Site News
  • Created the Captain’s Log for micro-journaling.
  • Earlier this year I refreshed the old design (shown below) into what you see now. Though there was a number of under-the-hood changes, the biggest and primary reason for the redesign was that I wanted something that was dark mode. I’m often up late-at-night working on stuff and having a site that was mostly blinding white (as you can see in the image below) was just not working out for me. With this thematic change I also created the cool new Shellsharks icon you see on the front page. I love it!

Old Design

Shellsharks Community
  • From it’s inception Shellsharks has been a community-building effort. I’ve always enjoyed mentoring and sharing what I am learning/working-on and I’ve been trying to find new ways give back. In its original form, Shellsharks was merely a meet-up group where me and a number of coworkers got together and did some CTF-type stuff. Since then I’ve created the blog/site and most recently I’ve established the Shellsharks Discord. It can be hard to write a blog and not feel like you are just shouting into the void. With community-building aspirations comes the challenge of building a following or put differently, cultivating engagement. Sure, I can pitch my content on Reddit or LinkedIn, or I can @ people on Twitter from the official @shellsharks account but I’ve never really been the “networking” type - the majority of my relationships having been made in face-to-face/on-the-job situations. But I’m here all the same, slowly reaching out across the web and into my professional contact-space and piecing together something bigger, not for myself but for the (hopeful) betterment of the infosec community. It’s worth pointing out that this foray is not into an untapped vacuum but rather a space that is quite crowded. There are a ton of infosec-themed Discord servers, cybersecurity blogs and infosec resources/training sites. This invariably complicates the process of building yet another unique infosec community but fortunately speaks to the overall (amazing) health of the community-at-large. In any case, I’d love for anyone interested in connecting to find me in the Shellsharks Discord or send me a message on Twitter!
Shellsharks Podcast
  • In addition to other community-building endeavors (see above), I am working on spinning up a Podcast. This is still in relatively early stages. I’ve acquired some of the gear (i.e. audio interface, mic, boom arm) and I’ve been workshopping some names and potential formats but nothing is decided quite yet. I am waiting on my new computer to arrive before I really get going on it. The format will likely be pretty casual. I plan to have a variety of guests where we’ll mostly just chat about anything infosec, tech or just life (as is the broad theme of Shellsharks). Stay tuned!
What I’m Learning
  • Right now I’m enrolled in SANS’ SEC588: Cloud Penetration Testing training. I’m on a cloud kick right now and this seemed like the perfect training for me to hone my AWS / Azure skills as well as add to my offensive security repertoire. Day 1 was a little basic and Day 2 was mostly a rehash of basic AWS knowledge I already possess but with Day 3 I am starting to get into content that is pretty interesting and new to me. Hopefully I can get through the rest of this training soon and challenge GIAC’s GCPN exam shortly after.

  • The Shellsharks site is built using GitHub Pages which in-turn leverages Jekyll. As such, I’ve been (over-time) learning more and more about Jekyll. Most recently, I’ve been playing around with the concept of “collections” within Jekyll, specifically to build out this Captain’s Log series. The collection feature is useful for grouping this sort of closely-related content. Now that I’m familiar with why you would use this feature I’m starting to see all the other applications it may have for the site. Anyways, recently I’ve learned not only how to get started with collections but also how to iterate over a collection and do stuff like grab the most recently created item in a collection. Cool!

Desk Setup
  • I’ve been using a Mac Pro (Late 2013) for a week or two as my primary workstation and it’s been really great! Sure, this much-maligned “server-class” piece of kit may not of ever lived up to it’s initial introduction hype but even in 2021 it can definitely function as desktop/workstation-class computer with current-age specs. I took a base-model “trash can” and leveraged OWC’s upgrade service to give this machine a bump in CPU, RAM and hard drive space (to 8-core, 64GB and 1TB respectively). This service is priced pretty fairly in my opinion and in my case, I opted for this route since I wanted to upgrade from the base 4-core processor which is not recommended for those who don’t have experience performing that sort of upgrade as it can be a little tricky. With this upgrade complete, I have a machine which has similar specs to the current-gen MacBook Pros for a fraction of the price. You can grab a Mac Pro 2013 on ebay for less than $1,000 and upgrade using OWC all combined for much less than the $2,399 that the base 16” MacBook Pro 2019 would run you. In the end, you get a computer which can be spec’ed (in some ways) beyond what a modern Intel-based MacBook Pro could get you, has much more in the way of I/O (6x Thunderbolt v2, 4x USB-A, 2x Ethernet, 1x HDMI) and imo … looks really cool.

Mac Pro 2013

  • I ordered a pair of Sky Blue AirPods Max in December of last year and recently took delivery of them (Was this backorder a sign of high demand or low volume production? I’m not sure). I’ve used over-ear headphones in the past and never really took to them. Either I found them uncomfortable, too-bulky or just overkill for what I really needed for music listening at the time. Regardless, being the fanboy that I am I decided to try out the new (very expensive) offering from Apple. With the improvements in AirPlay 2, coupled with other neat integration features with iOS I felt these would be if nothing else a fun (albeit expensive) way to listen to my music. More substantively, I had developed a few real-world use-cases for owning a pair of over-ear, noise-cancelling headphones. First, I often like to listen to my music at a high volume. I own a few HomePods which to my ears produce high quality sound and are very loud but this style of listening comes at a cost of being somewhat invasive to anyone in my house. Up until recently that has just been my wife but as a new father, I don’t want to run the risk of waking up or otherwise aggravating the baby with loud, often somewhat aggressive music. Second, I like to listen to music while I work and the AirPods Max seemed like they could deliver the serene, noise-cancelling soundscape I’d need to focus on what I’m working on all while rocking out. I haven’t decided whether I will keep them but so far I’ve been impressed with their sound (Disclaimer: I am in no way an audiophile or a good judge of sound quality at a technical level), love the way they look and think they are very comfortable. I’ve worn them for several contiguous hours and felt none of the usual strain that I typically feel with over-ear headphones. My only complaint so far is that the ear cups are quite heavy (being solid metal) which has resulted in them sliding forward on my head in times where I am leaning over quickly or dramatically head-banging to some power metal. Not a deal-breaker but at $550 USD I’m not completely sold quite yet.
  • Since the pandemic began, my primary source of exercise (basketball) has been almost entirely erased from my weekly routine. Up until recently, I’ve failed in replacing this with any substantial alternate form of exercise. I’ve never had success motivating myself into doing traditional weight-training and it’s been a few years since I regularly went running. I’ve realized this is something that needs to be remedied in some manner so I have started the free trial for Apple Fitness+. The service is relatively new and as a result has only a small selection of available workouts but just today I received an alert notifying me that new workouts are now available so I’m sure they are working hard to build out new offerings. To date I have done a few workouts and have found them to be very approachable, even for someone like myself who has never really done group/class-style workouts before. What I think will motivate me to return is the gamification aspects coupled with the tight integration with my Apple Watch and general iOS ecosystem. If nothing else, it does feel good to get out of my desk chair and get a li’l sweat goin’.
  • A few years ago, I (finally) decided to sit down and watch the animated Star Wars series, The Clone Wars. As a life-long Star Wars fan I thought it would be a dream to have that much (canon) Star Wars content. Though I found the story pretty compelling right from the first episode I was turned off a little by the animation style and a-lot by the over-the-top-silly dialogue coming from the goofy Battle Droids. So I gave up. Due to a certain (very awesome) cameo in the second season of the Mandalorian I decided to give the show a second chance. Though I still never got used to how silly the droid-army is I did watch the entire series and really enjoyed it. Particularly the final season I found to really be amazing. The way this series provides background on all the smaller characters in the main Star Wars series was a huge plus. If you’re like me and haven’t watched Clone Wars, I highly recommend giving it a shot!

  • I’ve also been re-watching/binging Game of Thrones and through the first 6 seasons it really is one of the best shows (imo) of all time. I have my gripes with the final two seasons (like many do). Mostly, I think the final seasons are marked with plot points that are both really really awesome but some that are not-so-awesome, silly or even a little non-sensical. Ultimately I think it’s fine the way the show ended but I still don’t like some of the ways in which they got there nor the feeling of being rushed to the finish-line by the show creators. Oh well, still hasn’t prevented me from watching it all over again.

  • Though I’ve been really busy with work, fatherhood and Shellsharks-related stuff, I have found time for one of my other life-long but recently-ignored passions - Gaming. Coming off a second stint of being overly-obsessed with playing Destiny on Stadia, I wanted to find something that was fun but didn’t require the same time-commitment. Enter Super Mario 3D World + it’s expansion “Bowser’s Fury”. I only recently picked up a Switch (shoutout to a friend who traded it to me for a 6-pack of beer) and I have to say, the console really is good for facilitating game-anywhere. What I mean is that I can un-dock my the Switch, bring it downstairs and play through a number of levels in Super Marios 3D World while I watch TV with the wife, or play a little in bed before I go to sleep. Otherwise, it’s kinda a whole production to sit down in front of my TV and have a long play-session. Those opportunities are fewer and farther between these days so being able to bring the console anywhere is great. So back to Super Mario 3D World… this game has been out for a while but with the newly released expansion I pulled the trigger on buying it. The expansion, “Bowser’s Fury”, is very reminiscent of the classic N64 title Super Mario 64 which remains to this day one of my favorite games of all time. I’m not going to review Super Mario 3D World but rather I’ll just say that it’s a lot of fun and with it’s local AND online co-op multiplayer modes it’s been a fun way to send time with family & friends. Hanging out with others, especially in this time of pandemic is certainly time-well-spent.
  • I’ve been a long time fan of Tesla and a huge TSLA bull. As such, I recently bought a bit of TSLA stock… then… it dropped like 25%. Ugh! Well, good thing I’m long on it. Learn from my mistake… dollar-cost average.

  • I also have dipped my toe into the world of cryptocurrencies. I signed up for a Coinbase account and took some relatively small positions in a few different crypto-variants (i.e BTC, REN, BCH, DASH, ETH, XLM, AAVE, LINK, LTC) - No DOGE, despite my boy Elon’s infatuation. It’s definitely a wild world. 25% gains and losses in any given day. Something that if you watched the markets real closely you could probably make some decent gains doing amateur-ish day-trading. Would require a larger investment than I’ve made which can be scary though. Hah! I’m using standard Coinbase as well as Coinbase Pro but find that though fees are less with pro, the inability to trade from crypto to crypto is a real weakness of the “pro” platform.

  • I recently became a Dad to an awesome li’l dude. This has changed a lot about how I spend my days and certainly has introduced competition for my time. Between my career goals, unyielding desire to learn all the cybers, and continued development of Shellsharks, this has meant a top-to-bottom reprioritization of everything. Though the pandemic has been terrible, it has at least given me the ability to work-from-home and thus spend more time with my son. With no commute, and some rejiggering of my schedule / daily tasks, I’ve (so far) found time to spend with my expanded family while also GTD at work and continuing to work on the site. Oh, and sleep training has really been a worth-while and time-freeing exercise.

  • I do miss my house being clean though…

  • With the uptick in time I spend on work, my multitude of side projects and family-stuff, I’ve found myself being entirely fueled by Gushers and coffee. The healthiest decision?… no. But, I do love candy.