Bootingup.net
  • Abouts
  • Books
  • Posts
  • Projects

Posts

April 30, 2025

BZT Thoughts

A collection of some thoughts about BZT, zero trust solutions, and zero trust in general.

Device-aided BZT

Trusted device start is an important factor in a zero trust architecture. Storing a secret key in a TPM and using that Key to authenticate a device and encrypt is a solid baseline to work past in the boot process.

Such a process would look like storing a secret key in the TPM, and use it with the IPSEC daemon. IPSEC policy drops non-IPSEC as normal to and from devices. Client auths normally over strong auth when attempting to use application traffic.

read more
April 22, 2025

Arch EFI Luks

Setting up FDE with UKI (Unified Kernel Images) and Secure Boot with Arch Linux was slightly more confusing that I anticipated. Just wanted to knock out a quick how to on actually building this the right way. It seems to be the right configuration conceptually, but the tools used like dracut vs mkinitcpio in the wiki made it hard to piece together. A opinionated Ansible playbook is hopefully coming soon.

read more
April 18, 2025

Can Johnny Encrypt Now

To continue on the legacy of Why Johhny Can’t Encrypt research, and to generally check in on how Thunderbird is with their OpenPGP encryption implementation, I conducted an experiment to investigate. For those curious about how the lab was constructed, most of the code should be available on my Github. Please reach out about concerns or questions.

Please download the PDF to view it: Download PDF.

read more
April 18, 2025

BZT Research Paper

For a class I took, I did some research into zero trust networking. As a result of the thinking about the problem, I did a PoC and paper discussing a novel approach to zero trust networking. The code can be found at https://github.com/Peeanio/bzt.

Please download the PDF to view it: Download PDF.

read more
September 8, 2023

Rust Esp32

For some time now, I have been meaning to get started with Esp32’s in earnest, and wanted an excuse to get started with Rust in something that was meaningful and embedded. I took the chance, and given the majority of my chips we esp32 v3.0, I had some hoops to get go through to get it working properly. Below should outline the steps I needed to take to get going with rust and this chip.

read more
June 1, 2023

Conflict-Gaming

Running a wargame with just military assets feels incomplete in a landscape where intelligence is so real-time and complete, where theatres in a non-shooting war include such amounts of espionage and influence through cyber campaigns and more that it seems so important to model those facets. For the past few years, I’ve thought about different aspects of what would be needed for that complete picture; running the cyber game, controlling HUMINT sources and directing influence ops, but now it feels like rolling all of that into one is possible. I really want to create an system where it is possible to all kinds of assets and their capabilities, in order to model and run that kind of conflict. Pace will be slow, like all of these, but it’s something in my mind, much as one could glean from my reading list from the past year.

read more
April 25, 2023

ESP32

Dropped the ball on working on some things because my main focuses were taking a lot of time and effort. I did get some ESP32 units to start messing around with, which feel like a step up from the Arduinos I started on seven years ago. With nothing but a simple library and its example loop, I was able to get a bluetooth speaker built and configured (with a DAC, of course). Here I was gearing up to learn C or Rust for this project and dive into some low level, but it was all done for me. The project itself did not mean enough for me to dig into properly, but I do plan to doing it for some sensor projects with other ESP32s.

read more
March 30, 2023

Cloud Providers

I’ve used linode to host a mail server for a few years now. They are changing their pricing, and I thought I would try out Digitalocean, see what it was like. I appreciated the aws-like product offering, and spent some time writing terraform to spin up a new email server there. I get it all spun up and lo and behold, Digitalocean now blocks port 25.

It is disappointing that it is getting so difficult to host an email server. Too many bad actors spoiled it for the rest of us by taking advantage of lack standards and controls to send spam. People don’t want to run their email servers themselves, because of the legacy of malicious behaviour, so those of us that want to start without the static IPs with reputation are left wanting.

read more
March 7, 2023

Migration

It has been a busy start to the year for me. I’ve been working on a good deal of internal projects, but I came to the conclusion that they weren’t doing much good where nobody can see them. The projects will slowly be moved to Github (because I am also on a public git server now), and my blog is now housed there too. People have figured out static websites to the point where it is almost silly not to manage them through providers.

read more
January 30, 2023

Django

Recently, full stack web development was something I wanted to try my hand at. I thought that learning ReactJS and Javascript would be what I needed to do; my first try was use AWS to stand up a serverless app, so the JS needed to help the user complete the application. That was cool and made sense, but then I was trying to figure out how to tie that to my own API and not have the main logic etc show in the frontend. Turns out, I should have taken some web dev classes at some point, because I’d never touched anything like this before and my web stack knowledge was pretty shaky. LAMP stack, no problem, but I’m not even looking under where /var/www/html. I know Python and so wanted to give Django a try, and boy was I impressed by what I could do with the polls app.

read more
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Bootingup.net 2025