I recently came across Team Cymru’s website in the Swiss CTI git repository. The Swiss National Cyber Security Centre NCSC did mention them in the disclaimer for the ASN lookups.
Categories
Free IP to ASN Mapping Service
Author: Luki
Categories
How to Self-Sign PowerShell Scripts
I was trying to figure out how to sign PowerShell scripts with a self-signed certificate. This is a simple step-by-step guide on how you can provision your own certificate for testing and sign and verify PowerShell scripts.
If you plan to use a publicly trusted code signing certificate, this is however not the exact process as you should be using an HSM to secure your certificate.
Categories
Piwigo API Documentation
Recently, I was implementing a machine that does automatic labeling of images in my Piwigo. I used OpenAI gpt-4o-mini for this purpose, and every two hours, the folder is scanned for images without titles and descriptions. If some are found, it will automatically add a title and description.
Once I started with my endeavor, I was surprised that there is no “online reference” for the API.
Categories
Transcribe audio with AI locally
I’m collecting a multitude of skills in local AI processing, and today it is audio to text. I switched to Ollama for most of my AI processing needs, but audio files can’t yet be processed via Ollama APIs. Therefore, I was looking for an alternative, however, I didn’t look for a RETS API; running a Docker container will be sufficient for me.
I used whisper on Docker.
Categories
Public IP Lookup Service
A common task for an administrator is to check the public IP addresses of the current system they are on or the current system they are using. This is important both in day-to-day work and while working with cloud providers. There are many services available, but not all are created equal.
Categories
ADO Pipeline library export and import
In the Azure DevOps world, moving from one tenant to another is not a very familiar concept based on Microsoft documentation. I had to do exactly this. The Azure DevOps Migration Tools did the trick for most of the ADO Boards-related things.
Repos were copied over by pushing to a new Git source.
Pipelines are stored in the Git repository as YAML and were imported / linked again.
One large task was migrating the pipeline library. You can’t export the values secrets in the library, but I used a tool to make sure to copy everything over. Having the secret variables copied over with empty values was already very valuable to me.
Categories
ReCaptcha – Invalid key type
This is a quick bit: I recently had to add a reCAPTCHA key to a website. However, the keys provided did not work directly and I saw the Invalid key type error.
ERROR for site owner: Invalid key type
In my case, this could be fixed by reissuing the key, switching from a version 3 key to a version 2 key.
Some considerations
A Large-Scale Real-World User Study of reCAPTCHAv2
A 2023 UC Irvine study titled “Dazed and Confused: A Large-Scale Real-World User Study of reCAPTCHAv2” revealed startling findings about Google’s reCAPTCHA system, suggesting it has become more of a data harvesting tool than an effective security measure. The research, which analyzed 3,600 users over 13 months, found that CAPTCHAs not only fail to prevent bot traffic effectively (with bots often outperforming humans), but have also collectively wasted an estimated 819 million hours of human time—equivalent to 1,182 lifetimes—while generating up to $888 billion in value for Google through tracking cookies and valuable AI training data. The study concluded that reCAPTCHA has essentially become “a tracking cookie farm for profit masquerading as a security service,” raising serious questions about the widespread use of this purported security tool.
- Studies show that CAPTCHA tests are ineffective against modern AI bots.
- Google uses reCAPTCHA v2 and v3 primarily for data collection.
- AI programs solve image puzzles with nearly 100% success rates.
- reCAPTCHA v3, with the “I’m not a robot” checkbox, is easily bypassed by bots.
- Users with VPNs or anonymized data are blocked more frequently than bots.
- The value of the data collected through CAPTCHAs is estimated at $888 billion.
- The study recommends eliminating reCAPTCHA v2 and similar systems.
Categories
My experience with LLM use cases
As I work every day, I constantly see recurring work that I would like to optimize and automate. There are use cases that feel obvious that they should work and easy to do, but the real-world experience is different. Read about my learning.
Categories
What i learned about Ollama
Ollama is great for running a local self-hosted AI REST API. You can load all kinds of models, whether they’re for chatting, vision, or embedding. At this time, I’m not aware that voice models can be used for input or output, but that might only be a matter of time.
Why Ollama
Why would you like to run Ollama? First of all, the models you can load are likely less powerful than what you can consume from the OpenAI API or Anthropic API. However, you can fully locally process, gaining the privacy of not having to process in a US datacenter but rather it does not even have to leave your house. Additionally, if you need to process massive amounts of data and the precision is sufficient from the open models, you might have to wait longer for all to be processed, but using public APIs can also rack up vast amounts of cost to do so. Even by error, you might burn through $80 in no time when you missed a error catch in your code. In the Ollama case, you only have your upfront cost for the device and the energy burned. But then you have no sudden surprises. But also your processing is of course limited; you can’t massively parallel process. So it highly depends, but there is a sweet spot to solve issues on your own machine.
Categories
Instrumentation Keys to Connection Strings
On March 31, 2025, Microsoft will end support for instrumentation key-based global ingestion in Azure Monitor’s Application Insights. After this date, while your resources will still receive data, updates and customer support related to this method will no longer be available. This change marks the transition from global endpoints to regional ones that utilize connection strings, offering benefits like authenticated telemetry ingestion, regional data residency, and endpoint customization for intranet or hybrid environments.