PeopleAreGeek
FR

Articles & guides

Explainers, how-to guides and the occasional news note. The answer comes first, always, then the numbers, diagrams and sources for going deeper.

Answer card: Anthropic disabled Claude Fable 5 and Mythos 5 worldwide on June 12 2026 after a US government export-control order, with Opus 4.8 the live fallback.

Dev News

Anthropic Suspends Claude Fable 5 and Mythos 5

Anthropic disabled Claude Fable 5 and Mythos 5 worldwide after a US government order. The timeline, the trigger, and how to fall back to Opus 4.8 fast.

 Answer card: AI in cybersecurity in 2026 is a dual-use force multiplier, the same capability helping defenders triage and attackers exploit.

Security

AI in Cybersecurity 2026: Real vs Hype, Both Sides

AI in cybersecurity in 2026: what it really does for defenders (triage, summarization, code review), what attackers do with it, and the dual-use problem.

 Answer card: most of the bug bounty skill you need is sysadmin DNA already, and the report is what gets paid.

Security

Bug Bounty Starter Guide for Sysadmins

A bug bounty starter guide for sysadmins: how your DNS, HTTP and Linux skills transfer, the five free tools I open, and the report shape that gets paid.

 Answer card: run a capable local AI agent with Ollama and Qwen 2.5, install on Windows, Linux or macOS, pick the model size by VRAM, call it from Python and LangChain.

Dev Guide

Build a Local AI Agent with Ollama + Qwen 2.5

How I run a local AI agent with Ollama and Qwen 2.5 in 2026: install on Windows, Linux or macOS, pick the model your VRAM fits, call it from Python and LangChain.

 Answer card for migrating off end-of-life CentOS 7 or 8 to Rocky Linux 9 or AlmaLinux 9: two routes, in-place ELevate or fresh install, with a mandatory pre-flight inventory.

Sysadmin Guide

CentOS to Rocky Linux 9 Migration Playbook 2026

CentOS to Rocky Linux 9 migration, end to end: the in-place ELevate route, the fresh-install route, the pre-flight inventory, and the breaks that fail silently.

 Answer card comparing ChatGPT, Claude and Gemini in 2026, with no single winner because the best model depends on the job.

Dev

ChatGPT vs Claude vs Gemini 2026

A hands-on ChatGPT vs Claude vs Gemini comparison for 2026, ten real jobs tested through the APIs: code, research, writing, data, vision, cost and latency.

 Answer card for the chmod and chown cheatsheet: chmod +x as the Permission denied fix, 755 and 644 as the everyday modes, chmod 600 for secrets, chown -R for ownership, and read 4 write 2 execute 1.

Sysadmin Guide

The chmod and chown Cheatsheet, Decoded

A practical Linux chmod and chown cheatsheet: the Permission denied fix with chmod +x, why 755 and 644 keep showing up, chown for ownership, and recursing safely.

 Answer card comparing Claude Fable 5 and Opus 4.8: new Mythos-class tier above Opus, 95.0% vs 88.6% on SWE-bench Verified, exactly 2x the price.

Dev

Claude Fable 5 vs Opus 4.8: One Day In

Claude Fable 5 vs Opus 4.8 after a mid-session swap on launch day: 95.0% vs 88.6% SWE-bench, exactly 2x the price, and the safety routing caveat.

 Answer card for choosing a Linux distribution in 2026: weigh team skills, compliance, app stack and support model in order, then fall through to Ubuntu 24.04 LTS.

Sysadmin

Choosing a Linux Distribution in 2026: Decision Guide

Choosing a Linux distribution in 2026 without the tribal noise: four inputs that decide (team skills, compliance, app stack, support) plus honest distro profiles.

 Answer card for Core Web Vitals 2026: LCP under 2.5 seconds, INP under 200 milliseconds and CLS under 0.1, all judged at the 75th percentile over a rolling 28 days.

SEO

Core Web Vitals 2026: LCP, INP and CLS Mastery

Master Core Web Vitals in 2026: what LCP, INP and CLS really measure, lab vs field data, the fixes that still hold up, plus budgets and a weekly workflow.

 Answer card for building a CTF lab on Hyper-V: three trust-segmented virtual switches feeding a Kali attacker, pfSense, Metasploitable3, a broken Windows 10 and DVWA.

Sysadmin Guide

Build a CTF Lab on Hyper-V: Full Walkthrough

Build a CTF lab on Hyper-V: three trust-segmented virtual switches, a Kali attacker, Metasploitable3 and a broken Windows 10, with pfSense in the middle for routing.

 Answer card for the curl cheatsheet: download and keep the remote name with curl -O, follow redirects with -L, fetch headers only with -I, and POST JSON with -d.

Dev Guide

curl Cheatsheet: Download Files and Test APIs

A practical curl cheatsheet: download and keep the remote name with curl -O, follow redirects with -L, fetch headers only with -I, and POST JSON with -d.

 Answer card for DNS over HTTPS: lookups wrapped in TLS 1.3 on port 443, native on Windows, Linux and macOS, self-hosted with unbound plus dnsdist.

Network Guide

DNS over HTTPS Implementation Guide

DNS over HTTPS the way I roll it out: what DoH buys you (and what it does not), flipping it on for Windows, Linux and macOS, plus self-hosting and edge enforcement.

 Answer card: an ESXi host Not Responding in vCenter is a dead management link, not a dead host. Restart hostd then vpxa, free a full log partition, check ports 902 and 443, then reconnect.

Sysadmin Guide

Fix: ESXi Host Not Responding in vCenter

ESXi host Not Responding in vCenter is almost always a dead management link, not a dead host. Restart hostd then vpxa, clear the log partition, check ports 902/443.

 Answer card for the Linux find command cheatsheet: find by name, by type, by size, by time, delete matches, and run a command on each result with -exec.

Dev Guide

The find Command Cheatsheet: Recipes You Actually Use

A practical Linux find cheatsheet: find by -name, big files with -size +100M, recent ones with -mtime, delete with -delete, and run -exec on each hit.

 Answer card comparing git rebase and merge: merge preserves history with a two-parent commit, rebase rewrites it into a straight line.

Dev Guide

Git Rebase vs Merge: A Visual Workflow Guide

Git rebase vs merge, decided in one mental model and five real situations: branch diagrams before and after, the exact commands, and the rule I never break.

 Answer card for the Linux grep cheatsheet: search one file with grep pattern file, search a tree with grep -rn, ignore case with -i, invert with -v, and choose -E or -F.

Dev Guide

The grep Cheatsheet: Search a File, Search a Tree

A practical Linux grep cheatsheet: search one file with grep pattern file, search a whole tree with grep -rn, ignore case with -i, invert with -v, and pick -E or -F.

 Answer card for fixing 'the hypervisor is not running' in Hyper-V: five gates in order, BIOS virtualization, the feature, hypervisorlaunchtype, conflicts, then services.

Sysadmin Guide

Hyper-V: The Hypervisor Is Not Running, Fix Guide

Fix Hyper-V 'the hypervisor is not running' by working the five gates in order: BIOS virtualization, the feature, hypervisorlaunchtype, conflicts, services.

 Answer card for image optimization in 2026: serve AVIF first through picture, a four-width responsive srcset, lazy-load everything but the hero, compress to the lowest quality you cannot see, and pin width and height.

SEO Guide

How I Optimize Images for Website Speed in 2026

Image optimization techniques for 2026: why AVIF goes first with WebP and JPEG behind it, responsive srcset, the lazy-load plus LCP trap, compression, and CDN automation.

 Answer card: keep INP under 200 milliseconds at the 75th percentile, the good threshold for the Core Web Vital that replaced FID.

SEO

INP Optimization 2026: Fix Interaction to Next Paint

A hands-on INP optimization guide for 2026: the twelve Interaction to Next Paint killers I keep finding in audits, how to profile them, and a real 480ms to 120ms fix.

 Answer card mapping iptables to nftables: list rules, allow SSH, default drop, persist, and translate.

Network Guide

iptables vs nftables: A Linux Firewall Cheatsheet

iptables vs nftables, side by side: list rules, allow SSH on dport 22, default drop policy, persist to rules.v4 or nftables.conf, convert with iptables-translate.

 Answer card for the Linux firewall comparison: iptables, nftables, firewalld and ufw all write rules to one nf_tables kernel backend in 2026.

Network

Linux Firewall Comparison 2026: ufw, nftables, iptables

Linux firewall comparison for 2026: iptables, nftables, firewalld and ufw all poke one kernel. Per-distro defaults, the same rule four ways, plus my honest pick.

 Answer card: 32 sysctl hardening toggles grouped into network, kernel, filesystem and process plus BPF plus modules, sorted by criticality.

Security Guide

Linux Kernel Hardening: sysctl Checklist

Linux kernel hardening with sysctl: the 32 toggles I actually ship, grouped by subsystem and sorted by how much each one matters, plus a drift check.

 Answer card mapping deprecated net-tools commands to their iproute2 replacements: ifconfig to ip a, netstat -tulpn to ss -tulpn, route to ip route, arp to ip neigh.

Network Guide

Linux Networking Commands: ip and ss Cheatsheet

ifconfig and netstat are gone on most modern Linux installs. The iproute2 replacements you need: ip a, ss -tulpn, ip route, ip neigh, and a clean old-to-new map.

 Answer card comparing a matched MikroTik RouterOS stack against a Ubiquiti UniFi stack for a prosumer home network, both around 400 EUR.

Network

MikroTik vs Ubiquiti for Home Networks (2026)

MikroTik vs Ubiquiti for a prosumer home network: matched stacks under 400 EUR, CLI vs UI, real routing protocols, Wi-Fi roaming, VPN, a 3-year cost breakdown.

 Answer card for mobile optimization in 2026: mobile is the default Google ranks, the three Core Web Vitals targets (LCP under 2.5s, INP under 200ms, CLS under 0.1) at the 75th percentile, and the usual culprits.

SEO Guide

Mobile Optimization 2026: Fast and Findable on Phones

Mobile optimization in 2026: the Core Web Vitals targets for mobile (LCP under 2.5s, INP under 200ms, CLS under 0.1), what slows a phone, and how to test like one.

 Answer card: five Linux network stacks in 2026, netplan, ifupdown, NetworkManager, systemd-networkd and wicked, doing the same static IP job across seven distros.

Network

Network Config Across Linux Distros in 2026

Network config across Linux distros in 2026: netplan, ifupdown, NetworkManager, systemd-networkd and wicked compared, with the static IP recipe for each.

 Answer card for the nmcli cheatsheet: scan Wi-Fi with nmcli device wifi list, join with nmcli device wifi connect SSID password, show saved profiles, and set a static IP with ipv4.method manual.

Network Guide

nmcli Cheatsheet: Manage Wi-Fi From the Terminal

A practical nmcli cheatsheet for NetworkManager: scan and connect to Wi-Fi, list saved connections, bring them up and down, check device status, and set a static IP.

 Answer card comparing pfSense CE 2.7 and OPNsense 24.7 for a home network: same FreeBSD core and protocols, different release cadence, UI, and plugin ecosystem.

Network

pfSense vs OPNsense for Home Networks (2026)

pfSense vs OPNsense for home networks, run side by side on one N100 mini-PC for years: UI, update cadence, plugins, real benchmarks, appliances, and which I pick.

 Answer card for the PowerShell networking cheatsheet: Test-NetConnection with -Port to check a port, Get-NetIPConfiguration for IP and DNS, Get-NetTCPConnection for listening ports, Resolve-DnsName for lookups.

Network Guide

PowerShell Networking Cheatsheet for Windows

A PowerShell networking cheatsheet: test a port with Test-NetConnection, read your IP and DNS with Get-NetIPConfiguration, find listening ports, resolve names.

 Answer card comparing Proxmox VE, VMware ESXi and Hyper-V in 2026 across cost, clustering, backup and containers, with Proxmox the default pick for most.

Sysadmin

Proxmox vs ESXi vs Hyper-V in 2026: Which to Run

Proxmox vs ESXi vs Hyper-V in 2026: honest cost, licensing, clustering, backup and containers after the Broadcom shakeup, plus which fits homelab or enterprise.

 Answer card: a Python regex cheatsheet of 20 tested re patterns for email, IPv4, URL, UUID, log lines and more, each with its edge case.

Dev Guide

Python regex cheatsheet: 20 essential patterns explained

A Python regex cheatsheet of 20 tested re patterns: email, IPv4 and IPv6, URL, phone, ISO 8601, UUID, CSV split, log lines, slugs, with the edge case for each.

 Answer card for the rsync cheatsheet: mirror a folder with rsync -av, copy over ssh with rsync -avz, mirror exactly with --delete, preview with a dry run, resume with -avP, and the trailing slash gotcha.

Sysadmin Guide

The rsync Cheatsheet: Mirror, Sync and Copy Over SSH

A practical Linux rsync cheatsheet: mirror with rsync -av, copy over ssh with -avz, mirror exactly with --delete, dry-run, resume, and the trailing slash gotcha.

 Answer card for hardening an Ubuntu 24.04 server: keys-only SSH on a custom port, UFW default deny, fail2ban, unattended-upgrades, AppArmor enforce, auditd.

Security Guide

Ubuntu 24.04 Server Hardening: SysAdmin Checklist

Ubuntu 24.04 server hardening, the way I run it on every VPS: keys-only SSH on a quiet port, UFW, fail2ban, unattended updates, AppArmor enforcing, auditd.

 Answer card for a self-hosted WireGuard VPN: server on a 5 EUR VPS, split vs full tunnel, Curve25519 keys, NAT and DNS done right.

Network Guide

Self-Hosted VPN with WireGuard: Setup Guide

Self-hosted WireGuard VPN on a 5 EUR VPS: pick split vs full tunnel, generate Curve25519 keys, write the server and client configs, and get NAT and DNS right.

 Answer card for a SOC homelab: Wazuh host monitoring and SIEM, Suricata network IDS, and the Elastic Stack for storage and search, on one small VM.

Security Guide

SOC Homelab with Wazuh, Suricata and ELK

Build a SOC homelab with Wazuh, Suricata and the Elastic Stack on a spare VM: the single-node installer, agent enrolment, and test attacks you can fire yourself.

 Answer card for running Nagios Core on a Hyper-V Ubuntu 24.04 VM: build from source, probe HTTP, SSH, MySQL and disk, alert by mail and Telegram.

Sysadmin Guide

Nagios on Hyper-V: Server Monitoring Setup Guide

Server monitoring with Nagios on a Hyper-V Ubuntu 24.04 VM: build Nagios 4.5 from source, aim HTTP, SSH, MySQL and disk probes, then wire mail and Telegram alerts.

 Answer card for the SSH command cheatsheet: connect with ssh user@host, make an ed25519 key, push it with ssh-copy-id, copy files with scp, and tunnel with -L and -D.

Sysadmin Guide

SSH Command Cheatsheet: Connect, Keys, scp, Tunnels

A practical SSH command cheatsheet, most-used first: connect with ssh user@host, make an ed25519 key, push it with ssh-copy-id, copy files with scp, tunnel ports.

 Answer card for SSH Permission denied (publickey): read the handshake, then close the first failing gate, from agent to authorized_keys to permissions to sshd to SELinux.

Sysadmin Guide

SSH Permission Denied (publickey): The Fix

Permission denied (publickey) is never mysterious once you read the handshake. The real causes in order, each with the exact command to confirm and fix it.

 Answer card for the systemctl and journalctl cheatsheet: status to check a service, restart and reload, enable --now to start now and on boot, daemon-reload after a unit edit, and journalctl -u NAME -f to tail logs live.

Sysadmin Guide

systemctl and journalctl Cheatsheet

A systemctl and journalctl cheatsheet: status to see if a service runs and why it died, restart, reload, enable --now, daemon-reload, and journalctl -u NAME -f.

 Answer card: Tailscale is WireGuard plus a control plane that distributes keys, traverses NAT via DERP, runs MagicDNS and enforces ACLs.

Network

Tailscale vs WireGuard in 2026: Not Competitors

Tailscale vs WireGuard in 2026: Tailscale is WireGuard plus a control plane for keys, NAT traversal via DERP, MagicDNS and ACLs. When each one wins.

 Answer card for the Linux tar command cheatsheet: create a gzip archive with tar -czf, extract with tar -xzf using the eXtract Ze File mnemonic, list with tar -tzf, and pick a compressor.

Sysadmin Guide

The tar Command Cheatsheet: Create, Extract, List

A practical Linux tar cheatsheet: create a gzip archive with tar -czf, extract with tar -xzf (eXtract Ze File), list with tar -tzf, plus exclude and strip-components.

 Answer card for Core Web Vitals 2026: LCP under 2.5 s, INP under 200 ms, CLS under 0.1, all judged at the 75th percentile of real field data.

SEO Guide

Core Web Vitals 2026: Fix LCP, INP and CLS (Real Code)

Core Web Vitals in 2026: before/after code I shipped for LCP, INP and CLS, reading a Lighthouse capture honestly, plus the WordPress and Cloudflare toggles I reach for.

 Answer card for self-hosting Vaultwarden: one Docker container behind Caddy with automatic TLS, first admin signup, signups disabled, then fail2ban, restic backups and a locked admin route.

Security Guide

Vaultwarden Self-Host Guide: Bitwarden in 20 Minutes

Vaultwarden self-host guide: docker compose plus Caddy with automatic TLS, your first admin signup, then fail2ban, restic backups, and locking down the admin route.

 Answer card for a VMware ESXi PSOD: read the build, exception type, top backtrace frame and coredump status, then recover the host.

Sysadmin Guide

VMware ESXi PSOD: Diagnose and Recover the Host

VMware ESXi PSOD fix guide: read the purple screen, tell a bad driver from dying hardware, grab the coredump before you reboot, then recover the host.

 Answer card: two ways to run VMware Workstation and Hyper-V together, keep Hyper-V and upgrade VMware to 16+ on the Windows Hypervisor Platform, or disable Hyper-V and VBS for legacy VMware 15.

Sysadmin Guide

VMware Workstation and Hyper-V on the Same PC (2026)

The VMware Device/Credential Guard not compatible error has two fixes: keep Hyper-V and upgrade VMware to Workstation 16+, or disable Hyper-V and VBS for VMware 15.

 Answer card for Wazuh SIEM on a budget: a Raspberry Pi 5 under 100 EUR, an Intel N100 mini-PC, or a Hetzner CAX21 ARM cloud node under 10 EUR a month, all running the single-node bundle.

Security Guide

Wazuh SIEM on a Budget: Pi, N100 or Cloud

Wazuh SIEM on a budget, three paths I actually run: a Raspberry Pi 5 under 100 EUR, an Intel N100 mini-PC, or a Hetzner CAX21 ARM node under 10 EUR a month.

 Answer card: target WCAG 2.2 level AA, kill the five issues that sink most sites, and test with an automated pass, a keyboard pass and a screen-reader pass.

SEO Guide

Web Accessibility and WCAG in 2026

Web accessibility in 2026: target WCAG 2.2 AA, fix the five issues that sink most sites (contrast, alt text, labels, link text, page language), and test it yourself.

 Answer card for Web Workers in 2026: offload heavy JavaScript to another thread so the main thread stays free and INP drops under 200 ms.

Dev Guide

Web Workers in 2026: Patterns, Pitfalls and INP

Web Workers in 2026: the patterns I reach for, the ones I skip, transferables, SharedArrayBuffer, Comlink, and how to prove the move actually helped your INP.

 Answer card for a 2026 web app security audit worked in four layers: transport, application code, supply chain and secrets, each mapped to OWASP 2025.

Security Guide

Web App Security Audit 2026: A Practical Method

The web app security audit I actually run in 2026, in four layers: transport, app code, supply chain, secrets, with the tools and a 25-point checklist.

 Answer card for a 10-step WordPress security audit in 2026: PHP and WP versions, plugin CVEs, HTTP headers, htaccess, TLS, login 2FA, xmlrpc, user enumeration, logging, off-site backups.

Security Guide

WordPress Security Audit in 10 Steps (2026)

A WordPress security audit you run in about 90 minutes: PHP and WP versions, plugin CVEs, HTTP headers, htaccess, TLS, 2FA, xmlrpc, user enumeration, logs and backups.