Steve Clement
Systems writing with an operator’s bias.
Field notes on networking, security, automation, and AI. Essays here stay practical: real failure modes, production habits, and the tradeoffs behind good technical decisions.
Latest essay
Claude Outage Recap — and the Case for Redundant AI Options
A short recap of yesterday’s Claude outage and the lesson it drove home: don’t bet your workflow on a single AI.
Editorial note
This site favors durable technical writing over feed churn. If a post is here, it is meant to be useful after the hype cycle ends.
Archive
The Waste Land as a Modern Prophecy
Reading T.S. Eliot’s The Waste Land as a recurring prophecy of modern history: fragmentation, hollow rituals, and the long search for renewal.
Packet Tycoon: Blame it on the Network
I built a network engineering tycoon game. Place routers, route packets, fight cyber threats, and try not to go bankrupt. Everything's broken and it's definitely your fault.
Network Memes That Hit Too Close to Home
Network engineering is 10% configuring routers and 90% explaining to people why you can't "just add more bandwidth." Here are the memes that get us through the day — and the painful truths behind them.
Roko's Basilisk: The AI That Punishes You for Reading This
What if I told you there's a thought experiment so dangerous that a forum moderator tried to scrub it from the internet? Roko's Basilisk is the AI thought experiment that punishes you for knowing about it — and now you're about to know about it. Sorry in advance.
Building a Mobile LoRa Mesh Repeater: From OpenSCAD to Truck Roof
Building a portable, magnetic-mount LoRa mesh repeater for my truck using a RAK WisBlock, 3D printed PETG mount, and a weatherproof junction box. From OpenSCAD design to road-ready in two days — with an AI assistant helping along the way.
Magnetar Flares: When Dead Stars Throw Tantrums
If gamma ray bursts are the universe's nuclear bombs, magnetars are its unstable neighbors with a hair-trigger temper. These dead stars pack the strongest magnetic fields known to exist, and when they snap, they release more energy in a tenth of a second than our Sun produces in 100,000 years. The worst part? There are known magnetars in our galaxy. We're just hoping none of them are pointing at us.
Vacuum Decay: The Universe Could Just Stop
What if the universe is fundamentally unstable? Not in some distant future heat death way, but right now, in a way that could end everything without warning? Vacuum decay is the ultimate existential threat — a bubble of true nothingness expanding at light speed, rewriting the laws of physics and erasing everything in its path. You would never see it coming. You would never know it happened.
The Silent Loop: How a Single IP Phone Can Take Down Your Network
A single Cisco IP phone plugged into two switch ports took down our network. Spanning Tree Protocol was running, BPDUs were flowing, and STP should have detected the loop—but it didn't. The culprit? IEEE 802.1D compliance. Devices that correctly implement the spec filter BPDUs while forwarding all other traffic, creating loops that are invisible to STP but catastrophic to your network.
Leveraging Local AI Models for Writing Blog Posts
The rise of Artificial Intelligence (AI) has dramatically transformed various industries, and content creation is no exception. With the advent of locally deployable AI models, such as Dolphin, writing blog posts has become a more efficient and intriguing process. In this post, we will explore how these models can revolutionize your approach to crafting compelling content.
Enterprise SSL Certificate Automation: Preparing for the 90-Day Reality
Certificate lifetimes are shrinking. Here's how to automate SSL/TLS certificate management across enterprise infrastructure before manual renewal becomes impossible.
Fortinet and Cisco Spanning Tree Interoperability - A Real-World Case Study
In today's complex network environments, it's increasingly common to find equipment from multiple vendors coexisting. While this offers flexibility, it can also introduce challenges, particularly when dealing with fundamental protocols like Spanning Tree Protocol (STP). I recently encountered a classic interoperability issue between Fortinet FortiSwitches and Cisco Catalyst switches that highlights the importance of understanding STP variations.
Channeling Ed Chambers: Battling Network Engineering Anxiety
The ticket arrives at 2:47 AM. P1 - CRITICAL: Major application down. Revenue impact imminent. Network suspected.
The Enterprise Network Automation Paradox: When Not to Automate
The automation evangelists will tell you to automate everything. The reality in enterprise networks is far more nuanced. After years of managing large-scale networks, I've learned that the biggest challenge isn't figuring out how to automate—it's knowing what's worth automating in the first place.
Optimize Your Life Series: Health
This is the second post in the "Optimize Your Life" series. After exploring how to optimize your time, we turn to the foundation that makes all optimization possible: your health.
Everyone Needs Their Inner Ed Chambers
If you've watched HBO's Silicon Valley, you know Jared Dunn as the perpetually anxious, people-pleasing assistant who apologizes for existing and speaks in nervous German fairytale metaphors. But you also know Ed Chambers—the confident alter ego that emerges when Jared's back is truly against the wall (Season 4, Episode 7: "The Patent Troll").
Optimize Your Life Series: Time
This is the first post in the "Optimize Your Life" series, where we'll explore fundamental principles for living more intentionally. We start with the most valuable resource we all share: time.
Fixing Video Playback in Fedora Sway Atomic: A Complete Guide
Moving to Fedora Sway Atomic brings many security benefits, but it also introduces some multimedia challenges. One of the first issues I encountered was video playback—the pre-installed Firefox couldn't play videos from various sources, including my Jellyfin media server. Here's how I solved it completely.
Switching from Fedora 41 to Fedora Sway Atomic 42: A Security-First Journey
After years of running traditional Fedora installations, I've made the leap to Fedora Sway Atomic 42. This isn't just a distro switch—it's a fundamental shift in how I think about desktop security and system management. While there's definitely a learning curve with rpm-ostree, toolbox, and flatpak, the security benefits make this transition worthwhile for the long term.
Minimaxing Enterprise Cybersecurity
As we advance deeper into 2025, cybersecurity faces unprecedented challenges. AI-driven attacks are becoming more sophisticated, quantum computing threatens to break traditional encryption, and the attack surface continues to expand exponentially. Traditional security approaches—reactive, deterministic, and pattern-based—are proving inadequate against these adaptive, intelligent threats.
Gamma Ray Bursts: My Favorite Existential Threat to Humanity
Of all the ways humanity could meet its end, there's one that simultaneously terrifies and fascinates me more than any other: gamma ray bursts (GRBs). These cosmic monsters represent perhaps the most hardcore science fiction scenario that could actually happen in reality. They're unlikely, but disturbingly possible. And if one happened near enough to Earth, we'd be completely powerless to stop it.
The Automation Paradox: Why 80% Automated Still Means 80% Manual Work
How the Pareto Principle reveals the hidden truth about network automation
Redesigning with a Minimal Hacker Theme
I just finished redesigning this blog with what I'm calling a "minimal hacker theme." The old design was getting stale, and I wanted something that reflected my background in systems and security work without being too flashy.
The Future is Claude
I think I'm becoming addicted to Claude Code. There, I said it.
First Class
This year I have a job that requires two days per week in the office. Purely remote jobs are tougher to get. There's a lot of competition for them. That's fine. I like being in the office. It means I get to spend time in the car listening to music. I like all kinds of music from Country to Rap. One of the things I like to do is really listen to the music and figure out what the artist is talking about. Most of the time I get it wrong.
Labbing a Cisco FTD Upgrade with KVM on Linux
I have a Debian desktop with 128GB RAM (RAM isn't too expensive, so this wasn't too bad). My hypervisor is KVM. I started out trying to run the Firepower Management Center and Firepower Thread Defense firewalls in EVE-NG, but that didn't seem to work, so I installed them as their own VMs.
Systems of Thinking
There are at least 2 systems of thinking.
Ego is the Enemy
Ego is the Enemy by Ryan Holliday helped me get through getting laid off from Lumen Technologies.
Fizz Buzz in Fortran
Last week I did FizzBuzz in Cobol. Continuing my old programming language series, here is Fizzbuzz in Fortran.
Fizz Buzz in Cobol
Whenever I want to learn a new programming language one of the first things I do is to make a fizzbuzz program. Fizzbuzz programs loop through a range of numbers, usually 1 through 99, and print 'fizz' if the number is divisible by 3 and 'buzz' if the number is divisible by 5. It prints 'fizzbuzz' if it's divisible by both.
Old Vulnerabilities: PHF
We think we have it bad with some of the vulnerabilities out now, most recently Palo Alto and Cisco have had major SSL VPN vulnerabilities, but at least we have some basic security.
Palo Alto CVE-2024-3400
This has been a huge headache last week. I guess we have every firewall upgraded to a safe version now (10.2.8-h3). So, damage may have been minor from this.
What I Have Been Working On
For every work task, I create a markdown file with a frontmatter header that I tag with the technologies that I am working with in the task. I wrote a python script to crawl all of the files and then show a tag cloud with all of the technologies I have been working on in the past few years.
F5 Backup Automation
Backing up the configs of our appliances was my first automation. The goal was to backup about 100 F5 BIG-IPs weekly to a file server.
Overcoming Fear of IaC
In the fast-paced world of technology, Infrastructure as Code (IaC) has emerged as a fundamental pillar for managing and scaling modern infrastructure. However, for many individuals and teams, the prospect of diving into the world of IaC can be daunting. The fear of the unknown, coupled with concerns about complexity and potential errors, can often hold individuals back from embracing this powerful paradigm shift. But fear not! In this blog post, we'll explore how to overcome the fear of Infrastructure as Code and embark on a journey towards empowerment and efficiency.
Cisco ASA TCP Syslog Outage
Let's say you have a Cisco ASA firewall in your network. It is configured with a syslog server and it happily sends its logs over using default UDP port 514. UDP is connectionless, so the ASA sends these packets, but it does not know if they are received. This goes on for a couple of years. Your network is happily chugging along, your business is doing what it does, and someone decides to switch syslog to TCP. Why would you want to do that? I'm not sure, I supposed you could combine TCP with TLS and encrypt the logs going over the network. There could be several reasons to go with TCP, but in this situation switching to TCP is going to cause an outage.
Adventures with stunnel
I was tasked with figuring out a strange issue. A web service kept going unavailable for 5-15 minutes at a time. These outages would occur once per day for 1-3 days and then a month or two later it would happen all over again. It was impossible to reproduce. I had to figure this out.