SSH Proxy, Using a Jumphost

Those who know me know about my love of the Raspberry Pi. I've got tons of them stashed around various places to provide a variety of services. One thing I use them for is to allow me access into remote networks via Twingate for troubleshooting or maintenance purposes. Usually these networks are less sophisticated with consumer-grade tech enabling them, and Twingate provides a nice way to be able to access specific hosts easily over their technology.

https://www.brandenwilliams.com/blog/2025/10/14/ssh-proxy-using-a-jumphost/

Well this aged like milk.

I am ABSOLUTELY LOVING this Kasm journey I am on. I just got a weird email that set off all the alarm bells. Looks legit, asking me to take action, not sure what it is though because I don't have recollection of what I submitted to generate this.

Fired up a Firefox browser on my Kasm box, plunked the link in, and interacted with the site. As it turns out, it was legit, but the sheer contribution to my peace of mind cannot be overstated.

Level Up Cybersecurity with Kasm Workspaces

Ever look at plethora of browser tabs staring back at you with "I'll check this out later" vibes and feel the urge to mercy-close the ones that just wont get done anytime soon? Browser tabs are now another subtle, nagging to-do list that gets neglected or ignored. I'm specifically referring to the tabs in the middle of your window that you pinky-promised you would revisit.

https://www.brandenwilliams.com/blog/2025/01/23/level-up-cybersecurity-with-kasm-workspaces/

Zelle finally getting the light shone on it by the CFPB. The amount of extra anti-fraud tech that we had to put around it at MUB was insane. Somehow Zelle and the operators have escaped Reg E responsibilities as well with banks kinda shrugging if you are a victim of fraud.

https://www.morningbrew.com/stories/2024/12/21/cfpb-sues-big-banks-over-zelle-fraud

pgMail 1.5 Released!

Well, it's pretty rare that I get anyone talking about my old PostgreSQL email stored procedure, but here we are. I wrote this thing almost 25 years ago to essentially replicate the functionality of xp_sendmail into PostgreSQL. I released it to the world, because I knew other people would have this issue. And as it turned out, they absolutely do.

https://www.brandenwilliams.com/blog/2024/12/10/pgmail-1-5-released/

Let’s Encrypt for non-webservers

Let's say you want to use Let's Encrypt for something that isn't a website. So you download certbot, you get things going with your manual cert, and you realize that when it goes to rotate you will need to restart some services. When you go look through the docs, it's not very clear on how to do this exactly. So here's my post to remind myself what I did (and if it helps you as well, then hooray!).

https://www.brandenwilliams.com/blog/2024/11/27/lets-encrypt-for-non-webservers/

One of the best new features of our PCI DSS 4.0 book is this index-by-requirement feature. Check it out: https://www.facebook.com/watch/?mibextid=xkVqcJ&v=489280347382239&rdid=0rT4WR5OM5Q0G9yF

Man, Weebly is really turning into a spam farm these days. They are the source of the majority of things getting caught up in my spam filters these days.

Guessing financial services orgs will be updating their Social Media Risk profiles based on the Chase TikTok thing that happened over the weekend.

@shenetworks Very sorry :( I'm sure the story is quite something though.

Here's something I have a morbid curiosity about, but really am scared to know the answer. How many PostgreSQL Databases have pgMail installed?

Anyone else updating their Debian boxes from their phones while sitting in a brewery on the road?

Just me?

Technology is awesome.

So Outlook is now showing me ads in my inbox. Sweet.

This rant on Artemis is AMAZING. It's long, but super entertaining and full of snark.

I knew about the problems with the SLS and the recycling of old components, I wasn't aware of the Blue Origin and SpaceX components to this as well.

Well worth a thursday afternoon read!

https://idlewords.com/2024/5/the_lunacy_of_artemis.htm

When Man Pages Go Weird

You may not realize that I got my start in the technology world in the early 1990s learning Unix. From my first Netcom account to my high school allowing me, A JUNIOR, to have and run a Slackware machine directly connected to the Internet. My first Linux kernel was a 1.2.8 kernel, and I vividly remember someone trolling me on IRC to fix some strange problem the best bet was to…

https://www.brandenwilliams.com/blog/2024/04/05/when-man-pages-go-weird/

Just found a bug in the @apple_enthusiast (tagging the enthusiast account for vis) DNS resolver. If you pass say some 10.* addresses first as DNS servers for local resolution and name searching, but then use the @cloudflare 1.* addresses as fallback, command line and Safari will sort them and prefer the 1.* first. Local DNS will fail.

To everyone relying on
AT&T for SMS-based Auth this am, this is your wake-up call. Move to Passkeys, FIDO2, or anything better than SMS OTP.

See my article on the 10 things companies get wrong about CIAM for some more guidance: https://www.linkedin.com/pulse/ten-things-companies-get-wrong-ciam-branden-williams-v8gmc%3FtrackingId=HA16cdZdQtiMl5l%252FqAINAw%253D%253D/?trackingId=HA16cdZdQtiMl5l%2FqAINAw%3D%3D

@tychotithonus been much better this week!

Ten Things Companies Get Wrong about Customer Identity: https://www.brandenwilliams.com/blog/2024/01/23/ten-things-companies-get-wrong-about-ciam/

Are there others you can think of that I missed? Let me know! #ciam #identity #iam #customeridentity