A rambling exposé on my many years of learning and employing the Linux operating system in my life and work.

Early Exposure and Awakening

I first encountered Unix (I think it was BSD) when a friend showed me his home-based web server apparatus back in the ’90s. My friend was sufficiently educated in computer science—and well-funded—to have created a for-profit, locally advertised web hosting business, which he promoted mostly by word of mouth. I had already been fascinated with computers for some time and had completed an online course in “programming” that earned me my first Windows-based PC (running Windows 3.11). At the time, I was just beginning a Community College program in computer science.

So, I was fascinated—but also overwhelmed—by his enthusiastic demonstrations of all the “cool, powerful” things he could do from the command line. I had no idea what he was talking about. It would be many years before I actually chose to take up Linux in earnest as a preferred platform.

The next time I recall directly encountering Unix was through a friend I made at LCC while studying computer programming. Dave was in the networking program, while I was plodding along in C++. But I liked him. He had a great, perverse sense of humor and was into darker moods and topics that fascinated me—like magick, subversive politics, and hacking. He also had a much keener understanding of computer science and was taking things apart and rebuilding them, while I was just trying to sort out how they worked in the first place.

It was Dave who introduced me to Linux and showed me how he was able to achieve the same—and sometimes better—results in computing and networking by using Linux. For example, he could configure network connections, automate tasks, and manage systems through terminal commands. While I was fascinated, my main takeaway was probably just learning that dual-booting and disk partitions were a thing. I began, for the first time, to experiment with this type of low-level configuration.

I’m quite certain that my misconceptions about Linux were at least as prevalent as my misconceptions about Windows and C++. At the same time I was struggling with high-level languages—without understanding the underlying principles on which they were built—I was also learning to build and reconfigure PC hardware, with the help of a neighbor: a train engineer with a fascination for PCs. In this relationship was born my lifelong fascination with the guts—low-level components, drivers, and back-end configurations—of systems like web servers and databases.

This intellectual fascination probably kept me going despite completely floundering in the high-level realm of program logic and object-oriented programming. Ultimately, I was unable to comprehend the structural dynamics of objects, structures, and classes until I had spent years navigating Linux boxes, manipulating and configuring files, and writing scripts.

In the end, it was probably paranoia and political deviance that led me to abandon Windows as a platform of choice and take up Linux in earnest. This was years after completing my Associate of Science in Computer Programming, and I had not persisted in the field of computer science professionally. However, I had developed an earnest habit of tinkering with computers and networks at home, and I was drawn to—despite being unskilled at—any kind of "hacking" to which I could apply my experimental energy.

Nothing criminal—unless you count the occasional pirating of a movie I couldn't afford to rent... but I followed the careers of talented computer researchers and hackers with interest. As a result, I became more and more aware of the fundamentally flawed nature of dominant operating systems like Windows and MacOS—and the security disasters they represented, both personally and societally. I became aware of early projects like Wikipedia through friends involved in that startup community and grew increasingly interested in Open Source projects and theory.

Linux eventually seemed like the obvious choice. I finally took the plunge and abandoned Windows for early editions of Ubuntu, beginning the long process of discovering how to do “all the things” using free (and ad-free) software generated by a global community of volunteer contributors, hackers, researchers, and digital revolutionaries. It all appealed to my instincts for communal, cooperative culture.

Hands-On Learning and Adaptation

Well, it was only natural to start with Ubuntu. It must have been the mid-2000s when I first began using Linux seriously. I’d already had a disastrous encounter with Sun Solaris during my first professional job in the computer field—as a web server administrator for a small ISP. I was responsible for two servers. One ran on Linux, the other, which took most of my time, was a Windows Internet Information Server (IIS). My duties on the Linux server were extremely minimal. I don't recall what they were... but I do recall my boss bragging that the server had been running without a reboot for eleven years. In retrospect... I think he was exaggerating a bit... As for the IIS server, which demanded significant administration, I was able to work through complex learning curves and problems to a sufficient degree that my employers were impressed and happy with my work and offered me a salaried position after a trial internship. As for the Linux box... I made the mistake of trying to correct a small procedural error, by accessing the server which managed some of the resources for that box, my boss’s Sun Solaris platform, while he was out of the office. I'm not sure what potentially embarrassing idiocy I had gotten up to in the first place, but I ended up making such a mess of it that I was summarily fired. More on that comedy of errors another time!

This experience traumatized me and made me doubt that I could ever work with Linux or Unix-based systems. But over time, curiosity and fascination overcame my resistance.

As I recall, when I first started using Linux (Ubuntu), I also started asking a lot of questions. What I couldn’t discover through persistent online research, I brought to Dave, and slowly but surely, I got a handle on the basics of navigation and file handling. I also relied heavily on Ubuntu’s GUI at the time—which I never would have managed without, given my conditioning from years of Windows use.

It seems strange in retrospect that today I spend as much time at the command line as I do in the browser or GUI-based tools. My interests seemed to evolve from audio-visual and content-exploration tasks toward lower-level, transformative work—writing scripts, tweaking functionality, and customizing workflows. Eventually, this led me into the real mysteries of vulnerability research and exploitation.

Sometime around 2015, when I was living in Tucson, I got interested in the Tor Project and decided—somewhat unadvisedly—to set up my home router as a Tor node. I’m not sure if I was trying just an entry node or a bridge, but I do recall being fully aware that I was taking significant risks—risks I believed I had the skills to mitigate. So it was likely a bridge node, or possibly even an exit node.

It was one of the first times I got really excited about doing something transgressive. It was also exhilarating to realize—after watching a bunch of YouTube videos and reading the documentation—that I could actually do it. I had the requisite skill set. Thank you, Linux! So I was off to the races, throwing down my bets like an old stable-wallah.

My ISP shut me down before a month had passed, despite my precautions. LOL. That was kind of depressing—especially since I didn’t have a lot of options for ISPs at the time.

This was well before I started with Hack The Box.

I first came across the Hack The Box project right around their concept promotion period. As I recall, they were advertising their “coming platform” in a way that made it sound like the latest exciting addition to the high-level gaming world. I was fascinated. I think this must have been 2016 or 2017. I remember firing off emails to the development team, telling them I wanted to get involved!

I suppose I was being naive—no gaming experience, no game dev chops, and about as unskilled a degreed programmer as probably existed on the planet at that time—but I was down. Why? Because the idea had occurred to me many, many times: what if there were a platform where hackers who don’t want to learn by committing crimes (a real moral quandary for me at the time) could test their skills legally? A platform where the targets are virtual, and subscribers are given safe access to attack and learn from them?

I was pretty sure that “Aris” (Haritos Tsakiris) had gotten inside my head and stolen the idea from me—but I didn’t care. Somebody with actual skills and backing had to be the one to implement it! (heh...) After that—having received no response from that quarter—I kind of forgot about it for a few years... until I discovered the community again, fully operational.

And that was the moment I forced myself into a position where I was finally compelled to truly learn the Linux platform—as a fundamental tool for learning the skillset of hacking.

Ultimately, I took a deep dive into real-world-style hacking by joining the Hack The Box platform in 2022 and working through various offerings that piqued my interest.

When I think of "script kiddies", I think of (for example) the usual criminally minded and unskilled hacker who does the busy work for well-entrenched hacker groups without understanding the technical underpinnings of what they’re doing. An HTB script kiddie, on the other hand, has spent many months—potentially even years (as in my case)—learning the nuts and bolts of vulnerability research and exploitation across multiple target platforms.

It’s kind of ironic, really—the first official rank you can achieve on Hack The Box is called “Script Kiddie.” Sounds almost like a joke. And I suppose in the old-school hacker sense, it kind of is. Traditionally, a script kiddie is the wide-eyed, unskilled amateur—the type of would-be hacker who downloads a flashy tool without understanding a single line of the code behind it. But that definition doesn't quite hold up in the context of HTB.

See, to even get that far—to earn the label of Script Kiddie on the HTB platform—most newbies have to complete a hell of a lot of challenges. And these aren’t just “run nmap, press a button” kind of tasks. These boxes, even the ones labeled “Easy,” often demand many hours (in my case, sometimes days or even weeks) of slow, methodical engagement with real-world security concepts: web app deconstruction, binary analysis, custom service exploitation, memory manipulation, and all the esoteric stuff in between. And when the automated tools fail—as they often do—you’re forced to drop down a level. Stack trace. Read the source. Follow the syscalls. You begin to see not only where the cracks are, but how the entire structure is held together.

At a certain point, you’re no longer just solving puzzles—you’re thinking like an attacker. Hunting for overlooked configuration errors. Decompiling a stripped service binary to figure out how it handles authentication. Crafting custom Bash or Python payloads to slip through broken input sanitization. And if you're like me, you're also keeping your eyes open for the deeper meaning of the whole thing. By the time you hit the so-called “Script Kiddie” rank, you’ve long since stopped being one in any traditional sense.

I remember saying something like that to the admins once, back when HTB still felt a little more like a rogue European hacker outpost and not a global cert-prep juggernaut. “If your script kiddies have to become this skilled, you’re growing a crop of dangerous script kiddies indeed.” That got some lols from the team—but they knew it was true.

I worked on targets in Hack The Box for a couple of years, between 2022 and 2024. But as time passed—and my enthusiasm waxed and waned—I began to second-guess my aspirations to the profession of penetration testing. While the work was fascinating and stimulating, I found myself taking longer and longer breaks until I finally realized that continuing to pay for a service I was only rarely engaging with had become an absurd denial of a reality I needed to face.

For the same reasons that, after completing my Associate’s in Computer Science, I changed my major to Religious Studies for my eventual Bachelor’s degree—I decided to accept the level of competency and knowledge I had obtained and apply it instead to work that was of deeper interest to me. At the time, that meant a kind of self-styled and self-hosted journalism and resource development effort in the area of computer security, via my website.

So, in my usual cowboy manner, I leased virtual hardware from Akamai and built my web server, website, and eventually my first blogs—from scratch. The website was what I called a “portal” to cybersecurity and development resources. I created many pages, lists, and links to every cool, cutting-edge, and eminently useful online tool or reference I had ever employed or admired.

I began to learn—entirely self-taught—“all things web.” And despite my usual slow pace and complete disinterest in profit, I eventually published a resource that I was sure would be (and was) of service, at least to the starting-level community of digital security learners. I also scraped and reposted news items of interest and made available command-line solutions and basic scripts to address most of the sticking points I had documented during all those years of learning Linux.

Other Flavors of Linux

In the course of my Linux “career,” I’ve spent time committing my hardware resources—whether the PC on which I do most of my work, or one of the many laptops that have passed through my hands—to numerous other Linux platforms besides Ubuntu. These include, but are not limited to: Debian, Arch, Kali, Parrot, Alpine, and Fedora. I even made a partial foray into LFS (Linux From Scratch), though I never finished designing and building my own distro. (Still on the back burner!) Frankly, I think a well-rounded education in Linux requires completing such a project—since, among other things, the ability to design, build, and manipulate the kernel is foundational to genuine control of the OS.

And that, after all, is one of the guiding philosophical principles that originally inspired—and continues to guide—Linux development in a world where “We’re taking care of everything for you...” is Microsoft's corporate mantra. That illusion of stability, security and convenience, sold by megacorporations for megaprofits, has become the digital lingua franca of our time.

Among the platforms outside of Ubuntu (currently Kubuntu) that intrigued me most—and to which I dedicated the bulk of my research and practice—were Kali and Arch. Kali was a fundamental necessity for navigating Hack The Box, and Arch was the strictly “pros only, show your badge” platform that does not reward idle curiosity or questions. In both cases, I ran them exclusively on virtual platforms—Oracle VMware and Oracle VirtualBox, at various times.

The last bit of virtual platforming I explored pre-“career shift” was Docker containerization—which was (and is) quite fascinating and handy. As long as you’re doing command-line-only OS work or networking, you don’t have to reboot anything, spin up a full virtual machine, or do much beyond loading your tech and running it. Fun stuff… but definitely a bit of a rabbit hole.

Ultimately all of this technological exploration never quite satisfied a deeper need I felt—to find an outlet for my interests and engagement that truly reflected my heart’s deepest longings.

But that will be the subject of another rambling journal entry...

om tat sat