Today I’m trekking the 1.5 mi walking part of my commute with 20 lbs of iron in my backpack. I’m reasonably confident in my ability to get it there with me intact. I’m less confident of my power to schlep it back home tonight.

Waking up to KMFDM blasting in the bedroom, a very surprised looking cat, and the HomePod she just accidentally coaxed into life by sniffing the top of it.

When an email’s footer starts with “The content of this email is intended for the person or entity to which it is addressed only”, the desire to turn it into a blog post is almost irresistible.

I’m super excited to be joining a small company next week as their first dedicated security engineer. After being at much larger companies for a little while, I’m ready to be back in the trenches.

What a job search looks like in 2025: 4 weeks, 27 interviews, with 20 different recruiters and employees of 21 different companies.

This is the one day a year I immerse myself in Apple news. A buddy and I have a decade long tradition of watching the WWDC keynote together. Then I’ll go back to mostly ignoring the hype for another 364 days.

We worked to lose a nice bit of weight over the last 6 months or so. Today I hit the treadmill carrying a backpack loaded with the same amount of weight I’d lost. Holy cow. How did I do that every single day?

The new Apple News daily Sudoku results page is sloppy. As screenshotted on an iPhone 15 Pro, you have to scroll down about 1/8” to see the whole Leaderboard button.

I will not lose sleep over this, but it’s still sloppy.

Screenshot of the page you see when you finish an Apple News Sudoku puzzle. It looks mostly correct, but a button near the bottom is cropped unexpectedly. There’s a huge amount of open, grey space at the top of the page.

The same page scrolled down a couple dozen pixels. Now the whole button is visible. The empty grey space at the top is still huge and not noticeably smaller. The page could easily look like this without scrolling but no one bothered with it.

Infomaniak breaks rank and comes out in support of controversial Swiss encryption law | Tom’s Guide

Infomaniak argued that anonymity prevents justice, saying there must be a “happy medium” to prevent the digital landscape becoming a “Wild West.”

They further state that demands for anonymity show “lack of knowledge of Swiss political institutions”.

If you’re an Infomaniak user, you should stop that ASAP.

I just successfully performed concussive maintenance on a recalcitrant smart speaker.

Me: Hey Siri, play music for me.

HomePod: Here is some music just for you… Sorry, there was a problem with Apple Music.

Me: bops the HomePod in frustration

HomePod: Here is some music just for you… 🎵🎵🎵

Me: That worked?

(If I asked it other questions, like “Hey Siri, what’s my next appointment?”, it’d correctly answer with my personal information. It only affected Apple Music.)

I’m not a huge fan of OSI — I prefer my software Free — but their idea of Open Source is the only one I’ll accept. I’m frustrated by the number of companies who want to claim their proprietary shared source licenses are open source just because you can look at the code.

No. You cannot convince me.

My house has old plaster and lath walls, aka “a Faraday cage”. My kid’s bedroom is 20 feet from a Firewalla AP7 Wi-Fi radio, but their PC still only got a 2.4Mbps speed test result.

I bought them a $20 external Wi-Fi antenna and that jumped to 5.8Gbps.

I highly endorse this upgrade.

I just got this email from someone who’s definitely not a North Korean agent seeking to work for American companies.

Screenshot of an email from someone who wants to work remotely as me because of "certain regional limitations".

Text of the email:

Hello,

I’m Akira Nakao, a Senior Software Engineer with over 10 years of experience in full-stack development, system design, and leading technical teams.

Due to certain regional limitations, it’s been challenging for me to access higher-paying roles that align with my skill set. To navigate this, I’m looking for a trustworthy U.S.-based partner to help establish a compliant and straightforward collaboration setup.

I’ll handle all technical work and delivery. Your role would involve minimal administrative support — mostly acting as a point of presence for registration or formalities required by some clients. The structure would be simple, legal, and transparent.

What’s in it for you:

  • A passive revenue-sharing arrangement
  • No coding or tech experience required
  • Clear, low-effort expectations

If this resonates with you, I’d be happy to share more details and answer any questions. There’s no obligation — just an open and honest conversation.

Thank you for your time and consideration.

Best regards,
Akira Nakao
Senior Software Engineer

Yep, seems totally legitimate.

Microsoft released a new PostgreSQL IDE for VS Code. It has a proprietary license with deal-breaking terms:

The software is licensed, not sold. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you will not (and have no right to):[…] d) use the software for commercial, non-profit, or revenue-generating activities

Oops. Better not install this on your work laptop! Too bad. It looks nifty, and might be fun to play with if it weren’t illegal to use in most cases where you’d want to use it.

Thanks for letting me know, Signal!

Screenshot of a Signal notification saying “You may have new messages”

Pocket is Saying Goodbye: What You Need to Know | Pocket Help

We’ve made the difficult decision to shut down Pocket on July 8, 2025. Thank you for being part of our journey over the years—we’re proud of the impact Pocket has had for our users and communities.

This is a bummer. It’s the only built-in way to get articles onto my Kobo Libra 2 ereader. So much for bookmarking a long, interesting article to read later on that device.

Kim Jong Un’s New Warship Capsizes at Launch Due to ‘Absolute Carelessness’ - The Wall Street Journal www.wsj.com/world/asi…

Kim, who witnessed the mishap unfold at a Wednesday launch event, lambasted officials for their “absolute carelessness, irresponsibility and unscientific empiricism” in causing the “serious accident,” North Korea’s state media reported. The 41-year-old dictator equated the gaffe to a criminal act.

Thought you were having a bad day?

Dr. Phil’s Son Jay McGraw Is Tied to Minto Money’s 700% APR Loans — ProPublica

McGraw settled a federal civil suit that had accused him of playing a key role in CreditServe Inc., a financial technology consulting firm […] with interest rates that can exceed 700%

If you borrowed $100 at 700% APR, compounded daily, and let it sit for a year, you’d owe $2,452.

Dr. Phil’s kid is a dirtbag.

A Swift Cloud - Things Blog - Cultured Code culturedcode.com/things/bl…

This is so frustrating. Things is really neat, but they went through all the effort of rewriting its backend from scratch with no mention of end-to-end encryption. You just have to trust that they’re not selling your data, training AIs with it, giggling at your notes to buy flowers for your SO, or whatever. I’m pretty sure they’re not, but having to trust that they’re not is a dealbreaker.

I’ve learned way more than I wanted to about houseplants, spider mites, and neem oil.

Forgejo Runner in rootless Podman on Debian

I wanted to experiment with Forgejo’s Actions as a DIY alternative to GitHub Actions, using a nearby Raspberry Pi as a build server. I also wanted to deviate slightly from their Runner installation process by executing the Runner and rootless Podman as a regular, non-privileged user and without using the system-level systemctl. It was pretty easy once I wrapped my head around it.

  1. Set up the runner user. Since I was using Podman, not Docker, I didn’t have to add it to the docker group. As root:
root# useradd --create-home forgejo-runner

This created user number 1001 on my system. Remember that number later when it’s time to configure systemd.

  1. Allow that user to run commands via systemctl without logging in and launching them manually:
root# loginctl enable-linger forgejo-runner
  1. Use machinectl instead of su to become the forgejo-runner user. Without this, most systemd commands will fail with the Failed to connect to bus: No medium found message. I’m certain there’s a way to get su or sudo to play nicely with dbus but I had more interesting problems to solve today than this.
root# apt install systemd-container
root# machinectl shell forgejo-runner@
  1. Run podman-system-service as the forgejo-runner user:
$ systemctl --user enable podman.socket
$ systemctl --user start podman.socket
  1. Run the forgejo-runner program as the forgejo-runner user. I lightly modified the standard forgejo-runner.service file:
$ cat > .config/systemd/user/forgejo-runner.service <<EOHD
[Unit]
Description=Forgejo Runner
Documentation=https://forgejo.org/docs/latest/admin/actions/
After=podman.socket

[Service]
ExecStart=/usr/local/bin/forgejo-runner daemon
ExecReload=/bin/kill -s HUP $MAINPID
# 1001 is the forgejo-runner user's UID
Environment="DOCKER_HOST=unix:///run/user/1001/podman/podman.sock"

# This user and working directory must already exist
WorkingDirectory=/home/forgejo-runner
Restart=on-failure
TimeoutSec=0
RestartSec=10

[Install]
WantedBy=default.target
EOHD
$ systemctl --user daemon-reload
$ systemctl --user enable forgejo-runner.service
$ systemctl --user start forgejo-runner.service

I rebooted my RPi to make sure it would start on its own and it did. Yay! Now I can run Forgejo Actions on my little server and everything works as documented.