Tuesday March 10th, 2026 NCLUG Meeting

Wed Mar 11 01:57:56 UTC 2026

j dewitt wrote:
> What: Tuesday March 10th, 2026 NCLUG Meeting

John Murzyn cleaned out his computer museum and donated a stack of
some 15 year old laptops.  He did not want to take them to e-recycle
scrap and asked me if there was interest in them.  I posted a query to
the IRC channel and very quickly at least four of them became spoken
for.  So I said I would middle man them to the NCLUG and pass them
along.

This turned into a big hardware swap because Aaron passed on to Dan an
old P550 machine.  Hardware swapfest!

Then we decided it was time to talk about things happening in the free
software community.  Bob opened talking about this tidbit.  The TL;DR:
is that a CI/CD Continuous Integration / Continuous Deployment server
that would execute anything that anyone wanted to put into a github
pull request.  That seems bad.  Then just to spice things up a little
they gave it access to the github auth token for full github write
access.  All together now.  "What could possibly go wrong?"  The
attacker subsequently used this to deface everything and destroy the
repository.  Since git is distributed it's not such a big deal but
this seems bad.

    https://www.stepsecurity.io/blog/kubernetes-el-compromised-how-a-pwn-request-exploited-a-popular-emacs-package

Aaron took the display hose and talked about his Fnordly
infrastructure.  Honestly I was catching up the above notes so I
missed some of this description but it was about site security and
securing sites and how this was all documented on a wiki.  This
infrastructure is front-ended using HAproxy on the front end
connecting the bastion host to the service backend hosts.  This allows
the bastion host to have the public IP addresses and all of the
internal systems to have private LAN addresses perhaps even dynamic
private addresses.  Uses RFC 2136 DNS Dynamic Updates.

    https://wiki.fnord.greeley.co.us/mediawiki/index.php/In_transit_data_security

As Aaron was demonstrating and logging into the machines he told us we
would see the private names but not the password.  And we believe it
because even Aaron failed the password trying to type them in
repeatedly!  It was quite funny!

Kirk, You are instructed to chat with Aaron because we missed you not
being here tonight and this is a topic you were interested in.

We jumped down a rabbit hole talking about geographical domain names
such as the .us domain.  Deep, deep rabbit hole.

Dan then talked about setting up a lab environment with a simulated
network running BGP and all of the trimmings.  I heard things like Dan
has a PDP-11 and a Colbalt Cube 2 and a few other crazy things trying
to compile something something.  The simulated network sounds
interesting though.

Kate (pronounced Ka-to) is a PhD student from Japan who is touristing
through and stopped by to visit our meet-up!  A student of
mathematics.  Interested in music score development.  Piano.  He
talked about his machine network collective.  Machines were nicely
named after the anime One-Piece.  Haha!  The collection of machines is
designed to record music score via MIDI.  Then talked about how this
is all used in music.  David perked up for this!  Then some demo of
graphics production of anime fan-fiction for Frieren and a few others.
Various graphical effects of magic.  Cool stuff!