Community Blogs

My Nerd Story: From Record Store Clerk, to Tech Journalist and Community Manager

Rikki Endsley is a technology journalist and the USENIX Association’s community manager. In the past, she worked as the associate publisher of Linux Pro Magazine, ADMIN, and Ubuntu User, and as the managing editor of Sys Admin magazine. Find her online at and @rikkiends on Twitter.

I've been a writer for as long as I can remember, which is why I was thrilled to receive an electric typewriter as a high school graduation gift in 1988. Asking for a computer was never something I considered. I don't remember ever being exposed to computers while I was growing up. After high school, I didn't even use my new electric typewriter for a while. Instead, I took a year off, continued working my record store job, and saw dozens of great bands.

My nerd story starts at a record store, with a cash register and a Schwann catalog.

Read more... Comment (3)

My Nerd Story: What You Say to Young Girls Matters

Leslie Hawthorn is an internationally known community manager, speaker and author, who has spent the past decade creating, cultivating and enabling open source communities. She created the world’s first initiative to involve pre-university students in open source software development, launched Google’s #2 Developer Blog, received an O’Reilly Open Source Award in 2010 and gave a few great talks on many things open source. In August 2013, she joined Elasticsearch as Community Manager, where she looks forward to getting things done, facilitating user happiness and moving to Europe.

Tiny Geekdom

“Mom, the computer is talking to me.”

I was sitting at a VT100 in a cold office building, far from home and missing Saturday morning cartoons. My mother, a UNIX programmer at a large telco, brought me with her to the company’s San Francisco, California office that weekend since my father was out of town. It was an hour’s drive each way and 7 year old me was a bit out of sorts from the long ride and the early hour at which I’d awakened. Mom, though, knew the best way to soothe me was to park me in front of a terminal window and let me have at it with Adventure.

Read more... Comment (9)

My Nerd Story: Class, queerness and the transformative nature of technology and open source.

Beth 'pidge' Flanagan is a Senior Software Engineer for Intel and spends most of her time working on Open Embedded Core and the Yocto Project, mainly as the release engineer and maintainer of the yocto-autobuilder. She is also a geek, a queer trans woman, a motorcyclist, and a practitioner of random bits of general purpose geekery. She has been working in IT/software engineering now for the past 23 years.

I was born and raised right outside of Newark, NJ. My family was working class and I grew up in a working class neighborhood full of first and second generation immigrants from Ireland, Scotland, Brazil, Italy, Peurto Rico, etc. Basically, a neighborhood that most people wouldn't think of as a fertile bed for nerds. I tell people to basically imagine some of the more gritty scenes from The Sopranos and they'd get an accurate idea of where I grew up.


The Sopranos - Satriale's Pork Store

I realized at a very young age that I was a trans woman and that without a well thought out plan, I wouldn't be able survive the conservative confines of that world. This concept of needing to escape was further compounded by the fact that I was on the bottom of the social rung at school. I was bookish, had a serious lisp and a severe femoral torsion which caused to walk pigeon toed (hence the nickname I carry to this day) and a classroom full of boys and some of the girls who marked me as "different" from my first day at school and did not let up in their abuse for the entirety of my elementary school career.

When I was about 9 or so, I had a pretty good idea that all the praying in the world wouldn't make me not trans and that I should probably spend some time figuring out what to do about it. So, I petitioned my father for an adult library card (remember a time when 'looking stuff up' included a trip to an actual library?). I remember asking him if he would sign the papers for my library card and he handed me the largest book on the bookshelf he could fine,'The Crusades' by Zoe Oldenbourg. He told me "Read this and do a book report and I'll sign the permission slip". I read it in about a month or so and that signed permission slip opened up a world I could never have dreamt of.

That library was my salvation. In its stacks I learned, in carefully hidden books, that I could do something about being trans. For the first time I could remember, the serious depression I had been in since age 6 when I figured out that I wouldn't grow up to be a woman, not at least without a little bit of help, abated somewhat. The library became my second home. It was where I spent my  days, hiding from the world. I went into full on reading mode, devouring anything I could get my hands on, but always ending up back in the science row with it's miniscule amount of books on computer science. But, they did have an entire set of "The Art of Computer Programming". I flipped through it somewhere around age 10 and didn't understand one bit of it! Somehow though, I was strangely enamored with the idea that language could be turned into something that made machines do work.

I mentioned before that people generally don't think of working class people as a hotbed of nerdism. If anything, I think that the reality is the  exact opposite. When you grow up without a lot of money you end up learning how to make things last and fix things that need repair. My family was no different. My father was a fairly decent carpenter who tried, bless him, to teach me with absolutely no success. His mechanical skills were impressive, something I ended up being able to learn much later in life. My grandmother however taught me how to crochet. In crocheting I saw math and patterns and it taught me how patterns could create beauty.

When you're the kind of strange effeminite kid in a working class world that I was, you end up spending a lot of time alone and learn to quickly entertain yourself. One summer I spent a full week alone in my backyard with a roll of tin foil, a magnifying glass and a thermometer seeing what the highest temperature I could achieve was. That was also the year I built a boobytrapped for the backdoor to the house. (I was afraid of burglers). I forgot to unset it and it almost knocked my mother out when she opened it and a few of my brothers baseball bats came flying out, full speed, towards her face.

1982 came around and something happened that would change my life forever. It all started with two lines.

20 GOTO 10

I still remember those first two lines of code I ever wrote. It was a 10 year old kid's 'Hello World'. The Catholic school I attended had invited this computer education company in to do an optional computer class. I  begged my parents to let me take it. I remember the first day I stepped into that class. About a dozen or so Commodore PETs, with the ever so high tech audio cassette storage devices.



After the first few classes, you just stopped trying to load your prior work from tape at the start of class as it took forever to load. You got really good at remembering what you did the week before and learned to type quicker than the audio tape could load. I ended up
falling asleep at night listening to those tapes (SkreeeetchWoooooSkreeeeeeetch!); in love with the idea that you could store STUFF on tape other than music!

So, here I was, this kid who was absolutely on the bottom of the social ladder. I was despised by the kids at school and my ability to have control over my life was greatly impacted by overly protective parents, my age and obvious gendered behavour difference, but... for those 45 minutes a week in 1982, I had, for the first time in my life, actual agency. I could sit there and tell a machine to do whatever I wanted it to and the results were up to me. It wouldn't beat me up. It wouldn't make fun of me for the way I walked, or held my books. It wouldn't call me awful things. It would just do what I told it to do. (This generally entailed new and more complex ways of spitting out how much I hated school, to be perfectly honest.)

Those little two lines of code turned into a much larger program that year and my parents ended up trying to nurture the one thing I had shown an actual interest in. I'm still unsure of how my father afforded it, but one day he came home with a Timex Sinclair 1000, literally
the cheapest computer there was. I actually recall using it quite a bit, but, as the concept of needing to store things was a bit beyond my dad, who was a truck driver, he had neglected to buy the audio tape drive. I would have to leave it on for weeks with a note on it, telling people not to shut it off or I'd lose my program.



But, no matter how much computers could act as an escape for me, there was still this huge thing I had to deal with and as I got older and the effects of puberty started to hit, my depression worstened. I stopped writing code in my Junior year of highschool and just focused on trying to make it through the day. By the time I hit university I was an absolute wreck from trying to deal with being trans. So, after the first year, I made the best decision ever. I quit and moved to Washington DC and was able to have space to figure out what my plan was.

I moved back home after about a year because I had gotten fairly sick. By this time, my mother had gone from being a secretary to getting a degree  in accounting to being a VP at a small software company. Behind my mothers back, I finagled a job there. I will always remember the engineering manager who risked her wrath to give her weird, green mohawk having kid a job. So, my lucky break came in 1991, at age 19, writing insurance software in MagicPC for 5 dollars an hour.

Eventually, I left to take a job at the local university. Here is where I encountered the second thing to change my life. Windows 95.

It was 1994 and we were previewing the beta of Windows 95 for a migration from Windows 3.11. I absolutely loathed it. There was no integrated TCP/IP stack. I was use to the Solaris command line by that point and it was still the clunky DOS shell. It was nothing I wanted and while it was an improvement, I wanted something more so I went searching for a better solution and found it in Slackware.

I don't remember the exact version of Slackware I finally got to install, but I know the kernel was around 0.99 (before loadable modules and ELF binaries!). It was like a dream and a nightmare rolled into one. When you got it working it went like clockwork, but it was an absolute TERROR to set up. Package management? Nope, tar.gz and make was your friends. I got really good at debugging makefiles.

But, I was hardly bored. I spent way too much time getting kernels recompiled, fighting with X11 settings on my Diamond video card, wondering why the NE2000 card in my box, when the box was the end node  of a token ring would blue screen all the Windows 95 boxes on the ring. Bored? I was too busy tearing apart this amazing thing that people had put together, in part, just for something cool to do.

It was magic. Here was this thing that didn't work out of the box! I had to actually sit there and figure it all out. That year and a half I spent learning the operating system inside and out gave me a sense of accomplishment, a sense of pride and a sense that if I could survive a Slackware install and make it out on the other end, a gender transition should be a piece of cake, right?

I had finally figured out the logistics of my transition and set a date. To put it mildly, the concept was sound, but the exectution went poorly. I lost my job, my family and the entire situation created a rift in my family that will probably never, unfortunately heal. So, here I was, age 24, with a brand new gender presentation, a high school diploma, a job history I couldn't use because it was under a different name. I had moved to Philadelphia and was living on a friends couch because I was kicked out of home. Things were not looking very positive.

But, there were a few things I did have.

I knew how to write code.

I knew Unix and Linux.

I was too damn subborn to take "No".

And I was left with no other choice.

I'm not sure how I got hired, I'm sure in part it was a bit of desperation on their part, but within the month, I ended up getting hired as a sysadmin, administering 250 AT&T BSD boxes that ran a computer based testing suite. I ended up working on porting the program over to Linux which got me hired into writing the next generation of that software.

From there it was on to trying my hand at UI design with stops in animation, power grid, control systems. And then, eventually, to my current home in the embedded world.

I look over the past 30 years since I first sat down at that old Commodore PET and am thankful. I had a mother who, despite our differences, firmly instilled in me the idea that women, even women like me, could do anything. I had a work ethic that instilled in me that as long as I could do the job, nothing else mattered. I had the stubborness to not believe the people who were telling me "NO!". I had the curiosity and the drive to figure it out for myself because I knew that no one was going to tell me how to do it.

My nerdcred doesn't come to me from a piece of paper, but by sheer force of will.  I know a lot of my collegues came to where they're at by the "traditional" route, university, internships, etc. I'm glad for them but I do not envy them a bit. While my route was the hard, tough slog, I would never trade it for the world.

I firmly believe that my past gives me a perspective in geekdom that is relatively unique. It has made me a better engineer than I think I would have been had I gone that traditional route. It has defined who I am and has made me a better person because of it. I can look at people from non-traditional nerd backgrounds and see their inner engineer. I've learned that sometimes, you find the most brilliant of people in the least likely of places. I approach new experiences, be they personal or technological without one iota of fear.

And lastly I always know that the first program I write whenever I learn a new language is going to be my own, special, personal version of the first two line program I ever wrote.


Going against the grain

For me, I have been an advocate of Linux from the first day I set eyes on Redhat 4.2 at the age of 14. I had my new PC for less than 6 months when I decided to wipe Windows95 from the disk, and install RedHat with its awesome NeXTSTEP window manager.

That was the first day I started to argue the point about the difference between Windows and Linux. Sure, Windows had loads of software, but Linux had so much potential, but still living with my parents meant that they wanted to use Windows if they needed to use a computer, they could not possibly use Linux.

It continues like this from thereonin. At school, I was the odd one, the teachers concerned that I may do something which in their eyes would be the equivalent of digital armageddon.

For me, Linux really took off when I discovered Usenet, where I started to discover more and more applications, scripts and more distributions of Linux, where I quickly moved onto Debian.

When I went to college, I found myself doing a course in IT in which the IT lecturers, and the IT support staff had not ever used anything other than Windows. They were stuck in their ways, only teaching and supporting Windows and Microsoft technologies.

Despite arguing my advocacy for Linux for several months, and requesting that I used an alternative to Windows, I was alway shunned to the point where I was warned that if I didn't conform, I would be kicked off the course.

Being restricted like this wasn't good for me, I soon dropped out, wanting to find a way to stretch my wings, and teach myself what I wanted to learn. I felt that Linux was certainly the way to go.

It was certainly the right thing to do. In every job I have had, I have brought in Linux. Each time, it has been the same. I promote, people seem me as being a bit odd, suggesting time after time that we should use Linux for X. Eventually wearing them down to the point that I get to do it, and every time, I have managed to deliver and beyond, whether its because it was more forgiving with some questionable hardware, or whether it was that it 'just worked'.

For me, my biggest win was working at an eduational establishment where the majority of the infrastructure was apple-based, with their 'crashproof technology', and their 'it just works' motto, I loved the fact that over six years I took critical services away from OSX Server to linux, seeing server uptimes over a year on Linux hardware, compared to the weekly reboots required by their fruity counterparts.

I found however, attitudes change when I became a developer. Once I start working with people who embrace technology, and don't sit on the rigid rails of Microsoft brand software, it was easy to convince people to use Linux servers, and also the benefits of using it day-to-day as a desktop, a staging system, and the basis of every new project I develop. Now, I am Senior Developer for a multi-million pound company, one of the fastest growing tech companies in the UK, and one of the top growing 200 tech companies in the EMEA. I put a lot of faith in the tools I use, and they have never let me down.

Even after 16 years, I still get strange looks, my wife still refuses to use Linux, and I can easily empty a room just by showing my passion. Despite all this, I continue on, promoting Linux, promoting Opensource technology, and always being there if anyone wanted help making the same change too.


My Nerd Story: Learn By Doing

My nerd story started in the winter of 2007, when I was 13 years old. And it all started from a simple challenge from a friend to look at some HTML tutorials, which I did. And I was captivated from the first second. I started doing very simple things like writing text and changing the background colour of a page, you know, beginner's HTML stuff, but I found it a lot of fun. For some reason, this stuff was second nature for me from day one.
Read more... Comment (0)

My Nerd Story: Ham Radio, Atari, and UNIX

My geek story started early, probably because my dad and grandfather were into amateur radio (ham radio) in a pretty hard core way from the time I was little. I remember my dad studying for one of the morse code exams when I was maybe 4 or 5 years old, and me being the little sponge that I was, picked it up pretty easily. Nothing like a mouthy toddler shouting the answers to motivate someone to learn.

Read more... Comment (3)

New Year's Resolutions for SysAdmins

Ah, a new year, with old systems. If you recently took time off to relax with friends and family and ring in 2014, perhaps you're feeling rejuvenated and ready to break bad old habits and develop good new ones. We asked our friends and followers on Twitter, Facebook, and G+ what system administration resolutions they're making for 2014, and here's what they said. 

Read more: New Year's Resolutions for SysAdmins





The Electric Grid Vehicle

Made a sketch of what I consider to be an interesting future transport development. The idea is that you wirelessly draw power from the road to charge electric vehicles on the move. With induction strips embedded in the road you wouldn't have to stop to recharge as previous as with fossil fuels. Available energy from the road also means the battery could be made cheaper and a lot less heavy.

The image displays a Grid Car on its way past an old gas station. The car is a hybrid for the longer distances between electrified roads.

With this I would like to show that an electric vehicle future might not be so bad after all. Of cause an electric car future would mean more IT so more opportunities for Linux.



Password guessing with Medusa 2.0

Medusa is my password forcer of choice! Mainly because of its speed. If you're hoping to try it on a Windows box, sorry you're out of luck. As far as I know, there is no Windows port. In which case you're next best alternative is Hydra. See last week's post found here. Medusa was created by the fine folks at, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit Medusa is a command line tool, as far as I know there is no GUI front end. But don't let that scare you, it's super simple to operate. The foo magic of compiling from source is the hardest part. Although if you're running Ubuntu, Medusa is in their repository. Starting with Ubuntu 10.10 Medusa packages were updated to latest 2.0 release. If you're a Fedora fan boy, good news; Medusa RPM is available. With Fedora 16 Medusa was updated to release 2.0. Anything prior will use Medusa 1.5. Other distros may have to compile from source. Compiling Medusa from source: 1. Download Medusa 2.0 source from 2. Decompress tarball tar -xvf medusa-2.0.tar.gz 3. Perform usual compile foo magic ./configure make make install One word of caution. During the ./configure process a module check is performed. If dependencies have not been met, Medusa will not support those modules. You'll have to ensure all dependencies are satisfied before running make and make install. Have a look here if you run into trouble Installing Medusa from Ubuntu Repository: 1. apt-get update 2. apt-get install medusa Basic password guessing with Medusa: If you'd like to see all Medusa options, execute medusa with no switches. If you'd like to see all supported modules execute medusa -d In its most basic form Medusa requires the following information: 1. Target host 2. User name or text file with user names 3. Password or text file with passwords 4. Module name For example; If I want to try a single password guess of abc123 against the Administrator account on a Windows box with an IP address of medusa -h -u Administrator -p abc123 -M smbnt In a Windows environment the Administrator account is special in that it is the only account which cannot be locked out. Although watch out, some environments remove this feature. Before you brute force accounts ensure you know the lockout policy. But let's pretend in this example the Administrator account does not lock out. This means I can attempt as many password guesses as I'd like. In this case I'd download a pre-compiled password list. Then, let Medusa loose and wait. medusa -h -u Administrator -P passwordlist.txt -M smbnt Depending on the latency between you and the target host, limiting concurrent attempts may be a good idea. This can be accomplished with -t or if you'd like Medusa to stop after first succesful username, password combination use -f Medusa is simple, fast and effective. I especially love the number of modules it supports, including web forms. How many times have you wanted to password guess a web site login? With Medusa it is possible, simply provide the proper URL. Medusa even supports SSL and if your target is using security through obscurity by using a non standard port, Medusa supports that too. Specify non standard ports with -n Administrators should be auditing passwords regularly. Weak passwords are your number one concern. If you allow users to generate a weak password they will. You're best bet is to implement a good password policy and enforce it. For more information please visit our blog at:

Squid and Digest Authentication

This week I want to review Digest authentication, which is a step up from Basic proxy authentication, not the best choice but an improvement. Digest Authentication hashes the password before transmitting over the wire. Essentially it sends a message digest generated from multiple items including username, realm and nonce value. If you want to know more see (RFC 2617). Thing to remember is both Basic and Digest are on the weak end of the authentication security spectrum. If your only choice is Basic and Digest, the lesser of two evils is Digest. Digest is very similar to Basic from a configuration perspective. Squid uses an external helper program to facilitate the authentication process. From a Squid configuration perspective, the following pieces are required in the “OPTIONS FOR AUTHENTICATION” section of squid.conf auth_param digest program auth_param digest children auth_param digest realm auth_param nonce_garbage_interval auth_param nonce_max_duration auth_param nonce_max_count The following parameters are similar in nature to Basic authentication; auth_param digest program - provide location of external helper program auth_param digest children – number of spawned processes to facilitate user authentication requests auth_param digest realm – string presented to user when authentication appears on screen Digest authentication introduces the concept of a ‘nonce’ (number used once). This is a generated value (in this case generated by Squid). The client uses this value in conjunction with the password during the hashing process. Without nonce-salting, captured hashed passwords could be replayed. The ‘nonce’ value is regenerated at specified intervals to ensure its continual uniqueness. auth_param nonce_garbage_interval – Specifies how often Squid should clean up its nonce cache auth_param nonce_max_duration – Specified how long the nonce value remains valid auth_param nonce_max_count –Places a limit on how many time a nonce value may be used The last piece of this puzzle is a database of valid users and their associated password. Typically this information is in a hashed text file stored on the Squid server. You should know, Squid does not offer any capabilities for managing it, most users generate it manually or utilize scripts. On an Ubuntu based Squid server the Digest Helper program is located in the following location; /usr/lib/squid3/digest_pw_auth Given above configuration paramaters, the final product should look like this; auth_param digest program /usr/lib/squid3/digest_pw_auth –c /etc/squid3/password-file auth_param digest children 5 auth_param digest realm My Realm auth_param nonce_garbage_interval 5 minutes auth_param nonce_max_duration 30 minutes auth_param nonce_max_count 50 Don’t forget you must adjust Squid ACL’s. The procedure is identical to Basic Auth reviewed last week. Regarding the password file, it should be hashed to keep prying eyes off user passwords. By the way “-c” in above program parameter means you’re specifying the location of a hashed password file. This concludes Digest authentication, don’t forget to restart your proxy server. Next week I’ll talk about NTLM authentication, since most of you are using Windows networks. To find out more visit:

Squid and Basic Authentication

This is perhaps the easiest authentication helper to configure in Squid, but also the most insecure. The biggest problem with Basic is it transmits username and password in clear text, hence very susceptible to network sniffing or man in the middle type attacks. The only reason I’m writing about it is it’s a valid authentication mechanism in some limited circumstances. Secondly I want to show you how authentication has evolved over the years. Ultimately you want to Kerberos authentication with your Squid proxy, but before we got there we had basic. And here is how to configure it; First thing that requires out magic touch is Squid’s configuration. Locate and navigate squid.conf The first section you’ll come across is for configuring authentication. It’s called; # OPTIONS FOR AUTHENTICATION # ----------------------------------------------------------------------------- You’ll notice there are many comments in this section explaining all the different options. But let’s jump ahead to what we came here for… Locate the following lines; note they will be commented out. Enable them by removing the hash character ‘#’ auth_param basic program auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours If you haven’t noticed already the first parameter auth_param basic program configures the location of an external helper program. This helper program is named pam_auth and on an Ubuntu system is located in the /usr/lib/squid directory. In fact all authentication helpers are located in this directory. Therefore our first line should look like this; auth_param basic program /usr/lib/squid/pam_auth Next we have the children parameter. This configures the specified number of processes to handle incoming authentication reuqests. In above example pam_auth will spawn 5 separate processes to handle all authentication requests. Anywhere between 5-10 helper processes is a good starting point. If Squid runs into trouble, it will tell you in /var/log/squid/cache.log , monitor this file closely. Then we have a realm parameter. This is a string which is presented to the user when the authentication prompt appears on screen. With Basic authentication this is an arbitrary string value. You can use anything, like; “Welcome to my really cool Proxy Server. Enter your Username and Password” Lastly we have the credentialsttl parameter which dictates how long Squid caches authentication requests internally. Keep in mind a small value increases Squid load, while a larger value will reduce it. You may need to play with this if you notice your Squid box is really busy. The last piece to this puzzle is enabling Squid’s authentication ACL. This includes changing two additional parameters. ( ACL & HTTP_ACCESS). The default ACL bases access or no access on client subnets. ACL LOCALNET SRC is an example of one. To enable authentication, comment out above default ACL and replace with this; acl authenticatedusers proxy_auth REQUIRED Lastly enable above access list, named authenticatedusers http_access allow authenticatedusers That’s it. Restart Squid service and you should now be prompted for user name and password. You session will be authenticated until you close your browser.
Page 2 of 15

Upcoming Linux Foundation Courses

  1. LFD312 Developing Applications For Linux
    16 Feb » 20 Feb - Atlanta - GA
  2. LFD331 Developing Linux Device Drivers
    16 Feb » 20 Feb - San Jose - CA
  3. LFS220 Linux System Administration
    16 Feb » 19 Feb - Virtual

View All Upcoming Courses

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board