trueNetLab

AI in the Cybercrime Underground: Hype Meets Craft

Joseph Goldberg — Mon, 22 Jun 2026 00:00:00 +0000

When people talk about AI and cybercrime right now, a lot of it sounds like science fiction: autonomous malware, digital superhackers, models that independently dismantle corporate networks at night. I think that story is too convenient. It is loud, it sells well, and it distracts from the real problem.

The dangerous part of AI in cybercrime is not that every criminal group suddenly has its own genius in a basement. The dangerous part is that many boring work steps become cheaper, faster, and easier to scale.

Security Tools for Network Engineers

Joseph Goldberg — Sat, 20 Jun 2026 00:00:00 +0000

When you spend enough time as a network engineer or admin, the same tool names keep appearing: Nmap, Wireshark, tcpdump, Nessus, Greenbone, Burp Suite, Shodan, Suricata, Snort, Kali Linux, Metasploit, Hashcat, Cobalt Strike, and many more.

Some of them belong in my basic toolkit. Others are specialist tools for AppSec, forensics, blue team, or red team work. Others are worth knowing so you can classify them correctly, even if you would never use them in production yourself.

Shadowsocks and Xray: When VPN Gets Blocked

Joseph Goldberg — Fri, 19 Jun 2026 00:00:00 +0000

I work with VPNs a lot. Not as a theoretical topic, but in the everyday operational sense: connecting sites, bringing customers into company networks, keeping servers reachable, configuring firewalls cleanly, renewing certificates, stabilizing IPsec tunnels, debugging SSL VPN clients and eventually finding out why a location suddenly cannot get through anymore.

Normally, that is boring, solid network work. That is exactly how it should be.

But there are cases where a technically correct VPN is no longer enough. Especially with customers from countries with heavily regulated internet access, for example China or Russia, we repeatedly see situations where classic VPN protocols are blocked, disrupted or deliberately detected. Since I work in Dubai with a very international customer base, this is not an abstract issue. You work with people and companies from many regions, and the operational question is not which political weather system is behind it today. The question is: how can legitimate access to your own infrastructure remain possible when the connection is filtered on the way there?

Sophos Connect: Why admins should not have to chase blog posts

Joseph Goldberg — Thu, 18 Jun 2026 00:00:00 +0000

Sophos Connect 2.5 MR1 for Windows is available. At first glance it looks like a small maintenance release: a few client fixes, an updated third-party component, and downloads through the firewall or directly from Sophos.

But that is exactly where my problem starts.

Sophos Connect is not a nice little helper for occasional test VPNs. The client runs on Windows endpoints, establishes remote-access VPNs, and for many organizations is a direct path into the internal network. When a security tool like that updates an important cryptographic library, the information should not feel hidden in a community blog post.

Patchday in the AI Era: The Pace Is Rising

Joseph Goldberg — Wed, 17 Jun 2026 00:00:00 +0000

Microsoft’s June Patch Tuesday sounded almost absurd at first: more than 500 CVEs, a record month, and the obvious question of whether large AI models are now being unleashed on software and suddenly finding vulnerabilities everywhere.

I had the same reaction at first. 500 does not just sound like a large Patch Tuesday. It sounds like a turning point.

After looking into it, my view is more sober, but actually more interesting: yes, June 2026 was a real record month. No, the 500 figure is not a clean value for “500 new Microsoft flaws that Windows admins had to patch on that Tuesday.” And yes, AI is very likely part of the new pace. But the more important question is not whether exactly 500 is correct.

Why I Am Cancelling My Whoop Subscription After Two Years

Joseph Goldberg — Wed, 17 Jun 2026 00:00:00 +0000

In September, Whoop is over for me.

After two years, I am cancelling my subscription. Not because the band is bad. Not because the app has become useless. And not because I have suddenly turned against fitness trackers. Quite the opposite: I still find health tracking extremely interesting.

But Whoop has reached a point for me where the product has basically done its most important job.

It taught me routines. It showed me how sleep, training, stress, food, recovery, and heart rate variability are connected. It motivated me for a long time. It gave me numbers I did not have before. And exactly because of that, I need it less today than I used to.

After Mythos: Why Bug Bounty Programs Need Harder Evidence Now

Joseph Goldberg — Mon, 15 Jun 2026 00:00:00 +0000

A few weeks ago I wrote about Anthropic Mythos and Project Glasswing. Back then the point was mostly the big picture: if models really become better at finding old vulnerabilities, combining exploit paths, and understanding whole codebases, vulnerability research changes.

The new Sophos article about bug bounties in the Mythos era now shows the operational side of that shift.

It is no longer only about whether AI finds better vulnerabilities. It is about whether bug bounty programs, security teams, and engineering organizations can still distinguish fast enough between junk, plausible claims, and real security issues.

From PRISM to Prompts: The New AI Dependency

Joseph Goldberg — Fri, 05 Jun 2026 00:00:00 +0000

It was not that long ago that PRISM was a shock. In 2013, Edward Snowden showed how centralized the internet had already become: when email, chats, files, photos, and contacts sit with a few large platforms, those platforms become strategic access points.

Today the situation is strangely inverted. Nobody has to force us to put context into central systems. We do it voluntarily because it is useful. We let AI rewrite a difficult email, summarize meeting notes, explain internal documents, review code, or structure a presentation.

The Unused Compute Power Around Us

Joseph Goldberg — Wed, 03 Jun 2026 00:00:00 +0000

Sometimes a huge infrastructure question starts with a very small picture: a smartphone is charging overnight. The laptop is closed. The game console is waiting in the living room. The car is parked in the garage. Everywhere there is compute power that has already been paid for, is connected to power, and mostly does nothing.

At the same time, new data centers are being built on the scale of industrial plants. Halls full of GPUs, fiber, transformers, cooling systems, and power contracts. We are building a new layer of digital infrastructure meant to carry our writing, searching, programming, analysis, and perhaps one day even decisions.

Fitbit Air vs. Whoop: The Sensible Alternative?

Joseph Goldberg — Mon, 01 Jun 2026 00:00:00 +0000

I still find fitness trackers fascinating.

That may sound banal today, because almost everyone wears some kind of watch, ring, or band. But for me these devices still sit in that interesting space between technology, body awareness, and self-knowledge. A good tracker does not only tell me that I went for a run. It shows me how my body reacts to training, sleep, stress, food, illness, and bad decisions.

That is exactly why Whoop clicked with me back then. No display, no notifications, no tiny computer on my wrist. Just a sensor that measures 24/7 and tells me fairly clearly in the morning: you are ready. Or: maybe take it easier today.

Sophos vs WatchGuard: Firewall Comparison 2026

Joseph Goldberg — Tue, 26 May 2026 00:00:00 +0000

When people search for Sophos vs Watchguard, they are usually not looking for a sales slide. There is a real decision behind it: which firewall should we buy for the next few years, and which platform can our team operate cleanly when a VPN does not connect or a security advisory appears on a Friday evening?

I am writing this comparison from my point of view as a Security Engineer. I have worked with many firewalls, and I do not see myself as a vendor fan. Right now I lean a little toward Sophos because I like the operating logic in many SMB and mid-market environments: rules are readable, Central is easy to understand, Web Protection and WAF are usable directly, and the integration with Endpoint, ZTNA, MDR, and XDR can bring real value.

Sophos vs Cisco Meraki: Firewall comparison

Joseph Goldberg — Sun, 24 May 2026 00:00:00 +0000

Anyone searching for Sophos vs Cisco Meraki is usually not asking a theoretical product question. The real question is operational: which firewall is still understandable after three years of rule changes? And which platform fits sites, remote access, web security, reporting and automation better?

I write this Sophos Firewall vs Cisco Meraki comparison from my perspective as a security engineer. I like working with Sophos firewalls because many things are direct and logical. At the same time, I do not see Sophos uncritically. Development sometimes feels slow, and moving larger configuration work into an external tool such as Sophos Firewall Config Studio is a warning sign for me. In the long run, these workflows belong in WebAdmin or Sophos Central.

Sophos vs Check Point 2026: A Practical Firewall Comparison

Joseph Goldberg — Sat, 23 May 2026 00:00:00 +0000

If you search for Sophos vs Check Point, you probably do not want a shallow feature table. There is usually a real decision behind the search: Which firewall or security platform should we buy for the next few years? Which one can our team operate cleanly? Which one still helps during an incident instead of only looking strong in a data sheet?

That is what makes Sophos Firewall vs Check Point interesting. These are not two identical products with different logos. Sophos is strong in many SMB and mid-market environments because the firewall is understandable, works well with Sophos Central, and removes friction for smaller teams. Check Point is traditionally strong in enterprise security, central policy management, mature rule structures, complex environments, and teams that specialize in firewall operations.

My Skincare Routine: Skin Cycling, CeraVe, and LED Masks

Joseph Goldberg — Thu, 21 May 2026 00:00:00 +0000

I generally write here about the things that occupy my life. Security and networking are a big part of that, no question. But away from the nerd stuff, my free time also revolves around food, sport, sleep, and trying to treat my body somewhat sensibly. For me, all of that belongs in the health category. Still, a few years ago I probably would have laughed if someone had told me I would voluntarily write about skincare: cleansing gel, moisturizer, retinol, and LED masks?

Sophos vs SonicWall: The 2026 Comparison

Joseph Goldberg — Mon, 18 May 2026 00:00:00 +0000

When someone searches for Sophos vs SonicWall, they are usually not looking for an academic feature matrix. There is normally a real buying decision behind it: Which firewall should go into headquarters, which one into the branches, which platform can my team operate cleanly, and which product will not create more work in two years than it promises to save today?

That is why this comparison is harder than vendor battlecards make it look. Sophos and SonicWall serve a similar market, but they come from different product philosophies. Both are strong in SMB and mid-market environments. Both often land with admins who have to run many things at once: site-to-site VPN, web protection, IPS, TLS inspection, SD-WAN, centralized management, and reporting. Yet the two platforms feel very different in daily operations.

Sophos vs Palo Alto 2026: Which Firewall Fits?

Joseph Goldberg — Tue, 05 May 2026 00:00:00 +0000

When someone searches for Sophos vs Palo Alto, the real question is rarely which appliance has the prettier feature list. It is actually about an operating model. Do I want a firewall that a small or mid-sized team can understand quickly and fit into an existing Sophos Central world? Or do I want a security platform that combines App-ID, User-ID, Panorama, Strata Cloud Manager, Prisma Access, logging, and automation as an enterprise toolbox?

ASML High-NA EUV: When Chipmaking Feels Like Magic

Joseph Goldberg — Thu, 30 Apr 2026 00:00:00 +0000

Some technologies eventually become so normal that we almost forget how absurd they really are.

SpaceX now sends a rocket into orbit roughly every two to two and a half days on average. Internet from space is no longer science fiction, but a product with an app, a router, and a monthly subscription. We carry supercomputers in our pockets, stream videos on trains, pay contactless, make calls over IP networks, and expect everything to simply work.

Sophos vs Fortinet 2026: Which Firewall Fits?

Joseph Goldberg — Sun, 26 Apr 2026 00:00:00 +0000

When someone searches for Sophos vs Fortinet, it is rarely just about a neat comparison table. Most of the time there is a real buying decision behind it: Which firewall do I put into the Main Office, which one into the branches, which platform can my team operate cleanly, and which solution will not create more work in three years than it solves today?

That is exactly why this comparison is harder than many vendor slides suggest. Sophos Firewall and Fortinet FortiGate are not simply two boxes with the same features in different colors. The two products come from different ways of thinking. Fortinet has grown strongly out of networking, performance, ASICs, SD-WAN and Security Fabric. Sophos comes more from the security-admin side with Sophos Central, Security Heartbeat, understandable firewall rules and a firewall UI that many admins find approachable.

Sophos Email Plus: Value or Upsell?

Joseph Goldberg — Thu, 23 Apr 2026 00:00:00 +0000

Sophos announced Sophos Email Plus on April 22, 2026. The new license is scheduled to be available from April 29, 2026. At first glance this sounds like a normal portfolio adjustment: the previous product names are being simplified, Central Email Advanced becomes Sophos Email, and Sophos Email Plus is added above it.

On the facts, the product is not uninteresting. Email remains one of the most important attack paths. Phishing, Business Email Compromise, QR-code phishing, compromised mailboxes, abused domains, and links that become malicious after delivery are not theoretical problems. Anyone running email professionally today needs more than a spam filter. They need a clean combination of authentication, policies, tracking, training, and response.

Sophos Firewall Config Studio V2: More Than a Viewer

Joseph Goldberg — Wed, 22 Apr 2026 00:00:00 +0000

In February, Sophos released the Configuration Viewer, a tool that finally made one major Sophos Firewall weakness a bit less painful: reading, searching, and comparing configurations without suffering through raw XML. I already covered that original tool here: Sophos Firewall Configuration Viewer: Audit and Compare Configs.

On April 15, 2026, Sophos followed up. The previous Configuration Viewer becomes Config Studio V2. That matters because the renaming is more than cosmetics. Sophos is clearly treating it not just as a viewer anymore, but as a browser-based tool that is now supposed to edit as well.

Sophos Firewall v22 MR1: Upgrade Now or Wait?

Joseph Goldberg — Mon, 20 Apr 2026 00:00:00 +0000

With Sophos Firewall v22 MR1, the first maintenance release for the v22 line finally arrived on April 20, 2026. And honestly, many admins have been waiting for exactly this release.

From the start, v22 looked technically ambitious. Secure by Design, Health Check, a stronger control-plane foundation, a harder kernel, and more audit depth. On paper, that looked good. In practice, the launch was rough. I already covered that phase in my earlier post about Sophos Firewall bugs from v21.5 to v22.

When AI Brings Hope: What a Cancer Story Shows About the Future of Medicine

Joseph Goldberg — Thu, 16 Apr 2026 00:00:00 +0000

If you follow AI news, you mostly get served two kinds of headlines right now: fear of job loss and fear of misuse. Deepfakes, security flaws, mass layoffs, surveillance, manipulation. Much of that is real and deserves attention. But because of that, something else almost disappears: the same technology can also compress knowledge, reduce friction, and in some cases give time back to people when they need it most.

I have already written here on the blog in another post about how quickly everything is shifting right now. This article is, in a way, the medical counterpoint to that: less market, less hype, more human reality.

AI Hype, Wars, and Security Flaws: Is the World Broken or Just Being Rebuilt?

Joseph Goldberg — Mon, 13 Apr 2026 00:00:00 +0000

A few weeks ago, in an earlier post, I wrote that the world is changing faster than most people think. Today I want to make that thought sharper.

In conversations with customers and teams, the same question keeps coming back: how much of this is real progress, and how much is just noise with good marketing behind it? If you have followed the news since the start of 2026, it is easy to feel as if everything is shifting at once. OpenAI, Google, Anthropic, and xAI are in a public race. Humanoid robots are moving from demos into factories. Wars and geopolitical pressure are suddenly affecting chip and gas supply chains. At the same time, new security flaws keep appearing, and every new tool brings more productivity along with more rights, more data flows, and more attack surface.

Anthropic Mythos and Project Glasswing: What IT Security Faces Next

Joseph Goldberg — Wed, 08 Apr 2026 00:00:00 +0000

Over the last few days, an unusual amount has happened at Anthropic all at once.

On March 27, 2026, Bloomberg reported that Anthropic was considering an IPO as soon as October 2026. On April 1, 2026, it then emerged that internal source code behind Claude Code had been shipped by accident. According to Anthropic, this was a packaging mistake caused by human error, not a classic security breach. On April 6, 2026, the next big story followed with expanded compute news involving Google and Broadcom. And on April 7, 2026, Anthropic launched its next headline: Claude Mythos Preview and Project Glasswing.

WebMCP Explained: AI Agents Are Changing the Web

Joseph Goldberg — Tue, 31 Mar 2026 00:00:00 +0000

In March 2026, Cloudflare CEO Matthew Prince said at SXSW that bot traffic could exceed human traffic by 2027. The underlying logic is easy to follow: a person opens a few tabs. An agent can issue hundreds or thousands of requests for the same task in parallel, compare sources, and prepare actions.

For many operators, bots used to be primarily a security problem: scrapers, spam, and DDoS attacks. With browser agents and AI workflows, a second category is now emerging: bots that are not trying to break things, but to read, evaluate, and act on your behalf.

The World Is Changing Faster Than Most Believe

Joseph Goldberg — Mon, 16 Mar 2026 00:00:00 +0000

Where will we be in the coming years?

We humans are wired to see the future as a straight line, a gentle continuation of today. But that linearity is a comfortable illusion. In reality, we are moving in an accelerating spiral.

For a long time, I believed that being a programmer was the ultimate anchor in this storm, a place where logic and craftsmanship form an untouchable symbiosis. But today I have to admit to myself: even the architects of the digital world are not safe from their own creation. What we declared “future-proof” for decades turns out to be a snapshot. The dramatic speed at which technical knowledge is being devalued today is not just a market trend; it is a fundamental shift in our understanding of work and mastery.

I Am Completely Out of My Routine Right Now

Joseph Goldberg — Mon, 09 Mar 2026 00:00:00 +0000

The truth is pretty simple: right now, I am completely out of my routine.

I have not gone running in four months. In 2025, I still managed just under 500 running kilometers. In 2026, I am at 0 so far. I am eating badly. I have gained weight. My Whoop Age has jumped from 5 years younger to 6 months older. And a lot of what I built in 2025 with sweat, discipline, and consistency feels like I have torn it down again. Not completely, maybe. But enough that it hurts.

Sophos Firewall: No CVEs, But Plagued by Bugs (v21.5 to v22)

Joseph Goldberg — Tue, 03 Mar 2026 00:00:00 +0000

If you’re currently working in the firewall space, you’re usually battling one of two major evils: Either you’re constantly stressed about critical vulnerabilities (CVEs, like Fortinet right now) and spending your nights patching—or your systems throw so many obstacles your way during regular operations due to unstable firmware and annoying bugs (like Sophos right now) that you can’t get anything else done.

At my job at the company, the latter is exactly what’s happening—a stress that I naturally end up taking home with me sometimes. Our current pain point goes by the name of: Sophos Firewall.

Operation Epic Fury: Sophos Warns of Global Cyber Retaliation

Joseph Goldberg — Sat, 28 Feb 2026 00:00:00 +0000

The current developments and escalation in the Middle East affect me deeply. Even here in Dubai, a place that often feels like a safe bubble, I have never felt geographically and emotionally this close to war. The news and the tense situation naturally leave a bad feeling and real fear. In times like these, the boundaries between the physical and digital worlds blur more and more. My thoughts are with everyone directly affected by this conflict. I sincerely hope you are safe.

CodexBar: Token Limits in Your Menu Bar (Codex, Claude, Gemini & Co.)

Joseph Goldberg — Fri, 27 Feb 2026 00:00:00 +0000

2026 is a great year to build: with Codex, Claude, Gemini (and what feels like a new tool every month), you have more power on your desk than ever before.

And at the same time it is an incredibly frustrating year to build.

Not because of the models, but because of the reality around them: limits, tokens, credits, session windows, weekly caps, and reset timers.

We build with models, but we build within budgets.

NotPetya: The Most Expensive Cyberattack of All Time

Joseph Goldberg — Wed, 25 Feb 2026 00:00:00 +0000

In late June 2017, something started in Ukraine that, at first glance, looked like “ransomware as usual”: machines reboot, files suddenly become unavailable, and a ransom note appears on screen.

Just a few hours later, it was clear: this was not a local incident. This was a wildfire.

The name that stuck is NotPetya. To this day, it is a textbook example of how a seemingly “simple malware wave” can turn into an event that cripples companies worldwide and causes damage in the billions.

Sophos Firewall Configuration Viewer: Audit and Compare Configs

Joseph Goldberg — Thu, 19 Feb 2026 00:00:00 +0000

Hello everyone,

if you have ever managed a Sophos Firewall in a real business environment, you know the dilemma: the configuration is the “single source of truth”. But the moment you want to review it outside the web UI, document it properly, or compare before/after a change, it gets painful fast.

Yes, you can take screenshots. Yes, you can export individual rules. But as soon as you are dealing with bigger changes (WAN migration, new VLANs, object cleanup, restructuring NAT logic, “just quickly” adjusting a few VPNs), you really want two things:

magic-wormhole: Secure File Transfer with a One-Time Code

Joseph Goldberg — Wed, 18 Feb 2026 00:00:00 +0000

Hello everyone,

today I want to show you a small CLI tool that I keep coming back to in support and incident situations: magic-wormhole. It solves a problem that shows up in everyday businesses more often than any glossy “enterprise” story: you need to get a file (or a directory) to someone right now, but email is too small, a cloud link is politically or legally tricky, and “just open a port real quick” is not an option.

DDoS Attacks: Types, Symptoms, and Mitigation

Joseph Goldberg — Tue, 17 Feb 2026 00:00:00 +0000

DDoS is not a new phenomenon, but it has become much easier, cheaper, and more scalable. In the past, a few misconfigured servers or a small botnet were enough to disrupt a service. Today we regularly see attacks that can saturate links in fractions of a second, overwhelm firewalls, or bring applications to their knees with seemingly “normal” requests.

This post is not about fear-mongering. It is about context: what DDoS actually is, which attack classes matter in practice, how you spot them during operations, and which countermeasures are worth your time.

Enemy on the Team - The North Korean IT Worker Trick

Joseph Goldberg — Fri, 14 Nov 2025 00:00:00 +0000

I deal with cyber security every day, both professionally and privately. I audit firewalls, analyse logs, run penetration tests, and speak to IT administrators at companies of all sizes. And one thing keeps coming up: most IT admins don’t even know about the risks they’re underestimating.

They think about ransomware, phishing, and external hackers trying to breach the firewall. That’s understandable - these are the classic threats we grew up with.

Sophos Firewall v22 Health Check - Complete Overview

Joseph Goldberg — Sun, 26 Oct 2025 00:00:00 +0000

The new Firewall Health Check feature in Sophos Firewall v22 is an integrated configuration validation system that continuously assesses dozens of settings against the CIS Benchmarks and best practices. The checks are categorised by severity (High, Medium, Low) and organised by module (Active Threat Response, Admin Settings, Authentication, Device Access, etc.).

The following explains each Health Check policy, what it means, its severity, and a professional comment:

Active Threat Response

1. Synchronized Application Control should be enabled Severity: Medium | Standard: Recommended

Sophos Firewall v22 - New features, hardening, and what to expect

Joseph Goldberg — Sat, 25 Oct 2025 00:00:00 +0000

Sophos Firewall v22 (SFOS v22) is a major update that focuses on security hardening, improved visibility, and greater operational stability. The modernised Xstream architecture, hardened kernel, and new management features reduce the attack surface and simplify day-to-day administration. This article summarises the key innovations in SFOS v22, provides a critical assessment, and explains what they mean for Sophos admins.

Hightlight Features in SFOS v22

Introduction

The early access phase for SFOS v22 began in October 2025, with the final version (GA) expected in early December. The goal of the release is clear: to make the firewall less vulnerable, easier to configure, and more robust in operation. The new version offers secure-by-design features, deeper telemetry, and many functions that have been requested for years.

Sophos Updates September 2025 – Firewall, Endpoint, E-Mail

Joseph Goldberg — Tue, 16 Sep 2025 00:00:00 +0000

In September 2025, Sophos introduced a range of new features. Instead of summarizing everything in one long list, this post is structured by product areas. This way, every administrator can quickly find the relevant points for their environment. After all, not everyone uses Sophos switches or access points – and if you do, my sincerest condolences.

Overview of the key points

Credential theft remains the main risk – Sophos is focusing on passkeys and ITDR. The endpoint updates significantly reduce resource consumption and enable new forensic options. Firewall, switches, and access points also received important additions. E-mail security is moving further into the spotlight with a freely available DMARC tool and TLS reporting. In addition, there are promotions for firewalls, new video content, and events such as ITSA and Partner Business Breakfasts.

Sophos Update: Partner Online Event News (SFOS 22 and more)

Joseph Goldberg — Wed, 25 Jun 2025 00:00:00 +0000

Introduction

Yesterday (24 June 2025) Sophos hosted an online event for partners to present the latest developments and the company’s future direction. This blog post highlights the key announcements and insights shared during the event. While many of the innovations showcased – such as the Sophos Firewall v21.5 – have already been available or partially known for several weeks, Sophos took the opportunity to promote them comprehensively once again. Nevertheless, there were also exciting glimpses into upcoming developments, which we examine in more detail here. Continuous development and a focus on prevention, protection, detection and response remain central pillars of the Sophos strategy.

Whoop 5.0: The Fitness Tracker That Sets New Standards

Joseph Goldberg — Thu, 19 Jun 2025 00:00:00 +0000

Introduction

Whoop has established itself as a pioneer in the world of fitness trackers by focusing on recovery, strain, and sleep instead of simply counting steps or calories. With the launch of Whoop 5.0 on May 8, 2025, the company takes its vision to a new level, introducing advanced health features, improved hardware, and a revamped subscription model. My comprehensive analysis of the Whoop 5.0 draws on official sources and my personal experience after more than 40 days of use, having upgraded from the Whoop 4.0.

Britain's Surveillance Policy Forces Apple to Abandon Encryption

Joseph Goldberg — Mon, 19 May 2025 00:00:00 +0000

The digital world is once again facing a fundamental debate between privacy protection and government surveillance—and the United Kingdom is currently the scene of a decisive clash. At the heart of it lies Apple’s controversial decision to drop end-to-end encryption for British iCloud users under pressure from the government.
As a Brit by birth, I view this development with great concern. Although I now live in Dubai and am not directly affected, I find state-mandated “backdoors” fundamentally problematic and dangerous.

Sophos Firewall v21.5: New Features for Your Network Security

Joseph Goldberg — Fri, 16 May 2025 00:00:00 +0000

Introduction

In this post, we explore the latest updates in Sophos Firewall v21.5, which strengthen your network security and simplify administration. As an IT admin, you will especially appreciate the Entra ID Single Sign-On (SSO) integration for VPN access and NDR Essentials for cloud-based threat detection. Let’s dive in!

Entra ID Single Sign-On: Seamless VPN Access (Windows Only)

What does it bring?

The Entra ID SSO integration is a real win for companies that use Microsoft Entra ID (formerly Azure AD). It allows users to sign in to the VPN portal or the Sophos Connect Client (version 2.4 or later) with their existing Entra ID credentials, without managing separate VPN passwords. That saves time, reduces password fatigue, and improves security through multi-factor authentication (MFA).

The eight principles of Dubai

Joseph Goldberg — Wed, 12 Feb 2025 00:00:00 +0000

It starts as soon as you land. As soon as you step off the plane and enter Dubai International Airport, it catches your eye - a large plaque, clearly visible right by the baggage carousel. The eight principles of Dubai are written there in immaculate lettering, backlit by a soft light.

The eight principles of Dubai - His Highness Sheikh Mohammed bin Rashid Al Maktoum - Vice President and Prime Minister of the UAE and Ruler of Dubai

Why I No Longer Use Sophos AP6 Access Points

Joseph Goldberg — Fri, 31 Jan 2025 00:00:00 +0000

Introduction

As I mentioned in one of my previous blog posts, I no longer use Sophos Access Points, even though I still use a Sophos Firewall in my HomeLab. I’m generally a fan of ecosystems, but in this case, the product was no longer acceptable to me. Why? I will explain that in this article.

I conducted extensive research because there were always contradictions and unanswered questions. I wanted to understand the exact causes of the problems and put the situation into a technical context. In doing so, I came across a series of serious shortcomings—both on a technical level and in the way Sophos communicates these issues.

Getting Fit with Tech: Continuously Optimizing My Health

Joseph Goldberg — Fri, 10 Jan 2025 00:00:00 +0000

At the beginning of the year, many of us feel the need for change and improvement. Many years ago, I also decided to make my health a priority – a decision that has fundamentally changed my life. In my job, I often spend 12 to 15 hours in front of the screen, with only my fingers moving across the trackpad and keyboard. An unhealthy cycle of lack of exercise, insufficient fluid intake, unhealthy eating (junk food and energy drinks), and too little, poor sleep had crept in. The results were clearly visible: my weight increased in parallel with an ascending Bitcoin chart. Shortly before reaching the three-digit kilogram mark, I realized that I needed to change something. In addition, I often felt tired and my concentration was significantly worse than it is today. Of course, I already knew how important a healthy lifestyle is, but a young body forgives many sins. However, it got worse year by year. This realization was the starting signal for a comprehensive transformation that fundamentally changed both my habits and my perspective on health.

Sophos Firewall: The Heart of My Secure Network

Joseph Goldberg — Tue, 07 Jan 2025 00:00:00 +0000

Hello everyone,

Today, let’s delve into a topic that is fundamental to the security and organization of any network: firewalls. They form the backbone of our digital defenses and regulate data traffic. Complementing this, we’ll explore VLANs, an often underestimated but essential technology for network segmentation and enhancing security.

The Indispensable Role of the Firewall

A firewall is far more than just a digital fortress wall. It acts as an intelligent guardian, analyzing, evaluating, and directing data traffic based on complex rules. It is the central element that protects our digital assets and enables smooth communication.

My Network Journey: From Linksys to UniFi and Sophos

Joseph Goldberg — Fri, 27 Dec 2024 00:00:00 +0000

Hello everyone,

It’s Joe again. Today, I want to take you on a slightly different journey – a journey through the world of network hardware. In my previous posts, we’ve focused more on software and tools, but today we’ll delve deeper into the physical infrastructure that makes our digital lives possible. I’ll tell you how I went from the beginnings with simple routers to my current passion for UniFi and Sophos.

Little helpers: Tools for my work

Joseph Goldberg — Mon, 23 Dec 2024 00:00:00 +0000

In the course of my life, I have tested and integrated a wide variety of tools into my daily routine, then swapped them out or removed them again. These applications form the foundation of my workflow and are used for a wide range of tasks. Today, I would like to introduce a selection of these tools that I use and provide insights into their practical benefits.

Terminal

The terminal is an indispensable tool in my work. It allows for direct and flexible system control without the need for a graphical interface. Whether for administering Ubuntu servers, managing UniFi devices, or configuring Sophos firewalls, I often rely on the terminal.

CleanShot X: My Favorite Tool for Screenshots

Joseph Goldberg — Fri, 29 Nov 2024 00:00:00 +0000

Hello everyone,

today, I want to introduce you to another tool that I use every day, one that I discovered through a podcast a few years ago – CleanShot X. Previously, I used macOS’s built-in tools, which required many steps and quite a bit of time to capture a screenshot, blur things out, or highlight certain elements. CleanShot X makes everything significantly easier. I use it daily, and it has become indispensable in my productivity toolset. Since I take a lot of screenshots every day, the subscription is definitely worth it for me.

1Password: The Password Manager I Trust

Joseph Goldberg — Sat, 16 Nov 2024 00:00:00 +0000

Hello everyone,

Today, I want to introduce you to another indispensable tool in my daily life—the password manager 1Password. If you’re like me, juggling a multitude of online accounts every day, you know how important security and efficiency are when dealing with passwords. A good password should not only be complex but also unique—and who can remember all that? This is where 1Password comes into play, helping me manage my credentials securely, centrally, and conveniently. For me, it’s the most important tool when it comes to security and organization.

Arc Browser: My Most Important Tool

Joseph Goldberg — Thu, 14 Nov 2024 00:00:00 +0000

Hello everyone,

Today I’m going to introduce you to one of the most important tools in my everyday life - the Arc Browser. Arc is the first program I open as soon as my Mac starts up. Why? It’s simple: I spend 80%, if not 90% of my working time in it. For me, the browser is the central tool with which I do practically everything. Maybe you feel the same way I do: I don’t want to have lots of installed programs cluttering up my hard disk, causing background processes or even introducing security vulnerabilities. That’s why I rely on web apps as much as possible. No Outlook, no Teams, no Zoom, no To-Do app or TeamViewer for remote support. If there’s a web version, I use it.

macOS Setup: My Personal Settings and Customizations

Joseph Goldberg — Tue, 12 Nov 2024 00:00:00 +0000

As you might remember from my post, How It All Began: From Windows PCs to MacBook, I’m now a MacBook user. I always find it interesting to see which tools others use—there might be something fantastic I haven’t tried yet that could make my daily work a little easier. I’ll be diving into those tools in detail in upcoming posts. For this article, I’ll focus on macOS and the settings I apply right after installation.

How It All Began: From Windows PCs to MacBook

Joseph Goldberg — Fri, 08 Nov 2024 00:00:00 +0000

Hello everyone, I’m Joe, and today I’d like to take you on a little journey through time – my journey through the world of computers. It all started in my childhood bedroom with Windows PCs, all the way to my current companion, the MacBook Air M3, which I use for everything today, except for what I can handle with my smartphone.

Beginnings: Windows, Tools, and Early Discoveries

In my childhood, everything started with Windows PCs. I explored the internet, tested new tools, and created websites. My focus was on software, or as I like to say, OSI layers 5 and above, rather than hardware. Things like modems and switches – they just worked, and that was enough for me. Hardware was more of a means to an end; as long as everything ran smoothly, I was happy.

The Journey Begins

Joseph Goldberg — Wed, 30 Oct 2024 00:00:00 +0000

Hello everyone, my name is Joseph Goldberg, but you can simply call me Joe. I’m glad you stopped by TrueNetLab. For those who don’t know me yet, I’d like to introduce myself and share a bit about my journey and my latest project, TrueNetLab.

Originally, I’m from the United Kingdom, where I trained as a Security Engineer and studied network technology. Early in my career, I was fortunate to gain significant experience by working with some companies now often referred to as the “Magnificent 7,” which gave me invaluable insights before I was recruited to the Netherlands and Ireland to work for a large tech company. The opportunity was simply too good to turn down. This experience shaped me both professionally and personally, but eventually, I longed for something new. The constant gusts and gray skies of Northern Europe motivated me to take a bold step and move to the sun – Dubai. Beyond the weather, a new job offer also played a crucial role in this decision.

Imprint

Joseph Goldberg — Mon, 01 Jan 0001 00:00:00 +0000

Operator

trueNetLab is operated by:

Joe Goldberg
Dubai, United Arab Emirates

For legal, privacy, or editorial requests, please contact:
privacy@truenetlab.com

Editorial Responsibility

Joe Goldberg is responsible for the editorial content published on this website.

Jurisdiction

This website is operated from the United Arab Emirates. Local UAE law applies unless mandatory consumer, data-protection, or platform rules provide otherwise.

Independence

Reviews and articles on trueNetLab are independent. Products bought by the author, vendor loaners, sponsored access, or other relevant relationships are disclosed in the respective article where applicable.

Joe Goldberg

Joseph Goldberg — Mon, 01 Jan 0001 00:00:00 +0000

Privacy Policy

Joseph Goldberg — Mon, 01 Jan 0001 00:00:00 +0000

Overview

trueNetLab is a static Hugo website operated by Joe Goldberg from Dubai, United Arab Emirates. The site is built to collect as little personal data as reasonably possible while still keeping the service secure, measurable, and useful.

This privacy policy explains which data may be processed when you visit trueNetLab.

Controller

Joe Goldberg
Dubai, United Arab Emirates
Privacy contact: privacy@truenetlab.com

Data Processed When Visiting This Website

When you access the website, technical data may be processed automatically. This can include: