair, it was in fact the dealbreaker. Luckily enough, Herman Miller has a good <a href=\"https:\/\/store.hermanmiller.com\/returns.html?lang=en_US\">return policy<\/a>. Just remember to keep the box and packaging materials it came with!<\/p>\n\n<h1 id=\"moving-on\">Moving On<\/h1>\n\n<p>So my quest continues. After resolving to return the Embody, I did more chair research and stumbled across the oft-reviewed chairs from <a href=\"https:\/\/secretlab.co\">SecretLab<\/a>. Perusing the site, I decided on trying out the <a href=\"https:\/\/secretlab.co\/collections\/titan-series#titan_2020_softweave-charcoal_blue\">Secretlab TITAN<\/a>. I\u2019m actually sitting in this chair as I finish typing out the Embody review! I\u2019ll post an update if this chair ends up being the one for me.<\/p>\n","pubDate":"Fri, 12 Feb 2021 09:50:00 -0500","link":"https:\/\/shellsharks.com\/herman-miller-logitech-embody-review","guid":"https:\/\/shellsharks.com\/herman-miller-logitech-embody-review","category":["life","desksetup","technology","review","life","blog"]},{"title":"A 5 Year Infosec Education Retrospective","description":"<p><em>A look back at 5+ years of infosec training, certifications and completing an entire masters program.<\/em><\/p>\n\n<h1 id=\"jump-to-section\">Jump to Section<\/h1>\n<ul>\n  <li><a href=\"#my-education-journey\">My Education Journey<\/a><\/li>\n  <li><a href=\"#advicestream\">Assorted Advice<\/a><\/li>\n  <li><a href=\"#what-certification-or-training-should-i-take\">What Certification Should You Take?<\/a><\/li>\n  <li><a href=\"#thoughts-on-sans-training-and-giac-certification-exams\">Thoughts on SANS Trainings and GIAC Exams<\/a><\/li>\n  <li><a href=\"#certification-and-training-mini-reviews\">Certification \/ Training Mini-Reviews<\/a><\/li>\n  <li><a href=\"#jhu-masters-in-cybersecurity-review\">Johns Hopkins Cybersecurity Masters Review<\/a><\/li>\n<\/ul>\n\n<h1 id=\"intro\">Intro<\/h1>\n<p>Cybersecurity (a.k.a. Information Security or \u201cinfosec\u201d) is an extremely fast-moving, technical field and one that for many, demands near-constant learning. This makes working in the Cybersecurity field both exciting and <a href=\"https:\/\/www.tripwire.com\/state-of-security\/security-awareness\/dont-let-analysts-burnout\/\">exhausting<\/a>. <a href=\"https:\/\/www.payscale.com\/research\/US\/Job=Information_Security_Analyst\/Salary\">Well above average salaries<\/a> and an <a href=\"https:\/\/www.securitymagazine.com\/articles\/90182-the-cybersecurity-talent-gap-an-industry-crisis\">over-abundance of available jobs<\/a> are just <a href=\"https:\/\/resources.infosecinstitute.com\/10-reasons-why-you-should-pursue-a-career-in-information-security\/\">two of the compelling reasons<\/a> to consider becoming an information security professional. Given the business-critical nature of a security professionals job, these individuals are expected to be highly trained, which (in my experience) typically means certifications, formal training courses and higher education.<\/p>\n\n<p>Infosec is in a bit of a golden age with respect to the <a href=\"https:\/\/shellsharks.com\/online-training#title\">incredible amount of trainings<\/a>, educational programs and online resources which are available, both free and paid, many of which also come with a certification you can sit for. These resources cover a vast array of information security disciplines (e.g. network security, penetration testing, incident response, compliance, etc\u2026), so it can often be overwhelming for both newcomers and veterans to determine where to focus their time, effort and money with respect to getting the best education. To illustrate this point, hop into <a href=\"https:\/\/www.reddit.com\/r\/netsecstudents\/\">r\/netsecstudents<\/a> and it won\u2019t take you long to find post after post asking the same general question - \u201c<em>What certificate\/training should I take.<\/em>\u201d It\u2019s a valid question and one that I\u2019ve asked myself numerous times over the years. Whether we\u2019re trying to improve our resume or gain some new technical capabilities, this question often remains the same.<\/p>\n\n<p>Over the past five years I\u2019ve been fortunate to have been provided a <em>near<\/em>-unlimited training budget and have been even more fortunate to have been given the <em>time<\/em> (both by my company and my family) to pursue these academic and learning interests. In this time I was able to achieve\/complete a <a href=\"#certification-and-training-mini-reviews\">plethora of certifications and training<\/a> classes as well as start and finish a <a href=\"#jhu-masters-in-cybersecurity-review\">Masters degree<\/a>. Having recently completed the <a href=\"https:\/\/ep.jhu.edu\/programs\/cybersecurity\/masters-degree-requirements\/\">degree program<\/a> as well as having achieved the relatively challenging <a href=\"#sec660-advanced-penetration-testing-exploit-writing-and-ethical-hacking-gxpn-sans\">GIAC GXPN<\/a> certification, I wanted to take a look back at the last couple years and answer a few questions\u2026 <em>Would I do anything differently<\/em>? <em>What have I learned<\/em>? <em>Will these achievements actually benefit me professionally<\/em>? <em>What certifications we\u2019re useful<\/em>? I hope that my somewhat unique perspective can help provide guidance to those asking the question, <strong>\u201cWhat certificate\/training should I take?\u201d<\/strong>.<\/p>\n\n<hr \/>\n\n<h1 id=\"my-education-journey\">My Education Journey<\/h1>\n\n<p>I originally set out to become a developer, attending a four-year university as a computer science major. By the end of my <em>5 year<\/em> college run I had switched majors three times, transferred schools and come away not with a CS degree, but with a degree in <strong>information security<\/strong>. Degree in hand, I began my search for an entry-level security position but soon found out that the degree alone was not a compelling enough argument. Companies were looking for individuals with <em>experience<\/em>, even for entry-level positions - something I just didn\u2019t have. For me, certifications provided a means in which to qualify for positions in the absence of having this experience. Back then, and continuing to this day, a certification (more so than even my 4 year degree!) was enough to put a candidate (like myself) over that lack-of-experience obstacle and in front of some hiring managers. In those early days, I self-paid-for and acquired both the <a href=\"https:\/\/www.comptia.org\/certifications\/security\">Security+<\/a> and the <a href=\"https:\/\/www.eccouncil.org\/programs\/certified-ethical-hacker-ceh\/\">CEH<\/a> certifications, both of which directly helped land me positions.<\/p>\n\n<p>Studying for certifications and attending training requires motivation and an aptitude for the technical intricacies of the field - neither of these are out of reach for most. I certainly had a hunger to learn and the educational background\/aptitude to succeed. Given the immediate success of landing positions shortly after having achieved previous certifications, my aim was to seek out other certification opportunities. Unfortunately, certification exams and training courses also (generally) require a good bit of cash. This put many certifications either completely out of reach for me or far enough away that I wasn\u2019t sure the ROI was truly there for me to drop my own money on them. During this time, I bounced around several contract gigs, picking up an assortment of experience, always hoping to land at a company that might be willing to invest in me by way of paying for some trainings\/certs.<\/p>\n\n<p>After a few years I landed at what is my current place of employment and I finally got my wish - a company able and willing to invest in me. So I took full advantage of it. <a href=\"#certification-and-training-mini-reviews\">16+ certifications and countless trainings<\/a>\u2026 when I wasn\u2019t busy with my day job, I was busy with training. Many days, my day job <em>was<\/em> training. I went from one training to the next, one cert to the next, at such a quick pace, I hardly even had time to actually come back, settle in and practice what I had learned. In hindsight, it\u2019s easy to see that I became somewhat addicted to the process. Earlier struggles both finding work in the field and funding a cyber security education gave rise to an insatiable need to learn as much as possible and in parallel, get as many certifications and take as many trainings as possible. Now after these past 5 years, I have plenty of letters, plenty of new skills and some wisdom to share\u2026<\/p>\n\n<hr \/>\n\n<h2 id=\"quick-qa\">Quick Q&amp;A<\/h2>\n\n<ul>\n  <li>\n    <p><strong>Would I have done anything differently?<\/strong> If I could do it all over again, I would take much more time after each training\/certification to really apply newly acquired skills, seeking to truly and permanently absorb what I had learned. I also would have spent more time trying to figure out specifically what area of security I wanted to specialize in, which would have allowed me to carefully craft a tailored training regimen better suited to helping me achieve a more targeted expertise.<\/p>\n  <\/li>\n  <li>\n    <p><strong>So what have I learned?<\/strong> It\u2019s a strange dichotomy, through the course of taking rapid-fire, high-intensity trainings, I was able to learn A LOT of different things very quickly. A side-effect of this however was me forgetting much more than I wanted of what I had learned! Had I been more committed to letting this information soak in through practice and individual research, I may have developed a more robust expertise across these subjects. With this said, I did learn (and absorb) quite a bit. My main areas of focus were penetration testing, vulnerability research, reverse engineering and what I\u2019ll call \u201c<em>general security<\/em>\u201d. To me, general security is a combination of a number of foundational security-relevant disciplines including networking (TCP\/IP), web applications, operating systems, etc\u2026 Between all of the different trainings and courses, I found there was considerable content overlap. I think where I am strongest technically is in these areas of significant overlap. Learning the same thing multiple times (unsurprisingly!) has the effect of really drilling it into the brain.<\/p>\n  <\/li>\n  <li>\n    <p><strong>Will these achievements actually benefit me professionally?<\/strong> This I can\u2019t answer\u2026 <strong>yet<\/strong>. Since I haven\u2019t looked for a new job in the last five years, I haven\u2019t seen what, if anything, my bundle of certs plus Masters degree would be able to do for me out in the job market. More specifically, I\u2019m unsure if these accolades would be beneficial in helping me get to <em>my<\/em> next step, whatever that might be. What I can say is that with each new certification, there is a potential new door that could open (for jobs looking for that specific certification). Though there is certainly diminishing returns with each new cert on a single resume, I have found that recruiters and hiring managers are typically impressed when you have a multitude of them to showcase. I have definitely received many emails from recruiters saying they are very impressed with my certifications and overall experience. So time will tell if they will actually make a difference in any future job searches! At least I can take comfort in knowing my resume will match plenty of certification-related, resume-sourcing keyword searches.<\/p>\n  <\/li>\n  <li>\n    <p><strong>What certifications have proved useful?<\/strong> I\u2019ll answer this in more detail in the <a href=\"#certification-and-training-mini-reviews\">Certification and Training Mini-Reviews<\/a>.<\/p>\n  <\/li>\n  <li>\n    <p><strong>What certification\/training should I take?<\/strong> I\u2019ll get into this in more detail in the section <a href=\"#what-certification-or-training-should-i-take\">What certification\/training should I take?<\/a><\/p>\n  <\/li>\n<\/ul>\n\n<hr \/>\n\n<h2 id=\"advicestream\">Advicestream<\/h2>\n\n<p>Here is my non-contiguous, random collection of certification\/training-related advice\/musings\u2026<\/p>\n\n<ol>\n  <li>Studying for \/ taking certification exams and taking training courses requires <strong>time<\/strong>, <strong>money<\/strong> and <strong>effort\/motivation<\/strong>. Keep this in mind when approaching any potential cert\/training. Make sure you have all three in place before committing to any course\/certification.<\/li>\n  <li>It\u2019s hard to put a price tag on that first cert. For those who are having trouble breaking into the field, a certification may be what tips the scale in your favor. In this case, even an expensive cert (for example, a <a href=\"https:\/\/www.sans.org\/\">SANS<\/a> certification) could in-fact pay off quickly if it helps you land that relatively high-paying junior <a href=\"https:\/\/www.linkedin.com\/salary\/information-security-engineer-salaries-in-united-states\">infosec engineer role<\/a>. Given the high demand for qualified individuals, even entry-level positions can command <a href=\"https:\/\/www.indeed.com\/salaries\/junior-cyber-security-analyst-Salaries\">impressive salaries<\/a>. With respect to certifications specifically, my recommendation for those looking for that breakout role is to research positions that are of interest to you, see what certifications they are expecting (or mandating) that you have, and then figure out how to get it.<\/li>\n  <li>Focus on the <em>journey<\/em>. A certification is nothing more than a piece of paper or a couple of letters behind your name. What matters most is the skills and knowledge you gain while prepping\/training for that cert. Take your time to truly understand the material, acquire a solid foundation of knowledge, one that you can build on top of as you become more advanced. Focusing on simply passing a test rather than just understanding the material will hurt you in the long run.<\/li>\n  <li>\u2026on the thread of \u201cunderstanding the material\u201d, I have a note for those fortunate enough to take a SANS exam (or similarly \u201copen book\u201d exam): A common recommendation for SANS exams (<a href=\"https:\/\/www.sans.org\/security-awareness-training\/blog\/3-tips-successfully-prepare-ssap-exam\">even from SANS themselves<\/a>) is to <a href=\"https:\/\/tisiphone.net\/2015\/08\/18\/giac-testing\/\">create an index<\/a>. <strong>I don\u2019t recommend this<\/strong>. Now i understand people have different test-taking strategies and some people are just innately better at \u201ctaking tests\u201d than others, but I think indexing encourages not really understanding the material, but rather, promotes just searching for the answer come test time. Yes, this may make getting the cert easier, and if that is your goal then so be it! But I urge those who are also interested in retaining the material to not create an index, and in that way, when studying, they aim for a better, more robust understanding. With this said, my personal strategy (I\u2019ve never created an \u201cindex\u201d), is to use the little sticky post-its that SANS provides to mark the different chapters\/sections of the book (as well as any other potentially information-dense areas of the books). In this way, you can still quickly flip to a section of the course material during the test (or when studying!) to help with recalling certain information.<\/li>\n  <li>It\u2019s worth reiterating here, albeit in a different way, <strong>take your time<\/strong>. Focus on the material, attempt to gain true comprehension and don\u2019t seek to just memorize certain data points needed to pass the test. Pay very close attention to the <em>boring<\/em> stuff. Infosec is a broad field with many disciplines but the core concepts of security, networking, computing, etc\u2026. are shared amongst all of these. This means having a very thorough understanding of the basics will help you excel in all areas of security, from compliance to penetration testing.<\/li>\n  <li>Government contract roles (which may be more numerous in certain locales) often look for <a href=\"https:\/\/public.cyber.mil\/cw\/cwmp\/dod-approved-8570-baseline-certifications\/\">specific certifications<\/a>. Obtaining one of these certs is an easy way to immediately qualify for these positions.<\/li>\n  <li>Don\u2019t depend too much on certifications. Yes, a certification <em>may<\/em> be able to help you qualify for a job or get your foot in the door for an interview but often it only goes that far. Your peers will likely not think more of you, your boss will likely not promote you, the work itself will not become easier all by merely getting a certification. Focus on what you can <em>learn<\/em>, the cert is just a bonus.<\/li>\n  <li>Experience has been and will remain king with respect to \u201cproving\u201d your abilities to a prospective employer. Certifications however, can certainly help a candidate get a foot in the door for an interview or even uniquely qualify them for a role that may explicitly require a specific certification.<\/li>\n  <li>Certs, trainings, degrees\u2026 ultimately, they serve one of two distinct purposes (in my opinion). Bolstering a resume and acquiring knowledge\/increasing skills. Remember this when thinking about what you want to pursue next!<\/li>\n  <li>Find a way to expand on what you learned during the course of studying for a certification or attending a training by doing your own independent research. At the point where you feel you really understand the material, you can then run off and sign up for the next thing.<\/li>\n<\/ol>\n\n<hr \/>\n\n<h2 id=\"what-certification-or-training-should-i-take\">What Certification or Training Should I Take?<\/h2>\n<p>Ok, so let\u2019s try to answer this primary question. Let\u2019s approach the answer based on where someone might be in their career or job search. Choose the scenario below which best describes your current standing\u2026<\/p>\n\n<ul>\n  <li>\n    <p><strong>You\u2019re new to Information Security and are looking to get a job<\/strong>: Do some research on what certifications (if any) the jobs you\u2019d be interested in are asking for. (Try popular job search websites like <a href=\"https:\/\/www.monster.com\/\">Monster<\/a>, <a href=\"https:\/\/www.linkedin.com\/\">Linkedin<\/a> and <a href=\"https:\/\/www.indeed.com\/hire\/sem-haj-dual\">Indeed<\/a>, to name a few). Where you find some certification requirement commonality amongst these job reqs, take a look at how you can get that specific cert. If the training, or exam voucher is expensive, take a look at what salary you may expect provided you get the job and calculate your return on investment. You may find that investing in yourself by paying for the cert can pay off in a big way. This methodology is more relevant for junior positions as the certification can stand in place of the lack of professional experience as it <a href=\"#my-education-journey\">did for me<\/a> in my early professional career.<\/p>\n  <\/li>\n  <li>\n    <p><strong>You are currently in a junior role and are looking to advance<\/strong>: I\u2019d recommend a similar approach as above, with the tweak that you will likely be targeting a more advanced certification. Keep in mind though that at this point, unless the job you are looking at is contractually-obligated to supply personnel with certain certifications, it is less likely that a certificate is really what you need to <em>get into<\/em> your next role. Rather, focus more on the experience that is being asked for on the job req you are interested in. If getting a certification can help you obtain that specific experience, then great! Two birds with one stone.<\/p>\n  <\/li>\n  <li>\n    <p><strong>You are a mid-level or senior security professional and are looking to add valuable skills to your resume<\/strong>:  Focus on practical certifications and training that can get you to \u201cexpert\u201d level within a specific knowledge area you may already have some expertise in or that can fill an important gap in your overall knowledge. Keep in mind, there\u2019s <a href=\"https:\/\/shellsharks.com\/online-training#title\">plenty of free and paid training<\/a> out there to help you get there, so don\u2019t immediately default to trying to pay for some expensive certification or training. Do some research and then get learning! Some \u201cdomains\u201d to keep in mind would be web applications, programming\/development, cloud, networking, and incident response. I think focusing more on <em>experience<\/em> you need rather than some certification is more appropriate in this scenario.<\/p>\n  <\/li>\n  <li>\n    <p><strong>You\u2019re interested in getting into penetration testing<\/strong>: Information security as a profession is made up of a lot of unique sub-disciplines. <a href=\"https:\/\/www.rapid7.com\/fundamentals\/penetration-testing\/\">Penetration testing<\/a> (a.k.a. \u201cPentesting\u201d) happens to be one of the more popular aspirations for those entering the field, even though penetration testers as a whole make up only a small fraction of the infosec community. For those interested in infosec, don\u2019t immediately think that pentesting is what is right for you or that it\u2019s the only interesting option. Take your time to research everything else you can do in infosec before committing to the pentest path. However, for those that are truly interested, I highly recommend taking a look at the <a href=\"https:\/\/www.offensive-security.com\/pwk-oscp\/\">PWK\/OSCP<\/a> from <a href=\"https:\/\/www.offensive-security.com\/\">Offensive Security<\/a> and\/or the <a href=\"https:\/\/www.elearnsecurity.com\/course\/penetration_testing\/\">PTP<\/a> from <a href=\"https:\/\/www.elearnsecurity.com\/\">eLearnSecurity<\/a>. Both are practical, lab-based, hands-on certifications with a LOT of good training material. Once completing either of those, I\u2019d recommend checking out the other, more advanced trainings\/certs offered by both Offensive Security and eLearnSecurity. For more info, please check out my reviews for both the <a href=\"#offensive-security-certified-professional-oscp\">PWK\/OSCP<\/a> and <a href=\"#penetration-testing-professional-ecppt-elearnsecurity\">PTP<\/a> courses.<\/p>\n  <\/li>\n  <li>\n    <p><strong>You aren\u2019t sure what security discipline are you interested in yet<\/strong>: I\u2019d reference my initial advice here. If you want a job in infosec go take a look at what certs are being asked for within the job reqs you are interested in. Otherwise, I probably wouldn\u2019t throw money at a random cert (yet!). I also have a guide for those interested in <a href=\"https:\/\/shellsharks.com\/getting-into-information-security#title\">getting into the field<\/a>! If you aren\u2019t sure exactly where you want to go, then don\u2019t sweat it! Get a job anywhere in the infosec field (where you can), and try it out. Maybe you get a SIOC position or a compliance position and do that for a few months. If it\u2019s interesting, pursue it further, if not, pivot somewhere else in the field. A lot of what you\u2019ll learn in one infosec sub-discipline transfers very nicely to any other role in infosec. Finally, feel free to check out my <a href=\"#certification-and-training-mini-reviews\">series of mini-reviews<\/a> covering a large assortment of popular certification\/trainings I have personally taken.<\/p>\n  <\/li>\n  <li>\n    <p><strong>None of these apply and you\u2019re just interested in taking something new<\/strong>: If none of the scenarios really apply to you then maybe peruse my <a href=\"#certification-and-training-mini-reviews\">series of certification\/training mini-reviews<\/a>, take a look at the vast collection of <a href=\"https:\/\/shellsharks.com\/online-training#title\">online education resources<\/a> or even <a href=\"https:\/\/shellsharks.com\/contact\">reach out to me<\/a> for more personalized recommendations!<\/p>\n  <\/li>\n<\/ul>\n\n<hr \/>\n\n<h1 id=\"thoughts-on-sans-training-and-giac-certification-exams\">Thoughts on SANS Training and GIAC Certification Exams<\/h1>\n<p>Given the overwhelming popularity and industry mind-share that this organization, as a security training provider has, coupled with the breadth\/depth of experience I have taking their classes and acquiring their certifications, I wanted to take some time to share my perspective on <a href=\"https:\/\/www.sans.org\/\">SANS<\/a>.<\/p>\n\n<p>I\u2019ll start by saying I have <em>mixed feelings<\/em> overall on SANS. I think their course material is top-notch, their <a href=\"https:\/\/www.sans.org\/profiles\/instructors\/\">instructors<\/a> are world-class, industry-leaders and their network and reach (in terms of how well-known they are) is basically unrivaled. <em>But<\/em>\u2026 they are simply too expensive of an option for most individuals paying out-of-pocket. Secondly, I believe that a sizable majority of the material provided in any given SANS training course is accessible (in some way) online, for free. You need only an Internet connection and the desire to do some research yourself to find it. If not immediately available online you can often find the material in a book or blog post or even a github repo likely also written by the author themselves! So what you are paying for isn\u2019t necessarily the material (which again, is likely available open-source), rather you pay for by signing up for a SANS course is the convenience and the delivery format. From how I see things, the <em>ingredients<\/em> are all readily available. I compare SANS to going to a fancy restaurant and having a world-class chef prepare a meal for you - one you could have made with those same ingredients at home. With some practice, and most if not all of the same ingredients at your disposal, you too can feed your mind the same dish.<\/p>\n\n<p>Before I get into exactly <em>how<\/em> I would recommend you go about giving yourself a SANS education without ever attending a SANS course, let me qualify what I said above with two important points\u2026<\/p>\n\n<p><strong>First<\/strong>, if you get the chance to attend a SANS course, paid-for by your employer, absolutely take them up on this offer. Though I do think in many cases you can replicate SANS course content with free or cheap resources online, actually attending a SANS course is an amazing opportunity and can provide the following\u2026<\/p>\n\n<ul>\n  <li>Learn the material in a quicker, more direct fashion.<\/li>\n  <li>Get immediate help on advanced topics from an industry expert. This can help you get over learning roadblocks faster than you may have otherwise been able to on your own.<\/li>\n  <li>Network with like-minded individuals in your field as well as expert instructors.<\/li>\n  <li>Obtain a certification that is highly regarded in the field and could help you with future job searches.<\/li>\n<\/ul>\n\n<p><strong>Second<\/strong>, though it is becoming harder to recommend due to increasing cost (now $2500, where as only a year or two ago it was closer to $1000), participating in a SANS <a href=\"https:\/\/www.sans.org\/work-study\/\">work study<\/a> can give someone an avenue to attending a SANS training for much cheaper than the normal price (which is over $7000 and can even exceed $8000 after bundling the certification, on-demand materials, etc\u2026). I\u2019ve facilitated on 4 separate occasions and can tell you that overall, it\u2019s a pretty easy gig! You\u2019re asked to assist with conference setup\/teardown as well as some light operational tasking throughout each day (mainly fetching stuff for the instructor if needed and collecting the notorious daily SANS surveys). I think even at the new price, it is still (albeit barely) a decent value, especially for those who are maybe looking for that first cert. As a \u201cfirst cert\u201d possibility, I think SANS is one of the best options for a candidate to make themselves stand out with respect to getting an entry-level position.<\/p>\n\n<p>Ok, so let\u2019s say your employer won\u2019t shell out the cash for a SANS training and you can\u2019t either (nor have you had success getting into the work study). How can you give yourself a SANS-equivalent education yourself? Here\u2019s what I would do\u2026<\/p>\n\n<p>First, figure out what you\u2019re interested in via their <a href=\"https:\/\/www.sans.org\/cyber-security-skills-roadmap?msc=course-list-lp\">Cyber Security Skills Roadmap<\/a>. Figure out where you are technically or where you\u2019d like to be and pick out the certification that is next in your <em>path<\/em>. Next, find the \u201cCourse Syllabus\u201d for the chosen course, for example, <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/network-penetration-testing-ethical-hacking\/\">SEC560: Network Penetration Testing and Ethical Hacking<\/a>. On this page, you can scroll down to the \u201cSyllabus\u201d section and see a relatively in-depth description of the topics covered during each day of the training for that course. Using this syllabus, you can build your own self-paced, self-taught curriculum, for free (or at-least on the cheap), online! Just google each topic and hunt for trainings\/free content online related to that topic. I promise there is much more than you might think and you can find quite a bit of success with this method. This will require some determination, and is certainly more of a <a href=\"https:\/\/www.offensive-security.com\/offsec\/say-try-harder\/\">\u201cTry Harder\u201d<\/a> (more on this in a bit) approach, but where money is short, I believe you can make up for it in this way. If you\u2019re having trouble finding resources online, check out my <a href=\"https:\/\/shellsharks.com\/online-training#title\">list of education resources<\/a>!<\/p>\n\n<hr \/>\n\n<h1 id=\"certification-and-training-mini-reviews\">Certification and Training Mini-Reviews<\/h1>\n\n<p>Having taken and completed each of the trainings\/certifications below, I wanted to provide a quick \u201creview\u201d of what I thought of each course. The reviews aren\u2019t meant to summarize what is covered in these courses but rather give my thoughts on the value of each as well as recommendations or advice for those potentially interested in taking them. These are point-in-time assessments and as such can not reflect any updates to the material since the time I took it.<\/p>\n\n<p><strong>Mini-Reviews Table of Contents<\/strong><\/p>\n\n<ul>\n  <li><a href=\"#tenable-certified-security-engineer-tcse-tenable\">Tenable Certified Security Engineer (TCSE), Tenable<\/a><\/li>\n  <li><a href=\"#core-impact-certified-professional-cicp-core-security\">Core Impact Certified Professional (CICP), Core Security<\/a><\/li>\n  <li><a href=\"#sec560-network-penetration-testing-and-ethical-hacking-gpen-sans\">SEC560: Network Penetration Testing and Ethical Hacking (GPEN), SANS<\/a><\/li>\n  <li><a href=\"#certified-information-system-security-professional-cissp-isc2\">Certified Information System Security Professional (CISSP), ISC2<\/a><\/li>\n  <li><a href=\"#penetration-testing-student-ejpt-elearnsecurity\">Penetration Testing Student (eJPT), eLearnSecurity<\/a><\/li>\n  <li><a href=\"#penetration-testing-professional-ecppt-elearnsecurity\">Penetration Testing Professional (eCPPT), eLearnSecurity<\/a><\/li>\n  <li><a href=\"#sec503-intrusion-detection-in-depth-gcia-sans\">SEC503: Intrusion Detection In-Depth (GCIA), SANS<\/a><\/li>\n  <li><a href=\"#sec573-automating-information-security-with-python-gpyc-sans\">SEC573: Automating Information Security with Python (GPYC), SANS<\/a><\/li>\n  <li><a href=\"#sec575-mobile-device-security-and-ethical-hacking-gmob-sans\">SEC575: Mobile Device Security and Ethical Hacking (GMOB), SANS<\/a><\/li>\n  <li><a href=\"#offensive-security-certified-professional-oscp\">Offensive Security Certified Professional (OSCP)<\/a><\/li>\n  <li><a href=\"#sec504-hacker-tools-techniques-exploits-and-incident-handling-gcih-sans\">SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (GCIH), SANS<\/a><\/li>\n  <li><a href=\"#sec401-security-essentials-gsec-sans\">SEC401: Security Essentials (GSEC), SANS<\/a><\/li>\n  <li><a href=\"#sec542-web-app-penetration-testing-and-ethical-hacking-gwapt-sans\">SEC542: Web App Penetration Testing and Ethical Hacking (GWAPT), SANS<\/a><\/li>\n  <li><a href=\"#for610-reverse-engineering-malware-grem-sans\">FOR610: Reverse-Engineering Malware (GREM), SANS<\/a><\/li>\n  <li><a href=\"#ics515-ics-active-defense-and-incident-response-grid-sans\">ICS515: ICS Active Defense and Incident Response (GRID), SANS<\/a><\/li>\n  <li><a href=\"#sec660-advanced-penetration-testing-exploit-writing-and-ethical-hacking-gxpn-sans\">SEC660: Advanced Penetration Testing, Exploit Writing and Ethical Hacking (GXPN), SANS<\/a><\/li>\n  <li><a href=\"#sec617-wireless-penetration-testing-and-ethical-hacking-gawn-sans\">SEC617: Wireless Penetration Testing and Ethical Hacking (GAWN), SANS<\/a><\/li>\n  <li><a href=\"#aws-certified-solutions-architect-associate\">AWS Certified Solutions Architect Associate<\/a><\/li>\n  <li><a href=\"#aws-certified-security-specialty\">AWS Certified Security Specialty<\/a><\/li>\n  <li><a href=\"#sec588-cloud-penetration-testing-gcpn-sans\">SEC588: Cloud Penetration Testing (GCPN), SANS<\/a><\/li>\n  <li><a href=\"#sec537-practical-osint-analysis-and-automation-sans\">SEC537: Practical OSINT Analysis and Automation, SANS<\/a><\/li>\n  <li><a href=\"#sec460-enterprise-and-cloud--threat-and-vulnerability-assessment-geva-sans\">SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment (GEVA), SANS<\/a><\/li>\n  <li><a href=\"#sec450-blue-team-fundamentals-security-operations-and-analysis-gsoc-sans\">SEC450: Blue Team Fundamentals: Security Operations and Analysis (GSOC), SANS<\/a><\/li>\n  <li><a href=\"#sec487-open-source-intelligence-osint-gathering-and-analysis-gosi-sans\">SEC487: Open-Source Intelligence (OSINT) Gathering and Analysis (GOSI), SANS<\/a><\/li>\n  <li><a href=\"#sec522-application-security-securing-web-apps-apis-and-microservices-gweb-sans\">SEC522: Application Security: Securing Web Apps, APIs, and Microservices (GWEB), SANS<\/a><\/li>\n  <li><a href=\"#mgt512-security-leadership-essentials-for-managers-gslc-sans\">MGT512: Security Leadership Essentials for Managers (GSLC), SANS<\/a><\/li>\n  <li><a href=\"#windows-malware-and-memory-forensics-volatility\">Windows Malware and Memory Forensics, Volatility<\/a><\/li>\n  <li><a href=\"#the-shellcode-lab-black-hat\">The Shellcode Lab<\/a><\/li>\n  <li><a href=\"#sans-sec564-red-team-operations-and-threat-emulation\">SANS SEC564 Red Team Operations and Threat Emulation<\/a><\/li>\n  <li><a href=\"#sans-sec642-advanced-web-app-penetration-testing\">SANS SEC642 Advanced Web App Penetration Testing<\/a><\/li>\n  <li><a href=\"#specterops-adversary-tactics-red-team-operations\">SpecterOps Adversary Tactics: Red Team Operations<\/a><\/li>\n  <li><a href=\"#offensive-security-advanced-windows-exploitation\">Offensive Security Advanced Windows Exploitation<\/a><\/li>\n<\/ul>\n\n<h3 id=\"tenable-certified-security-engineer-tcse-tenable\">Tenable Certified Security Engineer (TCSE), Tenable<\/h3>\n<p><em>Attended: February 2016, TCSE Obtained: February 2016<\/em><\/p>\n\n<p>I don\u2019t believe this training\/certification is still available. Instead, <a href=\"https:\/\/www.tenable.com\/\">Tenable<\/a> has established the <a href=\"https:\/\/www.tenable.com\/education\/on-demand-courses\">Tenable University<\/a> which is home to a number of online courses covering an assortment of topics related to <a href=\"https:\/\/www.tenable.com\/vulnerability-management\">Vulnerability Management<\/a> as well as courses covering the use\/engineering of their suite of tools (namely, <a href=\"https:\/\/www.tenable.com\/products\/nessus\/nessus-professional\">Nessus<\/a>, <a href=\"https:\/\/www.tenable.com\/products\/tenable-io\">Tenable.io<\/a> and <a href=\"https:\/\/www.tenable.com\/products\/tenable-sc\">Tenable.sc<\/a>). What\u2019s more, they even offer certifications you can quickly pick up and put on your resume, all for free! For anyone looking to break into the infosec field or get more into vulnerability management, penetration testing, or offensive security in general, I <strong>highly recommend getting into this alternate material<\/strong>. I personally got my start in the <em>technical<\/em> information security space via Vulnerability Management and attribute my success in large part to what I learned specializing in this area. Every organization is (or should be) doing some form ofVulnerability Management or network vulnerability scanning which means no matter where you go with these skills you will have relevant, applicable experience. I also believe that having a robust understanding of <em>vulnerabilities<\/em> is useful in just about any infosec sub-discipline. Compliance pros need to understand risk, and vulnerabilities represent a large swath of an organizations technical risk-surface. Penetration testers obviously need to understand vulnerabilities as they are typically taking advantage of them as part of their daily job! \u201cBlue-teamers\u201d (e.g. incident responders, forensics, threat hunters, network analysts, etc\u2026) need to understand vulnerabilities since these are generally the soft spots in a network or on a system that the \u201cbad guys\u201d are targeting. Understanding how vulnerabilities manifest themselves, the consequence(s) of exploitation and how to mitigate them is critical for defensive security professionals as well.<\/p>\n\n<h3 id=\"core-impact-certified-professional-cicp-core-security\">Core Impact Certified Professional (CICP), Core Security<\/h3>\n<p><em>Attended: April 2016, CICP Obtained: April 2016<\/em><\/p>\n\n<p>For a brief period of time I got to play around with the powerful (and expensive) <a href=\"https:\/\/www.coresecurity.com\/products\/core-impact\">Core Impact<\/a> exploitation framework. During this time, I traveled to <a href=\"https:\/\/www.coresecurity.com\/\">Core Security<\/a> HQ to take the Core Impact training course, the <a href=\"https:\/\/training.coresecurity.com\/courses\/course-v1:CoreSecurity+CI200x+19_1v1\/about\">CICP<\/a>. Core Impact is a mature, and relatively intuitive tool. This makes user-training (in my opinion) mostly unnecessary. To be clear, this training is centered around <em>using<\/em> the tool, as opposed to actual technical network penetration or exploitation methodology. Save the trip, save the money, this training is <strong>not something I would recommend<\/strong>.<\/p>\n\n<h3 id=\"sec560-network-penetration-testing-and-ethical-hacking-gpen-sans\">SEC560: Network Penetration Testing and Ethical Hacking (GPEN), SANS<\/h3>\n<p><em>Attended: April 2016, GPEN Obtained: April 2016<\/em><\/p>\n\n<p>SANS\u2019 intro to penetration testing course is <a href=\"https:\/\/www.sans.org\/ondemand\/course\/network-penetration-testing-ethical-hacking\">SEC560<\/a>. The course has evolved quite a bit since I took it in 2016 so I won\u2019t speak in-depth to what is covered. For that sort of thing, just search online to <a href=\"https:\/\/www.google.com\/search?q=sans+sec560+review\">find more in-depth reviews<\/a> of the course material. With this said, taking a look at the most up-to-date syllabus you\u2019ll find that this course is chock-full of valuable penetration testing knowledge covering a wide-array of critical pentesting concepts including network reconnaissance, writing reports, scoping engagements, Nmap, Nessus, PowerShell, Metasploit, Veil, Pivoting, Empire, John, Mimikatz, Hydra, Kerberos, Responder, Bloodhound, ZAP, SQLi and more! Despite the material being quite sound in its overall coverage and depth, I believe the format is not ideal for actually learning penetration testing. I say this because penetration testing, especially as someone new to it, is likely dominated by a lot of trial and error. What this means is that you need a lot of time to try something, see if it works, learn why it didn\u2019t and then try again. In other words, having time to fail and in some cases fail a lot, is very valuable. The pace in which SANS courses are conducted is not conducive to this method of learning. The format for labs is a series of individual exercises whereby the student has (in my opinion) their hand held throughout, each step is explained to them in precise detail, the answer is provided in short-order and you are then quickly whisked away to the next part of the lecture. SANS does give you the option during these labs to \u201cnot skip ahead\u201d and see the answer(s) but in reality you likely won\u2019t have time to take this figure-it-out-yourself approach. Being spoon-fed information in this manner is an <em>OK<\/em> way to be introduced to a technique or tool but I feel that later, when you attempt to exercise this knowledge in a practical setting you will likely feel unprepared having not actually practiced what you had learned in any meaningful way.<\/p>\n\n<p>As for the certification, I think it has some benefit on a resume as I have seen plenty of job reqs asking for it. BUT! If you are taking this course you are probably interested in getting a job as an actual penetration tester and as such, I would argue that a lot of companies actually hiring penetration testers are looking for proof the candidate actually has some real, practical, more-robust, hands-on experience which you really just can\u2019t get with this training in it\u2019s current form. For these reasons, I <strong>wouldn\u2019t recommend<\/strong> this course. With this said, SANS <em>is<\/em> slowly moving their certification exams to a <em>slightly<\/em> more <a href=\"https:\/\/www.giac.org\/blog\/hands-on-real-world-testing\">practical format<\/a>. I think this will help with the way those in the field perceive these certifications, especially compared to their more \u201cpractical\u201d brethren such as the <a href=\"https:\/\/www.offensive-security.com\/pwk-oscp\/\">OSCP<\/a>.<\/p>\n\n<h3 id=\"certified-information-system-security-professional-cissp-isc2\">Certified Information System Security Professional (CISSP), ISC2<\/h3>\n<p><em>CISSP Obtained: March 2016<\/em><\/p>\n\n<p>Love it or hate it, the <a href=\"https:\/\/www.isc2.org\/Certifications\/CISSP\">CISSP<\/a> remains one of the industries most recognized and sought after certifications. Those who hold the cert tend to command <a href=\"https:\/\/www.payscale.com\/research\/US\/Certification=Certified_Information_Systems_Security_Professional_(CISSP)\/Salary\">high salaries<\/a> and from what I\u2019ve seen, it seems to just make you more hirable in general. No, it\u2019s not a practical cert and yes, taking the exam is kind of grueling but if you meet the <a href=\"https:\/\/www.isc2.org\/Certifications\/CISSP\/experience-requirements\">pre-requisite qualifications<\/a>, I <strong>definitely recommend<\/strong> going for it. I recommend picking up a CISSP study-book on Amazon (back when I took it I used whatever the latest <a href=\"https:\/\/www.amazon.com\/CISSP-All-One-Guide-Eighth\/dp\/1260142655\">Shon Harris all-in-one guide<\/a> was available) rather than signing up for some expensive boot camp.<\/p>\n\n<p>The exam has undergone some <a href=\"https:\/\/www.isc2.org\/-\/media\/ISC2\/Certifications\/Exam-Outlines\/CISSP-Exam-Outline-121417--Final.ashx\">drastic changes<\/a> since I sat for it in 2016, now being only 3 hours (versus 6) and only have between 100-150 questions (which is far less than previous versions). This shortened format will definitely help those who would normally experience fatigue taking such a long exam. This being said, I will warn you that with less questions comes more weight with each question, so you must exercise a little more care with each question as any incorrect answer will count against you more. When I took the exam i found many questions to be worded poorly (as if not written by a native English speaker) and I often found scenario-based questions to be highly subjective, often looking for the \u201cbest\u201d of several seemingly-equally-correct answers. This is one reason I recommend finding an \u201cofficial\u201d study-guide and reading through it as part of your overall studying regimen, remembering to take any available practice tests that are contained in the book. I found, by reading through these guides, that there was a certain \u201cCISSP\u201d way of answering questions. This way of thinking, when applied to these scenario-based questions will more-often yield the correct answer then if you were to approach it from what I would consider a non-biased point of view. For example, there might be a question that asks you something like \u201c<em>As a security manager for a large banking organization, what is your highest priority?<\/em>\u201d. It will then list a number of possible answers, each of which seems potentially viable but one of the answers will be something about the \u201c<em>physical safety of the employees<\/em>\u201d. Of course the CISSP training wants to drill into your head that human safety is priority number one! Even if that seems somewhat irrelevant to an exam about Cybersecurity.<\/p>\n\n<p>Given the high demand for CISSP-certified professionals, especially in certain job markets, it\u2019s no surprise there are a lot of people, especially those more junior in the field, asking about and looking to take this exam. ISC2 <a href=\"https:\/\/www.isc2.org\/Certifications\/CISSP\/experience-requirements\">requires<\/a> those who sit for the exam to have a minimum of 5 years of (relevant) experience (or optionally 4 years plus a relevant degree) and I think this makes sense. It certainly made my test-taking experience much smoother having this experience to lean on than if i had tried to power-study for it early in my career, having not truly understood and practiced the concepts in a real-world setting. Adding to this, I think I greatly benefited in having an extended background in the \u201csofter\u201d side of security (policy &amp; compliance) early in my career coupled with a recent history in the more technical aspects of infosec. As a certification that attempts to cover basically \u201call of security\u201d, it shouldn\u2019t come as a surprise that having a well-rounded experience would lend itself to being more successful with the exam. To wrap this up, let me just summarize again by saying that I think <em>experience<\/em>, more so than just remembering facts is particularly useful with this certification (I say this relative to other certification exams where I do think you can be successful just cramming facts into your head) given the nature of the scenario-based questions that are asked.<\/p>\n\n<h3 id=\"penetration-testing-student-ejpt-elearnsecurity\">Penetration Testing Student (eJPT), eLearnSecurity<\/h3>\n<p><em>eJPT Obtained: December 2016<\/em><\/p>\n\n<p>The <a href=\"https:\/\/www.elearnsecurity.com\/course\/penetration_testing_student\/\">PTS<\/a> from <a href=\"https:\/\/www.elearnsecurity.com\/\">eLearnSecurity<\/a> is a relatively limited in scope, yet high-value course. With hours of video lectures, practical VPN-based labs and a self-paced style, I found it a really good format for learning this sort of technical material. What\u2019s even better is this course can often be taken for <strong>FREE<\/strong>, as eLearnSecurity has frequently given out vouchers for the course as part of different promotions or for something as simple as attending a free webinar (note that the exam attempt is not typically included with this free voucher). Where you can pick up a free voucher, I <strong>definitely recommend<\/strong> going through the material, especially as a beginner. Otherwise, this course clocks in at about $400 and in this case I just <strong>don\u2019t really recommend<\/strong> it. Again, I think the material is great, but I think your money is better spent on a more comprehensive course like <a href=\"#penetration-testing-professional-ecppt-elearnsecurity\">eLearnSecurity\u2019s PTP<\/a> course or the <a href=\"#offensive-security-certified-professional-oscp\">OSCP<\/a>. In the end, having \u201cPenetration Testing Student\u201d training or a certification titled \u201cJunior Penetration Tester\u201d from the lesser known eLearnSecurity on your resume is not likely to turn a lot of hiring manager\/recruiter heads. You\u2019ll also get a far better curriculum by just spending your money on the more serious courses.<\/p>\n\n<h3 id=\"penetration-testing-professional-ecppt-elearnsecurity\">Penetration Testing Professional (eCPPT), eLearnSecurity<\/h3>\n<p><em>eCPPT Obtained: February 2017<\/em><\/p>\n\n<p>The <a href=\"https:\/\/www.elearnsecurity.com\/course\/penetration_testing\/\">PTP<\/a> is a fantastic offering from the not-so-well-known online training provider <a href=\"https:\/\/www.elearnsecurity.com\/\">eLearnSecurity<\/a>. This course can be thought of as eLearn\u2019s direct competitor to the much more well-known <a href=\"https:\/\/www.offensive-security.com\/pwk-oscp\/\">OSCP<\/a> certification from <a href=\"https:\/\/www.offensive-security.com\/\">Offensive Security<\/a>. The PTP course covers a lot of technical ground including assemblers\/debuggers, shellcoding, network pentesting, PowerShell, Linux exploitation, web apps, WiFi hacking and even has an in-depth ruby for pentesters module. The course material certainly shines in certain spots relative to the OSCP - modules on PowerShell, WiFI security and Ruby are not be found in the PWK curriculum (last I checked). The decision to take the PTP course is likely not made without asking, why should I take this over the PWK\/OSCP? I\u2019ll attempt to make the case for both of these courses, providing my thoughts on each, below.<\/p>\n\n<p>One of the biggest differences between the PTP and the OSCP in my opinion is the expectations of the student. OSCP is (in)famous for forcing its <a href=\"https:\/\/m.youtube.com\/watch?v=qphH73iIaw8\">\u201cTry Harder\u201d<\/a> mentality whereas the PTP takes a different approach. With the PTP, and similarly with other courses offered by eLearn, students are provided focused labs where the student can practice specific skills and techniques, taking a lot of the guesswork and trial-n-error out of the equation. I do think that this approach is a little \u201chand-holdy\u201d which I believe <em>can<\/em> be detrimental to full absorption of the concepts. I found that I <em>failed<\/em> less in achieving the desired outcome within these labs and as a result learned less about the ways things <em>didn\u2019t work<\/em>. Though ultimately far more frustrating, there is a method-to-the-madness with the OSCP approach. Where you are forced to figure it out yourself, I believe you really will learn the material in a much more robust way. You\u2019ll also, as a consequence of having to \u201ctry harder\u201d, frequently end up down rabbit holes where you learn all sorts of stuff that doesn\u2019t end up being applicable to your ultimate solution, but its gained knowledge all the same. All this said, I think the eLearn approach might be better suited to <em>my<\/em> personal learning style. The PTP lab environment, which is essentially a series of individual exercises, each with specific lab systems for that exercise, is a less <em>realistic<\/em> method of practicing penetration testing techniques as compared to the PWK\/OSCP. The PWK\/OSCP sports a large, open, multi-layered, \u201cwild-west\u201d-style lab network, comprised of many different interconnected systems. Having a large heterogenous network such as this is more realistic in terms of simulating an actual network. Where I think the PTP gains back ground on the OSCP is that the exercises\/content\/exam is (in my opinion) far more <em>modern<\/em>. Specifically, you do a lot of hackery in a Windows Active Directory environment with the PTP which I found lacking in the OSCP. Finally, I think the PTP exam unlike the OSCP exam, is a better representation of a realistic (albeit mini-) network in which you need to compromise. This is a little funny considering the OSCP had the far more realistic lab setting but when it comes to the exam they seem to regress. The OSCP is essentially just a series of 5 CTF boxes whereas the PTP requires breaching a machine in a \u201cDMZ\u201d, then pivoting into other internal networks and performing subsequent exploitation.<\/p>\n\n<p>So here\u2019s where I stand on PTP vs OSCP: It\u2019s difficult to recommend one over the other as they both have certain strengths and weaknesses.  I <strong>recommend<\/strong> the PTP for its sheer breadth of awesome material, which is brought more directly to you rather than having to find it yourself. I also think the PTP exam better exercises your ability to do real penetration testing given you actually have to do pivoting (among other things not experienced during the OSCP exam). Another example of how I think the PTP exam excels over the OSCP is the duration and reporting aspect of these exams. It\u2019s not terribly realistic that you would be asked to do a penetration test in 24 hours followed by delivering a full report after an additional 24 hours (which is what is asked of you in the OSCP). In my experience, you will have more time to perform the engagement and provide the deliverables. As such, the PTP exam is a week long, with an additional week to provide the report. I do think the PTP is a great complement to the OSCP though, rather than a \u201cchoose one or the other\u201d. However if you can only choose one, I would still ultimately give the edge to the OSCP. The huge lab environment is both challenging and exhilarating - an amazing playground for an offensive student. Though I think the material is a bit outdated, I think the most important thing taught by the OSCP is the mentality and methodology. You learn, <em>by trying harder<\/em> (and <strong>enumerating a lot<\/strong>), a more realistic way to breach systems and networks. The experience of failure and the determination you must bring to the OSCP fight can\u2019t be understated and it is absolutely a skill you\u2019ll need for real-life penetration testing. Also, and this is probably the most important point, the OSCP is (currently) the far more recognized and sought after certification by hiring managers and recruiters. That alone is reason enough to choose the OSCP over the PTP.<\/p>\n\n<h3 id=\"sec503-intrusion-detection-in-depth-gcia-sans\">SEC503: Intrusion Detection In-Depth (GCIA), SANS<\/h3>\n<p><em>Attended: March 2017, GCIA Obtained: July 2017<\/em><\/p>\n\n<p>Generally speaking, I probably wouldn\u2019t recommend most 500-level <a href=\"https:\/\/www.sans.org\/\">SANS<\/a> courses. <a href=\"#thoughts-on-sans-training-and-giac-certification-exams\">They\u2019re expensive<\/a> and I personally believe you can find most if not all of what is covered in the course searching online. With that said, I think <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/intrusion-detection-in-depth\/\">SEC503<\/a> could be the exception to that rule. Yes, I still think you can find a good bit of this material online, but I think in this case it would be far more difficult to self-administer it. This course, an undeniably \u201cblue\u201d \/ defensive security course, which preps you for the <a href=\"https:\/\/www.giac.org\/certification\/certified-intrusion-analyst-gcia\">GCIA<\/a> exam is by far my favorite SANS course that I have taken - and this is coming from someone who is an offensive security specialist by trade! I credit my infatuation with the course to the following three points.<\/p>\n\n<ol>\n  <li>\n    <p>At the time I took this training, TCP\/IP and general networking concepts were weaker knowledge areas for me, so I really just learned SO MUCH during this course. Much of my early technical focus was on web applications or using certain tools for network penetration testing. I glossed over in those early times, the importance of understanding what is happening at <a href=\"https:\/\/en.wikipedia.org\/wiki\/OSI_model\">layers<\/a> 2-4. This course cleared that up for me <em>and then some<\/em>. This course has two distinct sections (spread out over the course of 5 days of lecture) - traffic analysis and then tooling. As someone more on the \u201coffensive\u201d side, my need to (or desire to) understand a lot of the defensive tooling was certainly minimized back then. Where I found the extreme value, was days one and two where you go deep (and I mean <em>DEEP<\/em>!) into traffic analysis, packet dissection, understanding of protocols, etc\u2026 It is an undeniably dense and information-packed two days but I think one of the best two days of learning I have ever experienced. As for the final 3 days, though I didn\u2019t appreciate it as much then, I now have a much greater appreciation for what was covered. This is a great example of how I discounted certain things early in my career because I didn\u2019t think it was relevant to where I wanted to go professionally. Years later I can see that even as an \u201coffensive specialist\u201d understanding exactly how defender tools (e.g. Snort, Bro\/Zeek, SIEMs, SiLK, NetFlow, etc\u2026) work is extremely important. Whether this be because you are trying to bypass these tools or you are looking to set them up in a home\/test lab so you can practice <em>against<\/em> them - it\u2019s good to know how they work. What\u2019s more, I have found that slotting in, in a perfect, exclusively \u201coffensive\u201d role, where all I do is pentest or red team is easier said than done. More likely, at least in my experience, is you\u2019ll need to have experience (especially in an engineering capacity) with tools across the security space, from red to blue.<\/p>\n  <\/li>\n  <li>\n    <p>The material for this training is fantastic and I think a little more challenging to find for yourself online then perhaps other courses. Sure you could buy yourself a book on TCP\/IP, this of course would be a perfectly acceptable approach to learning some of this material! But, I think the the course content has been perfectly cropped here for both offensive and defensive security professionals alike to get a firm understanding of how to interpret network traffic and leverage a number of well-known industry tools.<\/p>\n  <\/li>\n  <li>\n    <p>My instructor for the course was <a href=\"https:\/\/www.sans.org\/profiles\/jonathan-ham\/\">Jonathan Ham<\/a>. He did such an outstanding job making something as seemingly dry as in-depth packet analysis so interesting.<\/p>\n  <\/li>\n<\/ol>\n\n<p>I still think spending $7000+ is not worth it for any individual paying out-of-pocket but if you do get a chance to take a SANS cert through work, desperately want to pay for a SANS cert yourself or maybe you get accepted to a SANS <a href=\"https:\/\/www.sans.org\/work-study\/\">workstudy<\/a>, I would <strong>highly recommend<\/strong> taking a look at this one.<\/p>\n\n<h3 id=\"sec573-automating-information-security-with-python-gpyc-sans\">SEC573: Automating Information Security with Python (GPYC), SANS<\/h3>\n<p><em>Attended: May 2017, GPYC Obtained: August 2017<\/em><\/p>\n\n<p><strong>Do not spend money on <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/automating-information-security-with-python\/\">this course<\/a><\/strong>. Don\u2019t even let your company spend money on this course. This course isn\u2019t meant to be an \u201cintroduction to python\u201d, yet they spend two straight days painstakingly explaining the basics. For anyone who has even mild experience with Python, this is excruciating. After the first two days, the material definitely gets more interesting, but nothing is covered in these final modules that isn\u2019t equally covered in any number of very cheap books. The book <a href=\"https:\/\/www.amazon.com\/Violent-Python-Cookbook-Penetration-Engineers\/dp\/1597499579\">Violent Python<\/a> is actually handed out in the class (as part of your $7k+ tuition) and has plenty of what is covered in those final three days of lecture. Do yourself a favor and just Google \u201clearn python\u201d and follow a few of the online tutorials. This should satisfy the basics requirement (what is covered in days 1 and 2). From there, buy a \u201cpython hacking\u201d book or two (e.g. The Violent Python book, <a href=\"https:\/\/www.amazon.com\/Black-Hat-Python-Programming-Pentesters\/dp\/1593275900\">Black Hat Python<\/a>, <a href=\"https:\/\/www.amazon.com\/Gray-Hat-Python-Programming-Engineers\/dp\/1593271921\">Gray Hat Python<\/a>, etc\u2026) to learn how to use cool security-related modules (e.g. requests, scapy, struct, sockets, etc\u2026). Here is an <a href=\"https:\/\/realpython.com\/best-python-books\/\">assortment of other books<\/a> that you can use to teach yourself Python. Just please, don\u2019t spend money on this course.<\/p>\n\n<h3 id=\"sec575-mobile-device-security-and-ethical-hacking-gmob-sans\">SEC575: Mobile Device Security and Ethical Hacking (GMOB), SANS<\/h3>\n<p><em>Attended: October 2017, GMOB Obtained: December 2017<\/em><\/p>\n\n<p>I <strong>don\u2019t recommend<\/strong> recommend taking this course. The material is interesting enough but it suffers from the pace in which the mobile world moves. Given the speed in which features are added to the iOS and Android platforms it is difficult to maintain a cutting-edge mobile device hacking course - and it shows. What\u2019s more, its difficult to really demonstrate iOS security concepts given how locked down the platform is and how uncertain it is whether there will be an active <a href=\"https:\/\/en.wikipedia.org\/wiki\/IOS_jailbreaking\">Jailbreak<\/a> (which can be used to install iOS-related security tools and demonstrate other security things). For this reason, this course centers mostly around the Android platform. To this course\u2019s credit though, I did find it pretty cool how much more approachable mobile device hacking\/security was than I had imagined. I think this course is one of SANS\u2019 more neglected offerings in terms of how frequently it is updated and that\u2019s too bad considering how mobile devices have become more a part of everyone\u2019s daily computing lives.<\/p>\n\n<h3 id=\"offensive-security-certified-professional-oscp\">Offensive Security Certified Professional (OSCP)<\/h3>\n<p><em>OSCP Obtained: July 2018<\/em><\/p>\n\n<p>I provide some details on the <a href=\"https:\/\/www.google.com\/search?q=oscp&amp;ie=UTF-8&amp;oe=UTF-8&amp;hl=en-us&amp;client=safari\">OSCP<\/a> in my <a href=\"#penetration-testing-professional-ecppt-elearnsecurity\">review of eLearnSecurity\u2019s PTP course<\/a>, but I will expand on the (PWK) course more here. First, let me say that I <strong>highly recommend<\/strong> this course for all security professionals. I think this is an obvious choice for those looking to get into penetration testing and I would even recommend those in \u201cdefensive\u201d security positions take a look at this course. After all, what better way to understand how to defend then understanding how your systems may be attacked!<\/p>\n\n<p>Ok, so you don\u2019t really need me to tell you that the OSCP is a great certification and the PWK is an excellent course, nor do you really need yet another full OSCP review. After all, there are <a href=\"https:\/\/www.google.com\/search?q=oscp+review&amp;ie=UTF-8&amp;oe=UTF-8&amp;hl=en-us&amp;client=safari\">TONS of reviews<\/a> already out there. Instead, let me list a few thoughts and pieces of advice I have related to the OSCP.<\/p>\n\n<ul>\n  <li>The exam (mostly) forbids the use of exploit frameworks such as <a href=\"https:\/\/www.metasploit.com\/\">Metasploit<\/a> or vulnerability scanners such as <a href=\"https:\/\/www.tenable.com\/products\/nessus\/nessus-professional\">Nessus<\/a>. Many OSCP students take this as a cue to try and get through the entire lab without the use of these sorts of tools. I don\u2019t recommend this. Not because Metasploit or Nessus or similar tools are so useful that they will give you a serious leg up but rather these tools are good to know how to use in general! Why not take the time to learn how to use them? The lab is a fantastic place to try your hand with all sorts of tools and techniques so you should really take full advantage. To compensate however, where you did leverage a tool like Metasploit or Nessus, figure out how you would have exploited a system, or enumerated a system in the absence of these tools. In this way, you\u2019ll still feel fully comfortable come exam time. Don\u2019t NOT use them just because the <em>exam<\/em> dictates you can\u2019t.<\/li>\n  <li>As a clarification, the OSCP (at least when I took it) allowed the use of <em>ONE<\/em> metasploit module (so fire wisely). It also allows you to use the Metasploit session management features (i.e. <a href=\"https:\/\/www.rapid7.com\/db\/modules\/exploit\/multi\/handler\">multi-handler<\/a>), with no limits.<\/li>\n  <li>The PWK lab has a LOT of vulnerable systems, it\u2019s important that you manage and maintain records of what you\u2019ve found on each of these systems including open ports, credentials and other important artifacts. There are any number of tools\/methodologies that can assist in this endeavor but I recommend you take a look at the <a href=\"https:\/\/www.offensive-security.com\/metasploit-unleashed\/using-databases\/\">MSFDB<\/a> functionality offered natively by Metasploit. This can help you keep track of things.<\/li>\n  <li>Take screenshots! Lots of screenshots! You\u2019ll need this for the lab report, you\u2019ll need it for the exam report, you\u2019ll need it for future professional penetration test reports. Screenshots are good, get used to taking them.<\/li>\n  <li>I recommend going through BOTH the PWK PDF and the videos before seriously getting into the lab itself. This is what I did and I found it more comforting to know what Offsec wanted me to know vs what I needed to hunt for myself (as part of their ever-so-fun game of \u201ctry harder\u201d).<\/li>\n  <li>The exam does not require any pivoting. You should absolutely practice this in the lab but won\u2019t need it come test time.<\/li>\n  <li>Don\u2019t worry about pwning every box in the lab. Getting through <em>X<\/em> amount of boxes isn\u2019t a sign that you are ready. I got through about 30 which was more than enough!<\/li>\n  <li>I think the OSCP is mostly a positive experience but I do think that it is very \u201cCTF\u201d-ey. Which is to say, less like hacking a real modern network and more like doing a series of <a href=\"https:\/\/www.hackthebox.eu\/\">hack-the-box<\/a> challenges. Make the most of it though! It can be really fun if you\u2019re in the mindset of learning rather than just \u201cgetting the cert\u201d.<\/li>\n<\/ul>\n\n<h3 id=\"sec504-hacker-tools-techniques-exploits-and-incident-handling-gcih-sans\">SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (GCIH), SANS<\/h3>\n<p><em>GCIH Obtained: December 2018<\/em><\/p>\n\n<p><a href=\"https:\/\/www.sans.org\/cyber-security-courses\/hacker-techniques-exploits-incident-handling\/\">SEC504<\/a> is SANS most popular course. It is designed to be approachable for both semi-experienced professionals as well as to those new to the field and covers both offensive and defensive security domains. I did not actually take the course but I did challenge the <a href=\"http:\/\/www.giac.org\/certification\/certified-incident-handler-gcih\">GCIH<\/a> exam which accompanies the course. Personally (and again, I did not actually take the course), I <strong>would not recommend<\/strong> this course as I think it tries to cover too much ground in too short of time. The course attempts to cover network attacks, incident handling, memory analysis, malware investigations, offensive tooling, network analysis, physical security, network scanning AND web application attacks\u2026 <em>all in 6 days<\/em>. You get a brief intro to each of these topics (the course does have a day with a heavy focus in Incident Handling) but I don\u2019t think it covers any of them at the depth you would want given you payed $7000+ to take the course. Of course given its popularity, if getting this cert helps you land a specific entry-level position, then absolutely go for it!<\/p>\n\n<h3 id=\"sec401-security-essentials-gsec-sans\">SEC401: Security Essentials (GSEC), SANS<\/h3>\n<p><em>GSEC Obtained: February 2019<\/em><\/p>\n\n<p><a href=\"https:\/\/www.sans.org\/cyber-security-courses\/security-essentials-bootcamp-style\/\">SEC401<\/a> is SANS\u2019 \u201cmile wide and an inch deep\u201d course. I like to compare its accompanying cert, the GSEC, to the popular <a href=\"https:\/\/www.isc2.org\/Certifications\/CISSP\">ISC2 CISSP<\/a> certification (which I also <a href=\"#certified-information-system-security-professional-cissp-isc2\">have some thoughts on<\/a>). I did not actually take this course but I did challenge the <a href=\"https:\/\/www.giac.org\/certification\/security-essentials-gsec\">GSEC<\/a> exam. Given the price, I <strong>don\u2019t think I can really recommend<\/strong> this course. If you\u2019re interested in getting a lay-of-the-(infosec)-land, I recommend looking into some free \u201cintro to security\u201d courses online or even looking at study books for the <a href=\"https:\/\/www.comptia.org\/certifications\/security\">Security+<\/a> or <a href=\"https:\/\/www.isc2.org\/Certifications\/CISSP\">CISSP<\/a>. Either of these should get you acquainted enough with the foundational concepts of information security. Both of these (CISSP and Sec+) are also great (cheaper) options for a certification well-respected in the industry. The GSEC certification I don\u2019t think is going to move the needle on impressing any recruiters (no more than the Sec+ or CISSP that is) and the course material is probably easy enough to find online or via some cheap text books.<\/p>\n\n<h3 id=\"sec542-web-app-penetration-testing-and-ethical-hacking-gwapt-sans\">SEC542: Web App Penetration Testing and Ethical Hacking (GWAPT), SANS<\/h3>\n<p><em>GWAPT Obtained: March 2019<\/em><\/p>\n\n<p>This <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/web-app-penetration-testing-ethical-hacking\/\">course<\/a> is an introduction to web-application-specific penetration testing. I did not take the course but I did challenge the accompanying <a href=\"http:\/\/www.giac.org\/certification\/web-application-penetration-tester-gwapt\">GWAPT<\/a> certification exam. Similar to my <a href=\"#sec560-network-penetration-testing-and-ethical-hacking-gpen-sans\">GPEN review<\/a>, I <strong>don\u2019t recommend<\/strong> this course as it doesn\u2019t provide a format conducive to really learning penetration testing. For learning penetration testing, I would recommend a more practical approach. Not that SANS doesn\u2019t have practical exercises and in-training labs, it\u2019s just that these labs fly by so quickly during the course of the training that you really don\u2019t have time to fail, and failing is a great way to learn. Instead I would recommend a more practical course such as the eLearnSecurity <a href=\"https:\/\/www.elearnsecurity.com\/course\/web_application_penetration_testing\/\">WAPT<\/a> course. With the current popularity of \u201cbug bounty hunting\u201d and penetration testing in general, there is certainly an abundance of free or cheap web-application hacking training material out there. The <a href=\"https:\/\/portswigger.net\/web-security\">Web Security Academy<\/a> from the famed <a href=\"https:\/\/portswigger.net\/\">PortSwigger<\/a> (creator of <a href=\"https:\/\/portswigger.net\/burp\">Burp Suite<\/a>) is just one example of this. More examples of free\/cheap online training material for web application penetration testing can be found in my <a href=\"https:\/\/shellsharks.com\/online-training#web-application-security\">guide to free\/online training<\/a>!<\/p>\n\n<h3 id=\"for610-reverse-engineering-malware-grem-sans\">FOR610: Reverse-Engineering Malware (GREM), SANS<\/h3>\n<p><em>Attended: May 2019, GREM Obtained: July 2019<\/em><\/p>\n\n<p>I think this course is fantastic! I took this <a href=\"https:\/\/www.sans.org\/blog\/sans-for610-reverse-engineering-malware-now-with-ghidra\/\">course<\/a> prior to it\u2019s adoption of <a href=\"https:\/\/ghidra-sre.org\/\">Ghidra<\/a> so I can\u2019t speak for the new content but the instructors do a fantastic job getting through some of the trickier concepts (even for those new to the world of reverse-engineering). Unlike other SANS courses, especially penetration testing courses, I felt by the end of this training I could actually do real-world, practical, malware reverse-engineering. I should mention that prior to taking the course, I did have some background in assembly language and reverse-engineering but I still feel that anyone who dutifully gets through all of the material in this class could similarly feel ready to do some real malware reversing. For anyone interested in getting into malware reverse-engineering, I definitely recommend checking this course out. Paying full price for this class however is where I would be a little <strong>hesitant to recommend<\/strong> as I do think there are <a href=\"https:\/\/www.elearnsecurity.com\/course\/category-reverse-engineering\">cheaper options<\/a> out there.<\/p>\n\n<p>I want to reemphasize here that you\u2019re probably best set up to succeed having a little knowledge about assembly (specifically <a href=\"https:\/\/shellsharks.com\/intel-assembly-primer#title\">Intel assembly<\/a>) prior to sitting for this course. This isn\u2019t explicitly listed on the \u201cPrerequisites\u201d section for the course by SANS but having taken this class with a coworker who did not have much experience in this area, watching some of their struggles really emphasized this point. Check out my <a href=\"https:\/\/shellsharks.com\/intel-assembly-primer#title\">primer on intel assembly<\/a> or dive right into <a href=\"https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/articles\/intel-sdm.html\">Intel\u2019s own manuals<\/a> if you are interested in getting prepped!<\/p>\n\n<h3 id=\"ics515-ics-active-defense-and-incident-response-grid-sans\">ICS515: ICS Active Defense and Incident Response (GRID), SANS<\/h3>\n<p><em>Attended: July 2019, GRID Obtained: November 2019<\/em><\/p>\n\n<p>SANS <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/industrial-control-system-active-defense-and-incident-response\/\">ICS515<\/a> is a bit of a niche course, covering incident response techniques as well as knowledge and tooling specific to <a href=\"https:\/\/www.gartner.com\/en\/information-technology\/glossary\/operational-technology-ot\">OT<\/a> environments. First, I\u2019ll say I <strong>probably wouldn\u2019t recommend<\/strong> spending (your own) money on this course. At the point in which I took this course I had already taken 10+ SANS courses and as such, found that this course had a lot of similarities, things seemingly plucked from each of these other courses and made available in this course, albeit with a distinct ICS-flavor. There is a section on asset discovery and network security monitoring (NSM), reminiscent of both the SANS <a href=\"https:\/\/www.sans.org\/event\/san-francisco-spring-2020\/course\/enterprise-threat-vulnerability-assessment: Threat and Vulnerability Assessment\">SEC460<\/a> and SANS <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/intrusion-detection-in-depth\/: Intrusion Detection\">SEC503<\/a> courses. There is a section on Incident Response, which echoes material taught in SANS <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/hacker-techniques-exploits-incident-handling\/ : Incident Handling\">SEC504<\/a>. There is a section titled \u201cThreat and Environment Manipulation\u201d which focuses on ICS malware case-studies as well as malware analysis. This section contains plenty of material from SANS <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/reverse-engineering-malware-malware-analysis-tools-techniques\/ : Reverse Engineering &amp; Malware Analysis\">FOR610<\/a>. The newest content to me (having not taken a course related to it) was covered in day one of the course, focusing specifically on \u201cThreat Intelligence\u201d. Though SANS also has a <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/cyber-threat-intelligence\/\">course dedicated to threat intelligence<\/a>, I found this introduction to threat intel, as applied to ICS environments a good primer on the subject, covering the <a href=\"https:\/\/www.sans.org\/reading-room\/whitepapers\/ICS\/paper\/36297\">(ICS) Cyber Kill Chain<\/a>, <a href=\"https:\/\/apps.nsa.gov\/iaarchive\/programs\/iad-initiatives\/active-cyber-defense.cfm\">Active Defense<\/a>, Intelligence Life-Cycle, <a href=\"https:\/\/www.recordedfuture.com\/diamond-model-intrusion-analysis\">Diamond Model<\/a> and more. Overall, my biggest takeaways from this course were from this first day but having a unique interest in ICS security, I found the entire course pretty fascinating, despite a lot of the material being a rehash of similar content from other courses.<\/p>\n\n<h3 id=\"sec660-advanced-penetration-testing-exploit-writing-and-ethical-hacking-gxpn-sans\">SEC660: Advanced Penetration Testing, Exploit Writing and Ethical Hacking (GXPN), SANS<\/h3>\n<p><em>Attended: November 2019, GXPN Obtained: August 2020<\/em><\/p>\n\n<p><a href=\"https:\/\/www.sans.org\/ondemand\/course\/advanced-penetration-testing-exploits-ethical-hacking\">SEC660<\/a> is SANS advanced penetration testing and intro to exploit writing course. I will echo what I have said about other SANS penetration testing courses and say that I don\u2019t think that the format of this course is ideal for teaching penetration testing. Rapidly going lab-to-lab and lecture-to-lecture, with little time to actually practice the offensive techniques is not a great way to really learn and practice penetration testing. With that said, I do think the topics covered are really good with respect to the more advanced types of network pentesting. Where this class shines in particular is the final two days where you break into exploit writing for both Linux and Windows. Though I think the exercises are a little limited, I do think they are a great introduction to the world of exploit development for these respective platforms. I think for those interested in getting into exploit development, this is a decent place to start (though it is, as usual with SANS, an expensive option). With this said, I think \u201cadvanced network penetration testing\u201d and \u201cexploit development\u201d are really two different disciplines and SANS may have been better served to separate them into two distinct courses. I think a lot of professional penetration testers don\u2019t need to have exploit writing skills and vice versa. In the overwhelming majority of penetration testing engagements, you likely don\u2019t have time to write your own exploits or find zero-days. Conversely though, understanding already-written exploits and thus being able to modify exploit code on the fly is a great skill for your average penetration tester.<\/p>\n\n<p>As part of this \u201cmini-review\u201d, I wanted to share some thoughts on the \u201cpractical\u201d portions of the <a href=\"https:\/\/www.giac.org\/certification\/exploit-researcher-advanced-penetration-tester-gxpn\">GXPN<\/a> exam. Prior to taking on this course, and during the prep-time for the certification, the (partial) practical nature of this certification was something that was always on my mind. It certainly changed the way I prepared for the exam since I knew I\u2019d need to actually put my knowledge to actual use, rather than simply regurgitate\/recall random facts\/concepts as is the case with most other GIAC exams. This exam, unlike most GIAC exams (though they are <a href=\"https:\/\/www.giac.org\/blog\/hands-on-real-world-testing\">moving more exams<\/a> to this partially-practical format) has a small number of questions (6 in my case) which require actually remoting into a lab environment and doing some sort of actual \u201chacking\u201d relevant to the course material. Knowing this, I spent much more time than I had with previous certifications (the advanced nature of the material also was a factor for time-spent studying) prepping for the exam. I expected these questions to be difficult and to be centered primarily around the exploit development\/reverse-engineering (the more challenging) aspects of the course. What I found was that neither of these things ended up being true (at least in my opinion\/experience). The questions were straight-forward (which is not always the case with the multiple-choice, scenario based questions you often find on GIAC exams), relatively easy and did not take that long to complete. I also was surprised to see that the majority of the questions (atleast on my instance of the exam) were not actually related to days 5 and 6 (which cover exploit writing). It\u2019s also important to note that for those questions that were covering days 5 and 6 material, none of them were particularly in-depth. Given the time-constrained nature of the exam, the exam authors can\u2019t expect people to be putting together full ROP chains now can they!? In short, study the material, try to really grasp the concepts for the sake of grasping the concepts - but don\u2019t sweat the practical exam questions, they aren\u2019t that bad!<\/p>\n\n<h3 id=\"sec617-wireless-penetration-testing-and-ethical-hacking-gawn-sans\">SEC617: Wireless Penetration Testing and Ethical Hacking (GAWN), SANS<\/h3>\n<p><em>GAWN Obtained: November 2020<\/em><\/p>\n\n<p>SANS\u2019 advanced <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/wireless-penetration-testing-ethical-hacking\/\">wireless penetration testing course<\/a> offers an amazingly practical introduction to an array of RF technologies and how you can exploit them. This training covers traditional WiFi, DECT, ZigBee, a couple Bluetooth variants, RFID, NFC and even Software Defined Radio (at a high level). Included with the expectedly high entry fee is a box - yes, an entire BOX! - of cool hacking gadgets to use throughout the various hands on labs - bluetooth dongles, SDR, a Raspberry Pi, RFID badge cloner and more\u2026<\/p>\n\n<p>Unfortunately for me, I took this class in 2020 - best known for being an amazingly crappy year on a global level and more specifically, infamous for the global Covid-19 pandemic. For me, this meant taking the class via SANS On-Demand. Up until then, I had never taken an on-demand course from SANS, opting instead for in-person trainings for each of the courses I had taken prior. In a vacuum, I found the on-demand format to be pretty good. The physical books are mailed to you as well as available via your SANS portal as a digital .PDF and the video lectures are pre-recorded, typically by the course author themselves as well as downloadable so you can watch them anywhere. Where the on-demand format falls short, especially for this course is with labs. In typical a classroom setting, the instructor will have set up a physical lab environment in which the students can practice their hacking skills. With a class which requires an active medium (actual ZigBee buzzing around for example) in which to hack, which is not easily delivered in virtual form, the practical components of the course proved far more difficult to exercise. Ultimately, I <strong>do recommend this course<\/strong> for anyone looking to learn more about wireless hacking but I would advise that those interested hold off on taking the course until they are able to do so in a physical classroom setting.<\/p>\n\n<h3 id=\"aws-certified-solutions-architect-associate\">AWS Certified Solutions Architect Associate<\/h3>\n<p><em>Obtained: November 2020<\/em><\/p>\n\n<p>With the help of the online training platform <a href=\"https:\/\/acloudguru.com\">A Cloud Guru<\/a>, I sat for and passed the <a href=\"https:\/\/aws.amazon.com\/certification\/certified-solutions-architect-associate\/\">AWS Certified Solutions Architect Associate<\/a> exam. I give a lot of credit to this training platform for my success and would recommend others interested in taking this exam take a look at signing up. It\u2019s not an overwhelmingly cheap service but it is far more economical than a lot of other training platforms (*cough* SANS *cough*) and the RoI on getting an AWS cert seems to be pretty high these days. The virtual video lectures provide both theoretical instruction as well as hands-on, practical labs that you can follow along with. The instructor, <a href=\"https:\/\/twitter.com\/kroonenburgryan?lang=en\">Ryan Kroonenburg<\/a>, does a great job at walking you through the labs and alerting you if something you spin up in your AWS account would result in you seeing actual charges. The Solutions Architect curriculum is essentially just a high level speed-run of a large number of core AWS services (IAM, S3, EC2, RDS, VPC, ELB, SNS, SQS, Kinesis and Lambda to name a few of the big ones.) You\u2019re expected to know what each of these are at a relatively good technical depth, how they interact and when you would use each of them. The exam questions are mostly scenario-based and at times can be confusing and subjective though typically you can figure out the best answer by slowly using the process of elimination to rule out certain answers that can\u2019t be true due to some small detail contained within the question prompt or the answer itself. I also recommend those who are prepping for the exam to buy some practice exams from a site like <a href=\"https:\/\/www.udemy.com\">Udemy<\/a> as I found these very useful in just getting a feel for what the actual exam questions would be like. At 65 questions and a passing score of 720 (out of 1000), the exam doesn\u2019t leave too much room for error so be sure to really think through each of the scenario-based questions. Given the popularity of \u201cCloud\u201d in modern enterprises, taking training and picking up this certification seemed like a very good idea.<\/p>\n\n<h3 id=\"aws-certified-security-specialty\">AWS Certified Security Specialty<\/h3>\n<p><em>Obtained: December 2020<\/em><\/p>\n\n<p>Shortly after picking up the <a href=\"#aws-certified-solutions-architect-associate\">solutions architect associate<\/a>, I spun up the <a href=\"https:\/\/acloudguru.com\">A Cloud Guru<\/a> video lecture series for the <a href=\"https:\/\/aws.amazon.com\/certification\/certified-security-specialty\/\">AWS Certified Security Specialty<\/a> and began prepping for the security specialty exam. Given this exam was more specific to \u201csecurity\u201d within AWS, and given my extensive security background, I expected this exam to actually be easier than the solutions architect. <em>This assumption proved mostly false<\/em>. Yes, the exam does cover <em>less<\/em> topics and services than the solutions architect exam but the understanding you must have requires quite a bit more technical depth. With this said, I do think my years of security experience came in handy with a few questions. The A Cloud Guru course covers the security aspects of S3, Identity Federation, CloudFront, CloudWatch, CloudTrail, Config, Inspector, Trusted Advisor, VPC, NAT, ELB, WAF, Shield, API Gateway, Athena, Macie, SES, Artifact and Lambda (and maybe a few more) - with a heavy, and I mean <strong>HEAVY<\/strong> focus on both IAM and KMS. I found that well over half of the questions on the security specialty exam asked very challenging, scenario-based questions related to <a href=\"https:\/\/aws.amazon.com\/iam\/\">IAM<\/a> and <a href=\"https:\/\/aws.amazon.com\/kms\/\">KMS<\/a>. Overall, I thought the course from A Cloud Guru was great and I certainly learned a lot. However, having now taken (and <em>luckily<\/em> PASSED) the exam, I can say that this course does not really cover all the topics needed to <strong>comfortably<\/strong> pass the exam. In some cases, more depth seemed to be required, and in other cases, there was simply something not covered at all. I don\u2019t fault A Cloud Guru though as AWS is notorious for adding more and more services and functionality to their platform all the time and the specialty exam DOES recommend that those who sit for the exam have 2 years+ experience securing workloads in AWS. So don\u2019t expect this course to be your one-stop-shop for easily passing this exam. Listed below are some of the gaps I think the course had with respect to the exam questions I encountered as well as some other general tips for what to put emphasis on when studying.<\/p>\n\n<ul>\n  <li>Really understand how to read <a href=\"https:\/\/docs.aws.amazon.com\/IAM\/latest\/UserGuide\/access_policies.html\">IAM policies<\/a>. I found many questions asking me about very specific policy statement syntax. This was doubly true for conditional statements within these policies.<\/li>\n  <li>Though this is covered pretty well by the A Cloud Guru course, it deserves special mention here. REALLY understand how to <a href=\"https:\/\/aws.amazon.com\/premiumsupport\/knowledge-center\/cross-account-access-s3\/\">share S3 buckets cross-account<\/a>. You WILL get several questions asking about this.<\/li>\n  <li>There are a few in-depth questions on <a href=\"https:\/\/aws.amazon.com\/identity\/federation\/\">web identity federation<\/a> not really covered well enough in the course.<\/li>\n  <li>Truly understand the differences between <a href=\"https:\/\/aws.amazon.com\/inspector\/\">Inspector<\/a>, <a href=\"https:\/\/aws.amazon.com\/premiumsupport\/technology\/trusted-advisor\/\">Trusted Advisor<\/a> and <a href=\"https:\/\/aws.amazon.com\/config\/\">Config<\/a>. You will be asked which of these is the right service for a specific objective and I found these questions somewhat challenging. I also thought Config had a particularly heavy focus.<\/li>\n  <li>Understand the <a href=\"https:\/\/medium.com\/awesome-cloud\/aws-difference-between-cloudwatch-and-cloudtrail-16a486f8bc95\">relationship<\/a> between <a href=\"https:\/\/aws.amazon.com\/cloudtrail\/\">CloudTrail<\/a> and <a href=\"https:\/\/docs.aws.amazon.com\/AmazonCloudWatch\/latest\/logs\/WhatIsCloudWatchLogs.html\">CloudWatch Logs<\/a>.<\/li>\n  <li>There were some very specific questions on <a href=\"https:\/\/aws.amazon.com\/cloudhsm\/\">CloudHSM<\/a> I felt weren\u2019t covered well by the course. Try to read some <a href=\"https:\/\/aws.amazon.com\/about-aws\/whats-new\/2018\/07\/aws-cloudhsm-backups-can-now-be-copied-across-regions\/\">AWS documentation on CloudHSM<\/a>.<\/li>\n  <li>KMS, KMS, KMS, KMS. So much <a href=\"https:\/\/aws.amazon.com\/kms\/\">KMS<\/a>. You will be asked <em>like<\/em> 30 questions on KMS. Really understand <a href=\"https:\/\/docs.aws.amazon.com\/kms\/latest\/developerguide\/rotate-keys.html\">key rotation<\/a>, how to provision <a href=\"https:\/\/docs.aws.amazon.com\/kms\/latest\/developerguide\/iam-policies.html\">access to keys<\/a>, <a href=\"https:\/\/docs.aws.amazon.com\/kms\/latest\/developerguide\/determining-access-key-policy.html\">key policies<\/a>, administering keys and everything else to do with KMS. Read the <a href=\"https:\/\/aws.amazon.com\/kms\/faqs\/\">FAQ<\/a>, read the <a href=\"https:\/\/d0.awsstatic.com\/whitepapers\/aws-kms-best-practices.pdf\">whitepapers<\/a>, read everything you can on KMS, understand <a href=\"https:\/\/docs.aws.amazon.com\/kms\/latest\/developerguide\/key-policy-modifying-external-accounts.html\">cross-account KMS access<\/a> and <a href=\"https:\/\/docs.aws.amazon.com\/kms\/latest\/developerguide\/grants.html\">KMS Grants<\/a>.<\/li>\n  <li>I had a question on taking memory dumps from an EC2 instance. <a href=\"https:\/\/www.google.com\/search?client=safari&amp;rls=en&amp;q=ssm+memory+dump+ec2&amp;ie=UTF-8&amp;oe=UTF-8\">I think SSM covers this<\/a>. The course doesn\u2019t get into this I don\u2019t think.<\/li>\n  <li>The course covers this well, but there are a good number of questions related to <a href=\"https:\/\/docs.aws.amazon.com\/vpc\/latest\/userguide\/VPC_Security.html\">Security Groups, NACLs and Route Tables<\/a>. Understand the in\u2019s and out\u2019s (<em>get it?<\/em>) of these controls.<\/li>\n  <li>Understand <a href=\"https:\/\/docs.aws.amazon.com\/lambda\/latest\/dg\/lambda-permissions.html\">Function Policies vs Execution Roles<\/a> for Lambda.<\/li>\n  <li>Understand the <a href=\"https:\/\/aws.amazon.com\/blogs\/security\/aws-federated-authentication-with-active-directory-federation-services-ad-fs\/\">AD Federation<\/a> sequence.<\/li>\n  <li>Read up on <a href=\"https:\/\/docs.aws.amazon.com\/AmazonCloudFront\/latest\/DeveloperGuide\/cnames-and-https-requirements.html\">using certificates with CloudFront<\/a>.<\/li>\n<\/ul>\n\n<p>With all this said, I really enjoyed the course from A Cloud Guru and though I found the exam challenging, I think the questions were relevant and a good exercise of my AWS security knowledge. Remember to take your time with scenario-based questions and really try to rule out questions based on why they CAN\u2019T be the answer. Good luck!<\/p>\n\n<h3 id=\"sec588-cloud-penetration-testing-gcpn-sans\">SEC588: Cloud Penetration Testing (GCPN), SANS<\/h3>\n<p><em>GCPN Obtained: April 2021<\/em> | <em><a href=\"#updated-gcpn-review-8272022\">Attended: August 2022<\/a><\/em><\/p>\n\n<p><strong>Update<\/strong>: This review contains my <em>original<\/em> impressions of the course, I also have an <a href=\"#updated-gcpn-review-8272022\">updated review<\/a> below.<\/p>\n\n<p><a href=\"https:\/\/www.sans.org\">SANS<\/a> continues to <a href=\"https:\/\/www.sans.org\/new-sans-courses\">expand their portfolio of courses<\/a>, and within these new offerings is <strong><a href=\"https:\/\/www.sans.org\/cyber-security-courses\/cloud-penetration-testing\/\">SEC588: Cloud Penetration Testing<\/a><\/strong>. \u201cCloud penetration testing\u201d is at a\u2026 <em>weird<\/em> point in my opinion and I think this is evident in the makeup of this course. SANS does their best to differentiate how \u201ccloud\u201d pentesting is different than traditional network\/webapp pentesting but really, there isn\u2019t <em>that<\/em> much difference and even they admit this within the course material. Sure, the course authors key in on certain things that are more effective in cloud environments for performing reconnaissance and enumeration (among a few other things), but for the most part, nothing <em>really<\/em> changes here as it compares to traditional network\/webapp testing. At the end of the day, you\u2019re still using <a href=\"https:\/\/nmap.org\">Nmap<\/a> for port scanning, <a href=\"https:\/\/www.metasploit.com\">Metasploit<\/a> for payloads, etc\u2026<\/p>\n\n<p>Cloud native applications as defined by the <a href=\"https:\/\/www.cncf.io\">CNCF<\/a> (and as introduced by SANS) heavily leverage containers, <a href=\"https:\/\/www.synopsys.com\/glossary\/what-is-cicd.html\">CI\/CD<\/a> tooling, container orchestration (i.e. <a href=\"https:\/\/kubernetes.io\">Kubernetes<\/a>) and APIs\/microservices. This course spends a good deal of time covering the security and pentesting aspects of these technologies. This is all great stuff but I think a full course on container pentesting - or webapp pentesting which focuses on APIs\/microservices might be better than covering <em>all<\/em> these topics so briefly. The course also seems to heavily favor <a href=\"https:\/\/aws.amazon.com\">AWS<\/a> instead of equally featuring other cloud providers. There is actually <em>one<\/em> day where <a href=\"https:\/\/azure.microsoft.com\">Azure<\/a> is covered but this really feels like only an introduction. Oh and there\u2019s no mention of <a href=\"https:\/\/cloud.google.com\">GCP<\/a> that I can remember at all. By the time you get to Day 5 (Exploitation and Red Team in the Cloud) the course authors really start to run out of ideas as they pivot (literally) from <em>attacking the cloud<\/em> to using the cloud itself to stage attacks from (i.e. <a href=\"https:\/\/github.com\/proxycannon\/proxycannon-ng\">proxycannon<\/a>, cloud-based C2, <a href=\"https:\/\/linux.die.net\/man\/1\/socat\">tcp redirectors<\/a>, etc\u2026) Though this is <em>really cool<\/em> stuff for sure, I think it makes more sense for a <a href=\"#sans-sec564-red-team-operations-and-threat-emulation\">course on red-teaming<\/a> (still waiting on the 6-day redteaming course from SANS!) than it does a cloud pentesting course.<\/p>\n\n<p>Overall, I feel this course introduces a lot of interesting topics but doesn\u2019t cover any at a technical depth that I think they could have in 5 days had they taken out some of the unnecessary things and focused a little more on core material. In the end, I did enjoy the course and <em>was<\/em> able to achieve the <a href=\"https:\/\/www.giac.org\/certification\/cloud-penetration-tester-gcpn\">GCPN certification<\/a> but I <strong>don\u2019t think I would recommend<\/strong> this course to others at this time. Instead, I would suggest those who are interested in learning more about cloud penetration testing take a look at some books on the subject (for example, <a href=\"https:\/\/www.amazon.com\/AWS-Penetration-Testing-Beginners-Metasploit\/dp\/1839216921\">AWS Penetration Testing<\/a>), blog posts or other <a href=\"https:\/\/rhinosecuritylabs.com\/cloud-security\/aws-security-vulnerabilities-perspective\/\">offensive cloud research<\/a> that is only a <a href=\"https:\/\/www.google.com\/?q=cloud%20penetration%20testing\">quick google search<\/a> away.<\/p>\n\n<h6 id=\"updated-gcpn-review-8272022\">Updated GCPN Review (8\/27\/2022)<\/h6>\n\n<p>I had the opportunity to re-take <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/cloud-penetration-testing\/\">this class<\/a>, serving as a virtual Teaching Assistant (<strong>vTA<\/strong>) and I felt a re-review was warranted. Though this class is still <em>definitely<\/em> a mile-wide and an inch-deep in the context of cloud security \/ pentesting \/ etc\u2026 I think a lot of really great updates have been made since I <a href=\"#sec588-cloud-penetration-testing-gcpn-sans\">first sat for the course<\/a>. When I first took the course, I believe I did the <a href=\"https:\/\/www.sans.org\/ondemand\/\">SANS OnDemand<\/a> version, whereas this time I took it via the <a href=\"https:\/\/www.sans.org\/mlp\/live-online-training\/\">Live Online<\/a> format which has the added bonus of being taught <em>live<\/em>, in this case by the course author himself, <a href=\"https:\/\/www.sans.org\/profiles\/moses-frost\/\">Moses Frost<\/a>. <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/\">SANS courses<\/a> are <em>always<\/em> good and I can\u2019t express enough how impressed I always am with the <a href=\"https:\/\/www.sans.org\/profiles\/instructors\/\">instructors<\/a>. They\u2019re of course knowledgeable about the subjects they teach, but moreso they always come prepared with a world of experience and anecdotes about their relevant time as a practictioner in the domain at hand. What you come away with in the end is not only a better grasp on the material, but also a sense of the real world applications of what you just learned. Things seem <em>possible<\/em>, in a way that other eLearning formats fail to capture, as you don\u2019t get the direct \u201cface-to-face\u201d interaction with an educator of a similar caliber. <em>But enough waxing poetic about the instructors<\/em>, let me tell you why I liked the content a bit more than last time.<\/p>\n\n<p><a href=\"https:\/\/www.sans.org\/profiles\/moses-frost\/\">Moses<\/a> admits that this course is stretched a bit thin, as in an ideal world, full 5-6 day courses could easily be constructed for many of the sub-topics contained within this course - <a href=\"https:\/\/aws.amazon.com\">AWS<\/a>, <a href=\"https:\/\/azure.microsoft.com\/\">Azure<\/a>, <a href=\"https:\/\/kubernetes.io\">Kubernetes<\/a>, <a href=\"https:\/\/aws.amazon.com\/lambda\/\">Lambda<\/a>, etc\u2026 At the time of writing this (re)review I don\u2019t have my old books, so I can\u2019t <em>physically<\/em> compare the deltas between the original version of the course and the latest version, but based on my recollection I feel the recon section (<em>Day 1<\/em>) has been modified to better relate to cloud-native-specific applications, a greater focus on attacking IAM is made on Day 2, the overall scope of the class is narrowed to just AWS and Azure (with a better balance between the two) and there were certainly tweaks elsewhere. Between the labs (which I actually took the time to do in this format), the moderately more focused content and the added expertise you get with the Live format, I think I can now safely <strong>recommend<\/strong> this course. It\u2019s still merely an introduction at the end of the day, but I truly feel you come away with a practical set of skills and the information and hunger needed to pursue further learning in the space. Speaking of further learning, I also know that a more advanced version of their cloud pentesting curriculum is on the horizon. Stay tuned for the <em>epic<\/em> sequel, <strong>SEC688<\/strong> - I\u2019ve heard it will not be one to miss!<\/p>\n\n<h3 id=\"sec537-practical-osint-analysis-and-automation-sans\">SEC537: Practical OSINT Analysis and Automation, SANS<\/h3>\n<p><em>Attended: July 2021<\/em><\/p>\n\n<p><a href=\"https:\/\/www.sans.org\">SANS<\/a> has recently stepped up, adding a <a href=\"https:\/\/www.sans.org\/mlp\/new-sans-courses\/\">huge number of new courses<\/a>, many of which are 2-day courses. <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/practical-osint-analysis-and-automation\/\">SEC537: Practical Open-Source Intelligence (OSINT) Analysis and Automation<\/a> is one of these 2-day-ers. This shorter format, when executed well, can provide SANS\u2019 famed, high-density educational material <em>without<\/em> the usual <a href=\"https:\/\/blog.teamascend.com\/drinking-from-the-sans-fire-hose\">mental burnout<\/a> which accompanies a typical 5-6 day, 8+ hours a day SANS course. Many will also benefit from not having to taken an entire week off of work to attend. A shorter class suffers though when material goes off track. With so little time you quickly lose value as there is but two days to cram all the relevant material into the class. I think SEC537 is an <em>excellent<\/em> course and <a href=\"https:\/\/www.sans.org\/profiles\/david-mashburn\/\">David Mashburn<\/a> (who is one of the course authors) did a fantastic job both putting this course together as well as teaching, <em>but<\/em> it does suffer from this latter point. But enough about that, let\u2019s get into the material\u2026<\/p>\n\n<p>Day 1 drops you immediately into a really cool discussion on <a href=\"https:\/\/en.wikipedia.org\/wiki\/Operations_security\">OPSEC<\/a>, covering everything from how to perform overt\/covert\/clandestine work to understanding exactly how your tools work - specifically, knowing what traffic they generate and where that traffic is destined. I would take an entire 6-day course on OPSEC if I could. The day wraps up with a section on image\/video verification which I knew little about prior to the class but can definitely understand it\u2019s OSINT-value now. Day 2 is where I think this class should be tweaked. This day begins with OSINT-relevant <a href=\"https:\/\/www.python.org\">Python<\/a> skilling but then unfortunately nose-dives into a <em>very<\/em> basic \u201cintro-to-Python\u201d lecture. For anyone who knows even basic Python, this section may disappoint. I recommend the intro Python material be moved to an appendix and be something the students learn if necessary as part of an after-hours bootcamp on Day 1. After half the day is spent learning basic Python, the class ends strongly with sections on interacting with the web programmatically (<a href=\"https:\/\/docs.python-requests.org\/en\/master\/\">requests<\/a> module) and performing Data Analysis with Python.<\/p>\n\n<p>Not counting the intro-to-Python chunk, I think this course was one of the more interesting SANS courses I\u2019ve taken (<em>pound for pound, if you will<\/em>). <strong>Quick Note:<\/strong> 2-day courses aren\u2019t accompanied by a cert, so you really need only focus on learning the material. With everything said, this course being a SANS course means one inevitable thing - <em>a high price tag<\/em>. At <strong>$2900<\/strong> for just <em>two<\/em> days, <em>pricey<\/em> is but one word to describe the course. I was fortunate to have taken this class via the <a href=\"https:\/\/www.sans.org\/work-study-program\/\">SANS Workstudy<\/a>, so my wallet was not subjected to the full-wrath of SANS pricing. Overall, I <strong>do recommend<\/strong> this course for the material, you need only find a way to finance it!<\/p>\n\n<h3 id=\"sec460-enterprise-and-cloud--threat-and-vulnerability-assessment-geva-sans\">SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment (GEVA), SANS<\/h3>\n<p><em>Attended: July 2021, GEVA Obtained: August 2021<\/em><\/p>\n\n<p><a href=\"https:\/\/www.sans.org\/cyber-security-courses\/enterprise-cloud-threat-vulnerability-assessment\/\">SEC460<\/a> (<em>Enterprise and Cloud | Threat and Vulnerability Management<\/em>) is the newest edition (<a href=\"https:\/\/www.sans.org\/press\/announcements\/sans-introduces-new-vulnerability-assessment-security-training-course\/\">introduced in mid-2018<\/a>) to the lineage of SANS <em>X60<\/em> courses (i.e. <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/network-penetration-testing-ethical-hacking\/\">SEC560<\/a>, <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/advanced-penetration-testing-exploits-ethical-hacking\/\">SEC660<\/a> and <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/advanced-exploit-development-penetration-testers\/\">SEC760<\/a>), all of which are part of the <a href=\"https:\/\/www.sans.org\/webcasts\/introducing-offensive-operations-117455\/\">recently introduced<\/a> SANS <a href=\"https:\/\/www.sans.org\/offensive-operations\/\">Offensive Operations<\/a> curriculum. <a href=\"https:\/\/www.sans.org\/\">SANS<\/a> course numbering is notoriously wacky but in this case, these four courses describe a pretty realistic progression from <em>VM-to-pentester-to-exploit-developer<\/em> (there are of course many other viable development paths into a career in penetration testing \/ offensive security). SANS courses with a <em>4xx<\/em> designation have traditionally been more elementary in nature and though I think <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/enterprise-cloud-threat-vulnerability-assessment\/\">SEC460<\/a> certainly has some introductory concepts, it is <em>far more<\/em> than its course number lets on.<\/p>\n\n<p>When this course first debuted, I certainly underestimated it - relegating it in my mind as some lowly Vulnerability Management (<a href=\"https:\/\/shellsharks.com\/symphonic-vulnerability-surface-mapping#a-primer-on-vulnerability-management\">VM<\/a>) training that entry-level infosec professionals would take to learn how to run a vulnerability scanner. Despite this, my background in <a href=\"https:\/\/shellsharks.com\/vm-bootcamp#title\">VM<\/a> coupled with my lust for <a href=\"https:\/\/www.sans.org\/blog\/sans-pen-test-challenge-coin-sec460\/\">shiny things<\/a> made me want to take the course anyways. When I got the chance to <a href=\"https:\/\/www.sans.org\/work-study-program\/\">moderate the course<\/a> I could not pass it up. Once in the class, it quickly became evident (within the first few hours of Day 1) that I had vastly miscalculated the content and value of the course.<\/p>\n\n<p>SANS is known for its (<em>expensive<\/em>) high-value content as well as their world-class instructors. This is <em>especially<\/em> true for <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/enterprise-cloud-threat-vulnerability-assessment\/\">SEC460<\/a>. My instructor for the course (and one of the course co-authors) was <a href=\"https:\/\/www.sans.org\/profiles\/matthew-toussain\/\">Matt Toussain<\/a>. Matt (<a href=\"https:\/\/twitter.com\/0sm0s1z\">@Osm0s1z<\/a>) did a truly amazing job both as an instructor as well as on developing the course content. His experience, expertise and professional anecdotes really take the course experience to the next level (in my opinion). <em>Ok, now about the course<\/em>\u2026 Despite what I originally thought, the course covers not only typical <a href=\"https:\/\/shellsharks.com\/symphonic-vulnerability-surface-mapping#a-primer-on-vulnerability-management\">Vulnerability Management<\/a> and network scanning concepts but also covers a variety of other relevant subjects including (<em>but not limited to<\/em>) - <a href=\"https:\/\/docs.microsoft.com\/en-us\/powershell\/scripting\/overview?view=powershell-7.1\">Powershell<\/a>, Cyber Threat Intelligence (<a href=\"https:\/\/www.cisecurity.org\/blog\/what-is-cyber-threat-intelligence\/\">CTI<\/a>), <a href=\"https:\/\/owasp.org\/www-community\/Threat_Modeling\">threat modeling<\/a>, <a href=\"https:\/\/www.recordedfuture.com\/open-source-intelligence-definition\/\">OSINT<\/a>, web application discovery, general reconnaissance, cloud security, Risk Assessment Frameworks (<a href=\"https:\/\/cio-wiki.org\/wiki\/Risk_Assessment_Framework_(RAF)\">RAFs<\/a>), wireless, <a href=\"https:\/\/www.nettitude.com\/us\/penetration-testing\/purple-teaming\/\">purple teaming<\/a> and <a href=\"https:\/\/en.wikipedia.org\/wiki\/Active_Directory\">Windows AD<\/a>. The epiphany comes when you realize that these aren\u2019t \u201cbonus\u201d items or filler material but rather integral knowledge areas for performing comprehensive, modern Threat &amp; Vulnerability Management\/Assessment. Building this course, the authors were faced with the difficult mission of adding a large volume of material in such a way that students were not fed merely surface-level information on important concepts while at the same time not laboring over topics at a depth beyond what is required. This course strikes that balance in a way that I have not seen with almost any other <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/?msc=main-nav\">SANS course<\/a>.<\/p>\n\n<p>I\u2019ve been involved with Vulnerability Management (<a href=\"https:\/\/shellsharks.com\/symphonic-vulnerability-surface-mapping#a-primer-on-vulnerability-management\">VM<\/a>) and\/or Threat and Vulnerability Assessment (T&amp;VA) for almost my entire professional career and I think this course nails 95% of what I\u2019ve personally used to execute in a VM role while also introducing a variety of new things I honestly never knew or thought to use with respect to building\/running a VM program. This course, despite its <a href=\"https:\/\/www.sans.org\/webcasts\/introducing-offensive-operations-117455\/\">age<\/a>, is in my opinion one of the more mature <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/?msc=main-nav\">SANS courses<\/a> available and one <strong>I highly would recommend<\/strong> not only to those new to the field or interested in the offensive security path, but also to more experienced infosec professionals and those in other, non-offensive-security roles.<\/p>\n\n<p><strong>About the GEVA<\/strong>: The certification exam (<a href=\"https:\/\/www.giac.org\/certification\/enterprise-vulnerability-assessor-geva\">GEVA<\/a>) is not too dissimilar from other <a href=\"https:\/\/www.giac.org\/certifications\/focus-areas\">GIAC exams<\/a> - multiple choice and <em>very heavy<\/em> on material which is sourced almost word-for-word from the course books. My only complaint about this course or the cert itself is the over-reliance on terminology that I think is not industry-standard but rather SANS-specific terminology. For example - \u201cTarget Matrix\u201d is a term used to describe the list of potential targets which comes as result of the <em>Discovery<\/em> phase of the Vulnerability Management Framework (VAF). Though this term makes sense, it\u2019s not a term I have seen used before and to my knowledge, not something that is used industry-wide. Unfortunately, this micro-naming of concepts is very important for passing the exam (even if it\u2019s not overly important to remember as an actual practitioner). So, <em>tldr;<\/em> is - make sure you pay attention to SANS terminology as you will be quizzed on it if you sit for the exam!<\/p>\n\n<h3 id=\"sec450-blue-team-fundamentals-security-operations-and-analysis-gsoc-sans\">SEC450: Blue Team Fundamentals: Security Operations and Analysis (GSOC), SANS<\/h3>\n<p><em>Attended: July 2021, GSOC Obtained: September 2021<\/em><\/p>\n\n<p>SANS <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/blue-team-fundamentals-security-operations-analysis\/\">SEC450<\/a> is a truly great course and one I would <em>certainly<\/em> recommend for all security pros on the \u201cblue\u201d side of the house but one I also think would benefit anyone else in infosec as well. My instructor (and the course author) <a href=\"https:\/\/www.sans.org\/profiles\/john-hubbard\/\">John Hubbard<\/a> does a fantastic job combining granular, practical exercises with high level, framework-based educational material. What you receive in the end is an amazingly succinct, yet potently high-value crash course on Security Operations. Day 1 introduces you to a number of high-level topics related to security operations in general. Days 2 and 3 have a lot of the technical meat - protocols, network architectures, endpoint security, logging, kerberos, etc\u2026 Day 4 introduces you to a wealth of security related models (e.g. <a href=\"https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.html\">Cyber Kill Chain<\/a>, <a href=\"https:\/\/www.nist.gov\/cyberframework\">CSF<\/a>, <a href=\"https:\/\/www.threatintel.academy\/diamond\/\">Diamond Model<\/a>, <a href=\"https:\/\/smallwarsjournal.com\/jrnl\/art\/f3ead-opsintel-fusion-\u201cfeeds\u201d-the-sof-targeting-process\">F3EAD<\/a>, etc\u2026) and finally, the entirety of Day 5 is focused on improving as a security professional, something that I think would be a great addendum to every single <a href=\"https:\/\/www.sans.org\">SANS<\/a> course as this section is really subject-agnostic and provides a lot of really high-value content. I think the real value of this course lies in Days 1, 4 and 5. These days gave me a better sense of how interconnected frameworks interlace with the high level concept of \u201coperations\u201d in security. I think many who look at this course may see it as an entry level course for traditional \u201cSOC Analysts\u201d. After sitting through it however, I think it is so much more. If you want to learn how to apply security best principles in an operational environment, regardless of your role, this is the course to take.<\/p>\n\n<p>I don\u2019t have much to say on the <a href=\"https:\/\/www.giac.org\/certification\/security-operations-certified-gsoc\">GSOC<\/a> exam itself other than to say its contents very closely resemble what you find both in the books as well as in the practice exam. The one thing I will say is there seemed to be an inordinate amount of questions about Windows logging despite how small of a section that is overall.<\/p>\n\n<h3 id=\"sec487-open-source-intelligence-osint-gathering-and-analysis-gosi-sans\">SEC487: Open-Source Intelligence (OSINT) Gathering and Analysis (GOSI), SANS<\/h3>\n<p><em>GOSI Obtained: November 2022<\/em><\/p>\n\n<p>I recently challenged the <a href=\"https:\/\/www.giac.org\/certifications\/open-source-intelligence-gosi\/\">GIAC GOSI<\/a> exam (which is the associated certification for the <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/open-source-intelligence-gathering\/\">SANS SEC487<\/a> course). As I didn\u2019t take the full course, I can\u2019t directly comment on how good or bad it is. What I <em>can<\/em> comment on is my exam experience.<\/p>\n\n<p>In general, the course appears to be incredibly comprehensive, stepping through just about every <a href=\"https:\/\/usnwc.libguides.com\/c.php?g=494120&amp;p=3381426\">flavor of OSINT<\/a> (e.g. HUMINT, SIGINT, IMINT, MASINT, FININT, SOCMINT, etc\u2026). If you\u2019re looking for tools, well they got tools - TONS of them! You\u2019re going to want to be ready to bookmark a load of (<em>naturally<\/em>, open-source) tools. Unlike the wider universe of <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/?msc=main-nav\">SANS courses<\/a>, I found this one to have minimal overlap subject-wise with the <a href=\"#certification-and-training-mini-reviews\">many other courses I have taken<\/a>. <em>This is a good thing<\/em>! No matter your experience with OSINT, I think you can <em>immediately<\/em> walk away with some new tricks, new <a href=\"https:\/\/shellsharks.com\/infosec-tools#osint--reconnaissance\">tools<\/a> and a boost to your practical skillset.<\/p>\n\n<p>The exam experience is fairly straight-forward, as most <a href=\"https:\/\/www.giac.org\/how-to-prepare\/\">GIAC exams<\/a> are. My criticism of this test (like many other GIAC tests) is it doesn\u2019t really test you on your practical skills\/technical know-how, but rather tests whether you have memorized stuff from the books. There are a lot of questions like, \u201c<em>what tool is depicted in this picture<\/em>?\u201d or \u201c<em>what tool would you use for X purpose<\/em>?\u201d, then citing some niche website run by some researcher you might of only heard of had you taken the course and had the books on-hand. In the end, I do think this can be a valuable course for those who are interested in this type of work, but be weary of an attempt to challenge the exam!<\/p>\n\n<h3 id=\"sec522-application-security-securing-web-apps-apis-and-microservices-gweb-sans\">SEC522: Application Security: Securing Web Apps, APIs, and Microservices (GWEB), SANS<\/h3>\n<p><em>GWEB Obtained: November 2022<\/em><\/p>\n\n<p>I\u2019ve been an AppSec professional in some form or fashion for nearly 10 years, and in that time I like to <em>think<\/em> I\u2019ve learned a thing or two not only about how to attack and compromise a web app, but also the ways in which to defend against those attacks and better harden said applications. To test this theory, I challenged the <a href=\"https:\/\/www.giac.org\/certifications\/certified-web-application-defender-gweb\/\">GIAC GWEB<\/a> certification (associated with the <a href=\"https:\/\/www.giac.org\/certifications\/certified-web-application-defender-gweb\/\">SANS SEC522<\/a> course.) As I mentioned in my recent <a href=\"#sec487-open-source-intelligence-osint-gathering-and-analysis-gosi-sans\">GOSI review<\/a>, challenging a <a href=\"https:\/\/www.giac.org\/get-certified\/\">SANS\/GIAC exam<\/a> is not for the faint of heart, as in many cases, the questions are sourced directly from the book material, and in these cases are often overly specific, relying on having memorized what was printed over having real practical experience\/knowledge. For this reason, the exams can be somewhat artificially difficult (<em>when bookless<\/em>). I\u2019m pleased to say however, that my experience with the GWEB ran contrary to that trend. Questions <em>were<\/em> much more practical in nature, often worded in a scenario-like form rather than a simple memorization exercise. At times, questions delved <em>beyond<\/em> surface-level understanding, but overall, this exam (and presumably the course as well) remains a mile wide and an inch deep (so to speak), covering everything from HTTP basics, to common attack defenses, AuthN\/AuthZ, web services and beyond. <a href=\"https:\/\/www.sans.org\">SANS<\/a> is known pretty well for their great portfolio of <a href=\"https:\/\/www.sans.org\/offensive-operations\/\">offensive security courses<\/a>, and for good reason! However, this course\u2019s dedication and focus on <strong>defense<\/strong> and architectural best practices makes it somewhat unique and in my mind, <em>quite special<\/em>.<\/p>\n\n<h3 id=\"mgt512-security-leadership-essentials-for-managers-gslc-sans\">MGT512: Security Leadership Essentials for Managers (GSLC), SANS<\/h3>\n<p><em>Attended: August 2022, GSLC Obtained: December 2022<\/em><\/p>\n\n<p><a href=\"https:\/\/www.sans.org\/cyber-security-courses\/security-leadership-essentials-managers\/\">MGT512<\/a> is <a href=\"https:\/\/www.sans.org\">SANS<\/a>\u2019 flagship <a href=\"https:\/\/www.sans.org\/cybersecurity-leadership\/\">management course<\/a> and I\u2019ll start by giving the course a ~<strong>B<\/strong> for staying high-level and \u201cmanagerial\u201d. There are certainly a few sections (<em>looking at you Days 2 &amp; 3<\/em>) where things get a bit overly technical for what I would expect in a course for managers. Then again, wouldn\u2019t it be something to have leaders who had a certain level of technical proficiency? For the course itself, be prepared to think <em>CISO<\/em>, as the typical SANS course week-end CTF is replaced by a <em>week-long<\/em> <a href=\"https:\/\/www.sans.org\/blog\/introducing-the-mgt512-cyber42-security-leadership-simulation\/\">choose-your-own-adventure style game<\/a> where you act as a security leader making decisions for a fictional company. Maintain a practical, <a href=\"https:\/\/www.nist.gov\/cyberframework\">NIST CSF<\/a>-balanced approach to achieve victory, and of course, the <a href=\"https:\/\/shellsharks.com\/captains-log\">challenge coin<\/a>! When you\u2019re not bogged down learning about low-level encryption stuff (or similar technical minutiae), you\u2019re back to big-picture items - learning about the frameworks, policies, program structures and other risk-governed concepts that rule the lives of security leaders everywhere. <em>So is this a good course<\/em>? Hard to say. I personally, didn\u2019t get <em>much<\/em> out of it, but I\u2019ve been in infosec for 12+ years as of writing this mini-review and have spent plenty of time across nearly all infosec disciplines. For managers looking to make sense of it all though, I suspect this would be quality content.<\/p>\n\n<p>For those interested in taking the <a href=\"https:\/\/www.giac.org\/certifications\/security-leadership-gslc\/\">GSLC<\/a> exam, it is very reminiscent of other content-broad exams (e.g. Sec+, CISSP, GSEC, etc\u2026). With a fair amount of scenario-based questions (rather than pure memorization questions GIAC exams are known for), there is certainly some challenge and you should be relatively versed in the days material to achieve a high score. That said, with 3 hours to answer 115 questions, you have ample time to leverage the books in case you need to look up some answers or find references to assist you with a tricky question or two (<em>or 50<\/em>). Interestingly, I found this exam to be a bit more challenging than the usual GIAC exam, but with a passing score of only <em>65%<\/em>, success is pretty easy to come by.<\/p>\n\n<p><strong>*<\/strong> My thanks to <a href=\"https:\/\/www.sans.org\/profiles\/myngoc-nguyen\/\">My-Ngoc Nguyen<\/a>, who kept the course days very lively and fun!<\/p>\n\n<h3 id=\"windows-malware-and-memory-forensics-volatility\">Windows Malware and Memory Forensics, Volatility<\/h3>\n<p><em>Attended: October 2016<\/em><\/p>\n\n<p>I took this <a href=\"https:\/\/www.memoryanalysis.net\/memory-forensics-training\">course<\/a> at a point in time where I was seriously unprepared for it. For this reason, I can\u2019t really give a recommendation on the course itself. However, I will say that before you consider taking this course, you are going to want to pay close attention to Volatility\u2019s <a href=\"https:\/\/www.memoryanalysis.net\/memory-forensics-training#prerequisites\">expected prerequisites<\/a>. This class is not for the faint of heart and requires some serious pre-requisite knowledge.<\/p>\n\n<p>I wanted to add here that though I didn\u2019t learn <a href=\"https:\/\/github.com\/volatilityfoundation\/volatility\">Volatility<\/a> nearly as well as I had hoped during the course, having been severely underprepared for the course at the time I took it, I did have a lot of fun using <a href=\"https:\/\/docs.microsoft.com\/en-us\/sysinternals\/downloads\/strings\">strings<\/a> to conquer WAY too many of the CTF questions on the final day. Don\u2019t discount the power of Strings and GREP!<\/p>\n\n<h3 id=\"the-shellcode-lab-black-hat\">The Shellcode Lab, Black Hat<\/h3>\n<p><em>Attended: July 2017<\/em><\/p>\n\n<p>I took this <a href=\"https:\/\/www.blackhat.com\/us-18\/training\/the-shellcode-lab.html\">course<\/a> while at Blackhat one year and came away really impressed. It\u2019s one of those courses that takes what seems to be a pretty advanced and relatively opaque subject and makes it very approachable. By the end of those course I felt I had acquired a lot of practical skills. I recommend anyone interested in this class to have some familiarity with <a href=\"https:\/\/shellsharks.com\/intel-assembly-primer#title\">Intel assembly<\/a> but after that, I think its relatively approachable and <strong>definitely recommended<\/strong>!<\/p>\n\n<h3 id=\"sans-sec564-red-team-operations-and-threat-emulation\">SANS SEC564 Red Team Operations and Threat Emulation<\/h3>\n<p><em>Attended: March 2018<\/em><\/p>\n\n<p><a href=\"https:\/\/www.redteamsecure.com\/blog\/what-is-red-teaming-and-why-do-i-need-it-2\/\">Red Teaming<\/a> is one of the apex disciplines of the Cybersecurity field. <a href=\"https:\/\/www.sans.org\/\">SANS<\/a>, as one of the premier cyber security education providers in the world offers only a <a href=\"https:\/\/www.sans.org\/cyber-security-courses\/red-team-exercises-adversary-emulation\/\">two-day course<\/a> covering the subject. This speaks to the <em>niche-ness<\/em> of Red Teaming as well as it\u2019s advanced nature. This course, formerly taught and authored-by <a href=\"https:\/\/twitter.com\/joevest\">Joe Vest<\/a> (the course author is now <a href=\"https:\/\/twitter.com\/jorgeorchilles\">Jorge Orchilles<\/a>, creator of the <a href=\"https:\/\/www.thec2matrix.com\/\">C2Matrix<\/a>) is one of the best, most-concise introductions to Red Teaming I have found and would be valuable for anyone who is looking to stand up a Red Team practice at their organization. Being a SANS course, the price is still steep, but at only two days and given the fact that <em>your organization should really be paying for you to take the course<\/em>, I <strong>definitely recommend<\/strong> it. It is important to note that this course is <strong>NOT<\/strong> technical in nature. It certainly won\u2019t get into the gritty technical aspects of red teaming, nor does it really explain with any sort of technical depth, the nature of standing up any sort of red team infrastructure. For this, I recommend taking a look at the <a href=\"#specterops-adversary-tactics-red-team-operations\">SpecterOps Adversary Tactics: Red Team Operations<\/a> training. With this said, I think performing successful red team engagements requires a thorough understanding of what red teaming really is, especially compared to traditional penetration testing, as well as an understanding of all the moving parts, players, stakeholders etc\u2026 This course will help you achieve that understanding.<\/p>\n\n<h3 id=\"sans-sec642-advanced-web-app-penetration-testing\">SANS SEC642 Advanced Web App Penetration Testing<\/h3>\n<p><em>Attended: May 2018<\/em><\/p>\n\n<p>SANS\u2019 top tier web-app specific penetration testing <a href=\"https:\/\/www.sans.org\/ondemand\/course\/advanced-web-app-penetration-testing-ethical-hacking\">course<\/a> is a bit hit-and-miss in my opinion. The problem with any \u201cadvanced\u201d course is that it\u2019s really difficult, in any 6 day period (which is the length of your typically full SANS course) to cover even a small fraction of the known techniques applicable to any specific penetration testing discipline, in this case web application penetration testing. Given everything that could be covered, SANS authors decided on SQLi, XSS, File Inclusions, XSRF, attacks specific to some web frameworks, crypto attacks, some WAF bypass stuff, and a little bit on Flash, SOAP, WebSockets and HTTP\/2. This list obviously misses a gigantic swath of the web attack surface and even within this list itself these concepts are only barely touched. By far the most interesting day (for me) was the day on crypto-attacks but even that I\u2019m skeptical as to the real practicality of what I learned. I\u2019m not saying I didn\u2019t learn anything useful in 6 days, but I think anyone at the stage in their career where they are interested in \u201cadvanced web application penetration testing\u201d is better off with other educational mediums. You could probably learn more in 6 days just <a href=\"https:\/\/pentester.land\/list-of-bug-bounty-writeups.html\">reading bug bounty writeups<\/a> for example! An added negative is that this course currently does not offer a certification, so at the end of the day, you\u2019re really only taking this course for its content - and at $7k+, I think <strong>you\u2019re money is better spent elsewhere<\/strong>.<\/p>\n\n<p><strong>Update<\/strong>: Looks like this course is now <a href=\"https:\/\/shellsharks.com\/captains-log\/2022\/08\/27\/log#what-im-learning\">officially deprecated<\/a> (<em>for now<\/em>). <strong>RIP<\/strong>.<\/p>\n\n<h3 id=\"specterops-adversary-tactics-red-team-operations\">SpecterOps Adversary Tactics: Red Team Operations<\/h3>\n<p><em>Attended: June 2018<\/em><\/p>\n\n<p><a href=\"https:\/\/specterops.io\/\">SpecterOps<\/a> is a (primarily offensive) security consulting company specializing in (bleeding-edge) research, assessments and training. Prior to taking their <a href=\"https:\/\/specterops.io\/how-we-help\/training-offerings\/adversary-tactics-red-team-operations\">Red Team Operations course<\/a>, I was familiar with them as the creators of both <a href=\"http:\/\/www.powershellempire.com\/?page_id=83\">Empire<\/a> and <a href=\"https:\/\/bloodhound.readthedocs.io\/en\/latest\/\">BloodHound<\/a>. For a four day course on what is a very advanced, and very broad subject - I think the Red Team Operations course is outstanding. It covers both managerial and technical aspects of Red Teaming, everything from initial access operations (IAO) and establishing C2 to persistence, privesc and pivoting, all while in a modern, Windows-based AD environment. Within the labs you\u2019ll get real, practical experience with the tools of the trade (e.g. Cobalt Strike) and modern techniques. With this said, I don\u2019t think this course alone can take someone who isn\u2019t already a red teamer and make them one over the course of four days. Even as deep as this course gets, the nature of Red Teaming is one that requires breadth and depth far beyond what this course can offer. For this reason, <strong>I recommend<\/strong> this course for those who already possess a moderate to advanced penetration testing background or those with entry-level experience in red teaming. I\u2019ll also point out that this training is useful (as is most trainings) only if you have the ability to practice what you\u2019ve learned after-the-fact. Unlike a lot of other security disciplines, <em>adversary emulation<\/em> is difficult to \u201cpractice\u201d in a lab environment, you need both a legally-appropriate and willing test-subject. This means your best-off if you are already part of an internal red team or are looking to stand one up at your organization. Without this in place, I don\u2019t recommend taking the course.<\/p>\n\n<h3 id=\"offensive-security-advanced-windows-exploitation\">Offensive Security Advanced Windows Exploitation<\/h3>\n<p><em>Attended: August 2019<\/em><\/p>\n\n<p>The <a href=\"https:\/\/www.offensive-security.com\/awe-osee\/\">AWE<\/a> is <a href=\"https:\/\/www.offensive-security.com\/\">Offensive Security\u2019s<\/a> most difficult and arguably most prestigious certification, focusing exclusively on advanced, modern, Windows exploit development. With an interest in vulnerability research and thus an interest in exploit development, coupled with <em>some<\/em> experience in exploit writing and reverse engineering I decided to sign up and make my way through the course. Offered only in-person at the yearly <a href=\"https:\/\/www.blackhat.com\/us-20\/\">Black Hat<\/a> security conference and with very limited seats available, I was lucky to have been given the chance.<\/p>\n\n<p>Now I will admit that at the time I sat for this course my exploit development skills and experience were certainly more on the beginner-side but based on my observations of other students in the class, I can say with no doubt, that this course is every bit as mind-melting and challenging as you might expect or have read in other reviews, even for those with far more experience than I. In hind-sight, I\u2019m comfortable enough to say that I was out of my depth and would have been better served taking the course after I had a little more experience. But perhaps more importantly, I should have waited to take the course for when i was truly ready both mentally and professionally, to dive fully into the world of vulnerability research and exploit development.<\/p>\n\n<p>This takes me to my advice for those thinking about enrolling. If you aren\u2019t already a vulnerability researcher, penetration tester, exploit developer or aren\u2019t thinking about making the shift into that realm in the near-ish future, I probably would not sign up for the course. Without a good amount of preexisting experience or knowledge, theres a decent chance the material will fly over your head. But also, if you don\u2019t plan on exercising what you\u2019ve learned in short order, your unlikely to retain a lot of the information, nor will you be able to properly study for and take the extremely challenging <a href=\"https:\/\/theevilbit.blogspot.com\/2015\/09\/offensive-security-advanced-windows.html\">OSEE<\/a> certification. With all this said, I do think that for those that are mentally (and emotionally) prepared, this course could really help someone push themselves further into modern exploit development and vulnerability research.<\/p>\n\n<hr \/>\n\n<h1 id=\"jhu-masters-in-cybersecurity-review\">JHU Masters in Cybersecurity Review<\/h1>\n<p>Starting in mid-2016 and finishing up almost exactly 4 years later in 2020, I <em>finally<\/em> completed my Masters degree at Johns Hopkins University, achieving an MS in Cybersecurity. This <a href=\"https:\/\/ep.jhu.edu\/programs-and-courses\/programs\/cybersecurity\">program<\/a> proved both challenging and rewarding as well as at times disappointing and even quite useless. I want to say early on in this review that I don\u2019t recommend people sign up and self-pay for <em>any<\/em> Cybersecurity masters degree. I don\u2019t think in the infosec industry, there is any significant professional value with having a masters, outside of maybe qualifying for some manager roles. This is especially true given the time and money you must invest to even get a masters degree. They are expensive and in most cases, it seems that having a certification or two will more than satisfy contractual, HR or hiring manager requirements. In my case, my company was willing to foot the bill for the program and seeing the opportunity, I decided why not!? I of course fully recommend taking advantage of free, employer-sponsored training wherever possible.<\/p>\n\n<p>So how did I decide on the JHU program? Since I would still be working full time I needed to limit my choices to online programs only. Preferably as well, I wanted to choose an institution that was close by in the event that I needed to go on-campus for some reason, either to speak with a professor, collaborate with fellow students or take a class only offered on-premise. Living in the northern Virginia\/DC metro area this still left me with a good number of options. With these requirements in mind I considered the following programs, <a href=\"https:\/\/www.umgc.edu\/academic-programs\/cyber-security\/index.cfm\">University of Maryland University College (UMUC)<\/a>, <a href=\"https:\/\/mage.umd.edu\/cybersecurity\">University of Maryland (UMD)<\/a>, <a href=\"https:\/\/ep.jhu.edu\/programs\/cybersecurity\/\">Johns Hopkins University (JHU)<\/a>, <a href=\"https:\/\/www.sans.edu\/academics\/degrees\/msise\">SANS Technology Institute<\/a> and <a href=\"https:\/\/volgenau.gmu.edu\/expertise\/cybersecurity\">George Mason University<\/a>. I won\u2019t get into all the small decisions that ultimately led to me choosing the JHU program but in general I chose it for three reasons.<\/p>\n\n<ul>\n  <li>First, and most importantly, I liked the <a href=\"https:\/\/ep.jhu.edu\/programs\/cybersecurity\/courses\/\">available courses<\/a> more so than any other program. Namely, I was interested in the <a href=\"https:\/\/ep.jhu.edu\/courses\/reverse-engineering-and-vulnerability-analysis\/\">reverse engineering course<\/a>, <a href=\"https:\/\/ep.jhu.edu\/courses\/software-development-for-real-time-embedded-systems\/\">embedded systems course<\/a> and the <a href=\"https:\/\/ep.jhu.edu\/courses\/cyber-physical\/\">cyber physical systems course<\/a>. My primary focus with this degree was to focus on the learning aspects rather than just the idea of having a masters degree for my resume.<\/li>\n  <li>Second, after some research, it looked like the JHU program was <a href=\"https:\/\/www.bestcolleges.com\/features\/top-online-masters-in-cybersecurity-programs\/\">rated very high if not the highest among online Cybersecurity masters programs<\/a>. I took this as a sign that this would be the best bet in terms of getting a high-quality, masters-level Cybersecurity education.<\/li>\n  <li>Third, I felt that Johns Hopkins had a particular prestige, especially in my area, and that having a degree from there would look good on my resume.<\/li>\n<\/ul>\n\n<p>So how were the Masters classes? Well first, prior to getting accepted \u201cofficially\u201d into the Masters program I needed to take a few additional pre-requisite courses. This included a <a href=\"https:\/\/ep.jhu.edu\/courses\/intro-to-programming-using-java\/\">Java class<\/a>, a course in <a href=\"https:\/\/ep.jhu.edu\/courses\/data-structures\/\">Data Structures<\/a> and a course in <a href=\"https:\/\/ep.jhu.edu\/courses\/computer-organization\/\">\u201cComputer Organization\u201d<\/a> (<a href=\"https:\/\/ep.jhu.edu\/courses\/discrete-mathematics\/\">Discrete Mathematics<\/a> and <a href=\"https:\/\/ep.jhu.edu\/courses\/introduction-to-python\/\">Python<\/a> are also required pre-reqs but I had already satisfied these through undergraduate and professional work). All three of these courses were great additions to what was my overall masters curriculum and interestingly enough, three of my favorite courses I took over the course of getting the degree, despite none of them actually be masters courses (they were bachelor-level courses). The Java course is self explanatory, it was simply a beginner-to-intermediate-level course in Java programming. The Data Structures course I found fascinating and pretty invaluable. To this day I still use the concepts I learned in this class for both my personal\/professional development efforts as well as for understanding concepts related to modern operating systems, memory, reverse engineering, etc\u2026 The Computer Organization course was primarily centered around assembly programming. This has proven to be very useful foundational knowledge for my forays into reverse engineering, exploit development and general security research.<\/p>\n\n<p>Once I finished the necessary pre-reqs I was formally accepted into the Masters program and now needed to complete the 10 Masters courses. Three of these are mandatory courses - <a href=\"https:\/\/ep.jhu.edu\/courses\/foundations-of-algorithms\/\">Foundations of Algorithms<\/a>, <a href=\"https:\/\/ep.jhu.edu\/courses\/foundations-of-information-assurance\/\">Foundations of Information Assurance<\/a> and <a href=\"https:\/\/ep.jhu.edu\/courses\/cryptology\/\">Cryptology<\/a>. Foundations of Algorithms is advertised as the sequel to Data Structures and maybe in theory it is, but I found the class (and I can not stress this enough) completely useless, entirely opaque, and overtly difficult. In fact, the professor even suggested, during an office hours one night, that the class did not make sense for anyone who wasn\u2019t in applied mathematics or certain (more abstract) disciplines of computer science. The course content, assignments and projects were all nearly impossible to follow, to the point where the professor would essentially just give us the answers since he knew how difficult the material was. Overall this class was a complete dud, in all respects. It was a waste of my time and I learned absolutely nothing. Unfortunately, it was required and therefore I could not get out of it, nor can anyone else in this program. Moving on\u2026 The \u201cFoundations of Information Assurance\u201d course was your typical \u201cintro to information security\u201d type stuff. Given my experience in the field, I did not personally get much value out of this course. Now if you had less experience in the field or are coming into this Masters program fresh out of your undergrad or early enough in your Cybersecurity career, I can definitely see how this class would prove beneficial to building your understanding of the fundamentals of infosec. So again, kind of a dud for me. The third and final mandatory class was in Cryptology. This class, unlike the first two, I found challenging, interesting, relevant and worthy of the Cybersecurity masters class designation. This was a highly technical class where you really are taught how modern ciphers work, the mathematical principles that are the groundwork of these cryptological constructs and are even taught cryptoanalytic techniques. My word of warning for those who are getting ready for this course is to take it seriously, not only because it is challenging but because it is information dense and it is knowledge you really are going to want to try and commit to memory as best you can.<\/p>\n\n<p>In addition to the three required classes, I needed to choose seven electives from their <a href=\"https:\/\/ep.jhu.edu\/programs\/cybersecurity\/courses\/\">catalog of courses<\/a>. The seven I chose are listed below (in the order I took them).<\/p>\n\n<h2 id=\"elective-classes\">Elective Classes<\/h2>\n<ul>\n  <li><a href=\"#principles-of-data-communications\">Principles of Data Communications<\/a><\/li>\n  <li><a href=\"#embedded-computer-systems\">Embedded Computer Systems<\/a><\/li>\n  <li><a href=\"#software-development-for-real-time-embedded-systems\">Software Development for Real-Time Embedded Systems<\/a><\/li>\n  <li><a href=\"#reverse-engineering-and-vulnerability-analysis\">Reverse Engineering and Vulnerability Analysis<\/a><\/li>\n  <li><a href=\"#operating-systems\">Operating Systems<\/a><\/li>\n  <li><a href=\"#web-security\">Web Security<\/a><\/li>\n  <li><a href=\"#intrusion-detection\">Intrusion Detection<\/a><\/li>\n<\/ul>\n\n<p>I\u2019d like to quickly review and give my thoughts on each of these below\u2026<\/p>\n\n<h3 id=\"principles-of-data-communications\">Principles of Data Communications<\/h3>\n<p>One of the primary things I hoped to get out of experience with this Masters program was to get a deeper, more robust understanding of TCP\/IP and computer networking. I wanted to understand these concepts from a purely academic perspective, rather than an applied one as I had received via an assortment of training courses (such as the <a href=\"#sec503-intrusion-detection-in-depth-gcia-sans\">SANS course SEC503<\/a>). JHU offers a variety of courses related to this domain, all of which required this course, <a href=\"https:\/\/ep.jhu.edu\/courses\/principles-of-data-communications-networks\/\">Principles of Data Communications<\/a>, to be taken as a pre-req. This course primarily covers the Layer 1 (physical layer) aspects of network communications focusing on topics such as digital vs analog encoding, multiplexing, signaling, error-detection, data compression and more advanced topics. Though I found this course very interesting, I think it was a little TOO low level for what I was looking for. I would need to take a different class to cover networking concepts related to <a href=\"https:\/\/en.wikipedia.org\/wiki\/OSI_model\">layers<\/a> 2-4 which was after all, my primary interest in taking this class in the first place. Ultimately, I only recommend this course for those who really want to know these low level mechanics. Then again, this course is also a pre-req for almost all other courses in the networking track for this degree program so you may have to take it regardless if you have your eyes set on something which requires it.<\/p>\n\n<p>Unfortunately, out of the 6 other electives I chose from here, none of them actually ended up being one of the classes that would focus more on networking or TCP\/IP! Oh well, sometimes even the best-laid plans go awry.<\/p>\n\n<h3 id=\"embedded-computer-systems\">Embedded Computer Systems<\/h3>\n<p>Having an interest in vulnerability research, especially in the realm of <a href=\"https:\/\/en.wikipedia.org\/wiki\/Internet_of_things\">IoT<\/a>, got me hooked on the idea of learning more about embedded systems. So much so that I decided to take not one but TWO electives on the subject, <a href=\"https:\/\/ep.jhu.edu\/courses\/embedded-computer-systems-vulnerabilities-intrusions-and-protection-mechanisms\/\">this class<\/a> and a class on <a href=\"#software-development-for-real-time-embedded-systems\">software development for embedded systems<\/a>. This first class I felt was a real dud and was pretty much useless. The class was mostly a series of bizarre \u201ccase studies\u201d that hardly had anything to really do with embedded systems. Not once did I get to dump firmware off of an embedded system or even physically do anything with an embedded system. There was nothing about the course which was even remotely practical, or interesting in any way. At certain points the course material would pivot into even softer subjects like \u201ccopywright law\u201d or \u201clicensing agreements\u201d. This class ended up being a huge disappointment and I would <strong>not recommend<\/strong> it to anyone.<\/p>\n\n<h3 id=\"software-development-for-real-time-embedded-systems\">Software Development for Real-Time Embedded Systems<\/h3>\n<p>The second of <a href=\"#embedded-computer-systems\">two embedded systems-related classes<\/a> I took focused on <a href=\"https:\/\/ep.jhu.edu\/courses\/software-development-for-real-time-embedded-systems\/\">software development for embedded systems<\/a>, more specifically, development on <em>real-time systems (RTOS)<\/em>. This class was extremely practical as we spent the entire time actually writing code for arduino systems and even building a drone-system with a variety of sensors all interfacing with the arduino. I greatly enjoyed this class and felt like i learned quite a bit on the subject. Unfortunately, I\u2019m not entirely sure how useful this knowledge has been (so far) with respect to my career. I\u2019ll also point out that the use of a drone for this class was highly suspect as the drone kit was not particularly easy to use and all lab deliverables required videos of the drone being successfully flown while also performing a number of other in-flight operations. This put those who were not particularly great drone pilots (like myself) at a bit of a disadvantage. I appreciate the spirit of what the professor was going for here but I think the class would have been better served with something a bit easier to control like an RC car.<\/p>\n\n<h3 id=\"reverse-engineering-and-vulnerability-analysis\">Reverse Engineering and Vulnerability Analysis<\/h3>\n<p>The class on <a href=\"https:\/\/ep.jhu.edu\/courses\/reverse-engineering-and-vulnerability-analysis\/\">reverse engineering and vulnerability analysis<\/a> was by far my favorite course and I believe, objectively-speaking, the best course I took throughout the course of my Masters program. This class is the perfect mix of both theory and practical exercises, set to an extremely fast pace. Within the first week you will have covered and began deciphering <a href=\"https:\/\/shellsharks.com\/intel-assembly-primer#title\">Intel assembly<\/a> instructions as well as started writing your own Intel assembly disassembler! By the end of the class you will be doing full malware reverse engineering and even writing your own exploits from scratch. This class was no joke! I <strong>can\u2019t recommend this class enough<\/strong>, especially for those interested in these advanced topics.<\/p>\n\n<h3 id=\"operating-systems\">Operating Systems<\/h3>\n<p><a href=\"https:\/\/ep.jhu.edu\/courses\/operating-systems\/\">This course<\/a> was a bit of a mixed- bag. From a theory perspective, this course was exactly what I was looking for. It covered all the core operating system constructs (e.g. interrupts, kernel types, system calls, system architectures, system programming, scheduling, I\/O, multi threading, memory, task management, deadlocks, device drivers, file systems and more!). Execution of the <em>practical<\/em> side of this course was where the big let down was. Namely, the course author decided to have all assignments and labs (all of which were heavily focused on system programming) be based on the strange, little-heard-of, not-modern, <a href=\"https:\/\/www.minix3.org\/\">Minix 3<\/a> microkernel-based operating system. Now I had never heard of Minix 3 and asking my coworkers about Minix yielded a similar response. What was Minix 3 and why would my professor think this was a good platform to teach OS concepts? I mean, it doesnt even use a modern architecture, Minix 3 after all is a micro-kernel architecture as opposed to a more modern, monolithic or hybrid-based architecture. This course required a pretty firm understanding of C programming as well as some prior experience in Unix system programming, neither of which I really had. Picking up C was easy enough but learning to write code specifically for an operating system that no one uses and thus has little references online, proved to be a real struggle. I\u2019ll also add here that the professor was particularly non-helpful when it came to actually teaching these more practical concepts. Perhaps the expectation was that this was something I should have already known coming into the course. Either way, I found the system programming segments of the course to be frustrating and stressful as they were a very large part of my final grade. Ultimately I did prevail and though I have some pretty big issues with this particular aspect of the course, I do think overall I would continue to recommend it to those who want to learn more about operating systems. My recommendation to Johns Hopkins however is to use a more relevant, modern operating system (like actual Linux!) as the practical foundation for this class.<\/p>\n\n<h3 id=\"web-security\">Web Security<\/h3>\n<p><a href=\"https:\/\/ep.jhu.edu\/courses\/web-security\/\">This course<\/a> was an interesting overview of the wide-variety of web-related technologies a security professional must consider, with topics including web-based crypto, writing RESTful APIs using Flask, AWS cloud, SAST\/DASTWAF concepts, IoT protocols, container technologies such as Docker, open-source vulnerability scanners and finally a module on traditional web-application vulnerabilities such as XSS, SQLi etc\u2026 I found this course to be a little meandering, never doing anything more than scraping the surface of each of these topics. Yes, there were some interesting practical exercises sprinkled throughout but mostly I found that getting a \u201ctaste\u201d of so many things was not <em>that<\/em> valuable (to me personally). I\u2019ll qualify this by saying at this point in time I had several years of web application security and cloud experience so some of this material may have simply just not been that new to me and thus I found the lectures and assignments a bit boring. For someone interested in getting a look on everything \u201cgoin on\u201d in the web security world, I think this course can satisfy that specific need. Outside of that, I think most people might leave this class just hungry for something a little more substantial.<\/p>\n\n<h3 id=\"intrusion-detection\">Intrusion Detection<\/h3>\n<p>My seventh and final elective was <a href=\"https:\/\/ep.jhu.edu\/courses\/intrusion-detection\/\">Intrusion Detection<\/a>. I had not intended to take this course and only did end up enrolling due to availability and scheduling issues related to another class I had planned on taking. It was my final semester however and at this point I really wanted to close the book on this program and move on to other things in my life! It turns out that I\u2019m happy I took the course as it was (similar to my <a href=\"#reverse-engineering-vulnerability-analysis\">Reverse Engineering course<\/a>) a really satisfying mix of both theory and practical exercises. Notably, I\u2019d like to call out the excellent labs (assigned weekly) which covered a wide variety of tools (some of which I did have prior experience with) such as Nmap, Linux, TripWire, OSSEC, Snort, Neo4j, Cypher, Zeek, iptables, ROC analysis, Keras and RapidMiner. I definitely recommend this class for anyone looking to get some good experience with any one of these tools and learn more about general intrusion detection in the process.<\/p>\n\n<h2 id=\"what-i-wish-i-had-done-differently\">What I wish I had done differently<\/h2>\n<p>Having finally graduated, I wanted to take a look back at my experience both with JHU at a high level and with each of my classes and reflect on what I may have done differently. First I want to say that if I could go back in time, I would stilll choose the JHU program over any of the other schools I had considered. What I would change however is some of the classes I took. I\u2019ve made it clear in my reviews above what classes I thought were good, which had value specifically to me and which classes I thought were awful. Out of the 10 masters-level classes I took, three of them I found both well done and applicable\/valuable to my career, three of them I found very interesting and well done yet not particularly relevant to my career, two of them I found a little too \u201chigh level\u201d and not particularly useful and another two I thought were just atrocious. Looking at these numbers it\u2019d be easy to come to the determination (with only 3 classes I actually thought were useful to me) that I didn\u2019t get out of this program what I had hoped.  Had I chose different classes I certainly would have gotten more out of the program but I am thankful for what I was able to learn. Some classes I would have liked to try instead include offerings on Java Security, Cyber Physical Systems Security, Operating Systems Security and even Digital Forensics. I\u2019ll add that there seems to have been some significant changes to the course catalog since I graduated (which was only a few weeks ago as of this writing) with more courses having been added, notably classes on DevOps and \u201cAssured Autonomy\u201d, both of which might have been interesting to me and would certainly be worth checking out for anyone considering this program. After taking the class in <a href=\"#reverse-engineering-and-vulnerability-analysis\">reverse engineering and vulnerability analysis<\/a>, the professor suggested, for anyone who was interested, doing an <a href=\"https:\/\/advising.jhu.edu\/research-internships-and-independent-study\/\">Independent Study<\/a> in place of a typical elective. This would offer the same three credits but allow for a more exploratory, research-oriented approach to the reverse engineering material (or any other class you would be interested in). I seriously considered doing this for reverse engineering but ultimately decided not to. I regret this decision and recommend those who are taking this program to not be lazy and do what you think sounds interesting, even if it will be more work.<\/p>\n\n<hr \/>\n\n<h1 id=\"retrospective\">Retrospective<\/h1>\n<p>It\u2019s really incredible and I\u2019m extremely grateful for all the opportunities I\u2019ve been given over the last 5 years and though there are plenty of things I would change if I could go back and somehow make adjustments along the way, I am ultimately very satisfied with how everything has turned out and the choices I made. In closing, I have just a few parting nuggets of \u201cwisdom\u201d \/ advice I\u2019d like to share.<\/p>\n\n<ul>\n  <li>\n    <p>Make an effort to continually <em>re-focus<\/em>, frequently ask yourself what you want to do or where you\u2019d like to be and make constant adjustments to better reach that goal. It\u2019s easy to be swept into something or fall into a \u201ccomfort zone\u201d such that you drift away from where you really want to be.<\/p>\n  <\/li>\n  <li>\n    <p>Appreciate all opportunities and try not to discount the things you may learn that you think are not relevant or useful. Too many times have I had the chance to learn something I didn\u2019t think was useful so I never really committed myself to it, only to later realize i DID want to know it and was then force to teach myself again. You\u2019ll save yourself plenty of time and headache by just having an open mind and being as much of a willing knowledge-sponge as possible.<\/p>\n  <\/li>\n  <li>\n    <p>Revel in the fact that infosec is such a cool and exciting field! One that for those who are motivated enough, can be a place of rapid development and overwhelming opportunity. Take advantage of the vast network of people just like yourself who are looking to share their experiences, network and continuously learn.<\/p>\n  <\/li>\n<\/ul>\n\n<p>Thanks so much for reading, whether it was the entirety of this article (I know it\u2019s quite long) or any given section. I hope some of it was enlightening or valuable and if there are any questions or you\u2019d like to know more \/ share your own experiences I\u2019d love to hear about it! <a href=\"https:\/\/shellsharks.com\/contact\">Feel free to reach out<\/a> anytime!<\/p>\n","pubDate":"Fri, 16 Oct 2020 10:50:00 -0400","link":"https:\/\/shellsharks.com\/training-retrospective","guid":"https:\/\/shellsharks.com\/training-retrospective","category":["training","infosec","life","bestof","project","appsec","dev","pentesting","cloud","vm","reverseengineering","red","blue","sans","python","infosec","blog","list"]},{"title":"SciFi Dream","description":"<blockquote>\n  <p><em>I always begin in darkness, surrounded by glowing white pinpricks of light; these are distant beacons of worlds unknown.  I have traversed these hollow expanses for a lifetime as my ancestors have before me.  They are in my past for now all that matters is this mass below me.  A world of blue, shrouds of white, I\u2019ve had this dream before.  Every night for as far back as I can remember I have descended through white clouds.  My conscious mind somehow exists in this world and I know it to be a dream yet I can\u2019t shake the feeling of reality that seems to be present here.  More clouds, less sky.  Elements exist in such rare form and combination here.  Where generations before me have failed I have finally claimed victory.  I gaze intently through the haze while visages of the unimaginable appear for an instant and then vanish.  Will I reach the bottom?  More clouds, less sky.  Perhaps my heart has been right all along and this is the only true actuality.  Perhaps the endless space and solitary balls of mindless fire exist only within my nightmares.  How long have I been here, drifting in and out of what is real and what might never be.  More clouds, less sky.  Will I reach the bottom before I wake?  Will I be seized by that endless black nightmare before I reach the bottom?  Everything seems shrouded in doubt yet hope still remains.  I plummet further and further and these clouds ensnare me.  Suddenly a break in the mist, is a chance at my destiny imminent?  My eyes become strained and I long for the sight of something, something that no one has seen.  This is the farthest I\u2019ve gone and I feel so close now.  One more foot and it will all become clear to me but wait, have I stopped?  Less clouds, more sky.  I realize that my descent has been stopped short and I am now returning to that endless field of hopeless white lights.  I try to scream but no words come out.  A sickness washes over me and I want to wake up.  Less clouds, more sky.  I twist and turn, pinch myself in failed attempts to return to consciousness.  Perhaps I\u2019m already awake?  I must sleep.  I freeze and become limp.  Less clouds, more sky.  White, and then blue, and then black, I close my eyes and I am yet again in darkness surrounded by these phosphenes that dance mercilessly in the void.<\/em><\/p>\n<\/blockquote>\n","pubDate":"Tue, 01 Nov 2011 14:14:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2011\/11\/01\/scifi-dream","guid":"https:\/\/shellsharks.com\/notes\/2011\/11\/01\/scifi-dream","category":["life","scifi","fiction"]},{"title":"Favorite Nintendo Games","description":"<p>Ranking my favorite video games on a variety of consoles - NES, SNES &amp; N64.<\/p>\n\n<h5 id=\"nes\">NES<\/h5>\n<ol>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Super_Mario_Bros._3\">Super Mario Bros 3<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/The_Legend_of_Zelda_(video_game)\">The Legend of Zelda<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Zelda_II:_The_Adventure_of_Link\">Zelda II: The Adventure of Link<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/The_Krion_Conquest\">The Krion Conquest<\/a> <a href=\"https:\/\/www.youtube.com\/watch?v=XpN9vzSeUo8\"><i class=\"ph ph-music-notes\"><\/i><\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Super_Mario_Bros._2\">Super Mario Bros 2<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Super_Mario_Bros.\">Super Mario Bros<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Teenage_Mutant_Ninja_Turtles_(NES_video_game)\">Teenage Mutant Ninja Turtles<\/a><\/li>\n  <li><a href=\"https:\/\/www.classic-games.net\/rad-racer-ii\/\">Rad Racer II<\/a><\/li>\n<\/ol>\n\n<h5 id=\"snes\">SNES<\/h5>\n<ol>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Super_Mario_RPG\">Super Mario RPG: Legend of the Seven Stars<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Super_Mario_World\">Super Mario World<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Super_Mario_All-Stars\">Super Mario All-Stars<\/a>*<\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/The_Legend_of_Zelda:_A_Link_to_the_Past\">The Legend of Zelda: A Link to the Past<\/a><\/li>\n  <li><a href=\"https:\/\/kirby.fandom.com\/wiki\/Kirby_Super_Star\">Kirby Super Star<\/a><\/li>\n  <li><a href=\"https:\/\/www.mariowiki.com\/Super_Mario_Kart\">Super Mario Kart<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Donkey_Kong_Country\">Donkey Kong Country<\/a><\/li>\n  <li><a href=\"https:\/\/wikirby.com\/wiki\/Kirby%27s_Dream_Land_3\">Kirby\u2019s Dream Land 3<\/a><\/li>\n  <li><a href=\"https:\/\/www.mariowiki.com\/Super_Mario_World_2:_Yoshi%27s_Island\">Super Mario World 2: Yoshi\u2019s Island<\/a><\/li>\n  <li><a href=\"https:\/\/www.mariowiki.com\/Donkey_Kong_Country_2:_Diddy%27s_Kong_Quest\">Donkey Kong Country 2: Diddy\u2019s Kong Quest<\/a><\/li>\n<\/ol>\n\n<ul>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Puzzle_Bobble\">Bust-a-Move<\/a> (i.e. <em>Puzzle Bobble<\/em>)<\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Bubsy_in_Claws_Encounters_of_the_Furred_Kind\">Bubsy in Claws Encounters of the Furred Kind<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Plok!\">Plok!<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Mario_Is_Missing!\">Mario Is Missing!<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Troddlers\">Troddlers<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Joe_%26_Mac\">Joe &amp; Mac<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Hook_(video_game)\">Hook<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/The_Lost_Vikings\">The Lost Vikings<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Super_Adventure_Island\">Super Adventure Island<\/a><\/li>\n<\/ul>\n\n<h5 id=\"n64\">N64<\/h5>\n<ol>\n  <li><a href=\"https:\/\/www.mariowiki.com\/Super_Mario_64\">Super Mario 64<\/a><\/li>\n  <li><a href=\"https:\/\/www.mariowiki.com\/Diddy_Kong_Racing\">Diddy Kong Racing<\/a><\/li>\n  <li><a href=\"https:\/\/ogrebattle64.net\">Ogre Battle 64: Person of Lordly Caliber<\/a><\/li>\n  <li><a href=\"https:\/\/www.ssbwiki.com\/Super_Smash_Bros.\">Super Smash Bros<\/a><\/li>\n  <li><a href=\"https:\/\/quest64.fandom.com\/wiki\/Quest_64\">Quest 64<\/a><\/li>\n  <li><a href=\"https:\/\/www.zeldadungeon.net\/wiki\/The_Legend_of_Zelda:_Ocarina_of_Time\">The Legend of Zelda: Ocarina of Time<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Doom_64\">Doom 64<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Jet_Force_Gemini\">Jet Force Gemini<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Pok\u00e9mon_Stadium\">Pok\u00e9mon Stadium<\/a><\/li>\n  <li><a href=\"https:\/\/dukenukem.fandom.com\/wiki\/Duke_Nukem_64\">Duke Nukem 64<\/a><\/li>\n<\/ol>\n\n<ul>\n  <li><a href=\"https:\/\/www.zeldadungeon.net\/wiki\/The_Legend_of_Zelda:_Majora's_Mask\">The Legend of Zelda: Majora\u2019s Mask<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Gex:_Enter_the_Gecko\">Gex: Enter the Gecko<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Gex_3:_Deep_Cover_Gecko\">Gex 3: Deep Cover Gecko<\/a><\/li>\n  <li><a href=\"https:\/\/www.mariowiki.com\/Mario_Party\">Mario Party<\/a><\/li>\n  <li><a href=\"https:\/\/en.wikipedia.org\/wiki\/Major_League_Baseball_Featuring_Ken_Griffey_Jr.\">Major League Baseball Featuring Ken Griffey Jr.<\/a><\/li>\n<\/ul>\n","pubDate":"Thu, 07 Jul 2011 13:37:00 -0400","link":"https:\/\/shellsharks.com\/notes\/2011\/07\/07\/favorite-nintendo-games","guid":"https:\/\/shellsharks.com\/notes\/2011\/07\/07\/favorite-nintendo-games","category":["life","gaming","favorites","list"]}]}}