glyph.sh
Type a command…⌘K

Posts

Browse my latest technical posts, guides, and tutorials.

Flock Is Coming to Your Michigan City. Here's How to Fight It - Legally. Flock Is Coming to Your Michigan City. Here's How to Fight It - Legally. Flock Safety's automated license plate readers are spreading across Michigan with almost no rules. Here's what the technology actually does, why it is the wrong solution, and how to push back through the political system that already works. 2026.06.14 Blackmagic Camera App XML Schema Reference Blackmagic Camera App XML Schema Reference Complete XML schema documentation for the Blackmagic Camera iOS app custom streaming service configuration. All valid elements, attributes, and values. 2026.05.01 Setting Up a Ventoy Multi-Boot USB from macOS Setting Up a Ventoy Multi-Boot USB from macOS Ventoy doesn't officially support macOS, but with diskutil, dd, and some patience you can build a multi-boot USB that boots Windows, Linux, and rescue tools from a single drive 2026.04.16 Building an Always-On Raspberry Pi Security Platform Building an Always-On Raspberry Pi Security Platform From headless setup to reverse SSH tunnels, LUKS encryption, and a kill switch -- how a Raspberry Pi 3B+ became a portable pentest drop box reachable from anywhere. 2026.03.26 iOS Annoyances Coming from Android: File Defaults, Autocorrect, and AirDrop iOS Annoyances Coming from Android: File Defaults, Autocorrect, and AirDrop Quick fixes for common iOS frustrations when switching from Android -default app hijacking, aggressive autocorrect, and AirDrop limitations on hotspot 2026.03.25 Claude AI Wrote Code That Could Have Stolen My AWS Credentials Claude AI Wrote Code That Could Have Stolen My AWS Credentials A simple NameError led me to discover critical code injection vulnerabilities in AI-generated bash scripts that could exfiltrate credentials and execute arbitrary code 2026.03.23 Stream iPhone Blackmagic Camera to OBS on Mac with Local RTMP Stream iPhone Blackmagic Camera to OBS on Mac with Local RTMP Stream your iPhone to OBS Studio with full manual camera controls. Use OBS plugins, filters, and scenes with your iPhone camera. Keep your entire streaming setup while using iPhone as a camera source. 2026.03.10 System Monitoring on a Daily-Driver Laptop: What Actually Fits System Monitoring on a Daily-Driver Laptop: What Actually Fits Exploring what monitoring actually runs on a 16GB daily-driver laptop. Started with Wazuh SIEM, built a Prometheus + Grafana + node_exporter stack instead. Here's what works, what doesn't, and what comes next. 2026.02.15 CVE-2025-6218: WinRAR Path Traversal Exploit & Patch Guide CVE-2025-6218: WinRAR Path Traversal Exploit & Patch Guide CVE-2025-6218 is a critical WinRAR path traversal vulnerability (CVSS 7.8), and the related CVE-2025-8088 bypass was exploited as a zero-day by nation-state actors. 7.12 fixes 6218; install WinRAR 7.13+ to fix both. Detection and remediation guide. 2025.12.17 Management Frameworks for IT Leaders: What Actually Works Management Frameworks for IT Leaders: What Actually Works Practical guide to using Kanban, Eisenhower Matrix, SWOT analysis, and Gantt charts for managing IT infrastructure and security projects - from someone who's actually used them 2025.12.09 Note-Taking at Work: How to Stay Organized When Everything is Chaos Note-Taking at Work: How to Stay Organized When Everything is Chaos Why note-taking matters for engineers and IT professionals, and how to build a system that actually works when you're juggling meetings, incidents, and projects. 2025.11.19 Everything as Code: The 2025 Platform Engineering Playbook Everything as Code: The 2025 Platform Engineering Playbook How Infrastructure, Policy, Configuration, and even Application code are converging into a single programmable stack. Practical lessons from building self-service platforms with Terraform on AWS and Azure. 2025.11.18 AI-Assisted Content: Why Transparency Matters AI-Assisted Content: Why Transparency Matters An honest discussion about using AI assistance in professional work, the distinction between AI-generated and AI-assisted content, and why transparency matters. 2025.11.16 Blocking AI Scrapers with AWS WAF: A Technical Guide Blocking AI Scrapers with AWS WAF: A Technical Guide AI agents were hitting paths my robots.txt disallows ~72x/day. Here's how AI crawlers, user-triggered fetchers, and search indexers actually differ - and how to block the ones that self-identify with AWS WAF. 2025.11.14 Cisco ASA Zero-Days: When Threat Intelligence Predicted the Attack Cisco ASA Zero-Days: When Threat Intelligence Predicted the Attack How GreyNoise detected the Cisco ASA attack weeks before it went public 2025.11.11 How Ad Blockers Broke My Back-to-Top Button (And How I Fixed It) How Ad Blockers Broke My Back-to-Top Button (And How I Fixed It) A deep dive into debugging why a simple back-to-top button wouldn't appear, and the surprising culprit: aggressive ad blocker filter lists. 2025.11.10 Static Site Hosting on AWS: Fast, Secure, and Cheap Static Site Hosting on AWS: Fast, Secure, and Cheap How to host a static site on AWS using S3 and CloudFront - the architecture behind glyph.sh 2025.11.10 Hello World Hello World Welcome to the new glyph.sh site 2025.11.09 Web Application Security: What I Wish I Knew Earlier Web Application Security: What I Wish I Knew Earlier Lessons learned from implementing security practices in production environments 2025.11.09