Condiment Review: Frank's RedHot | Nashville Hot Wings Sauce

I personally find my food bland and boring, but one can only eat Sriracha hot sauce for so long. Thus, I have amassed a collection of condiments to be added to my food, and this is going to be first of various condiment reviews. 

Frank's Red Hot is a whole family of hot sauces, and this one is supposed to be good on chicken wings. Personally, it goes well on everything. 

From the back of the bottle: "hot 'n spicy with a touch of sweet" and "kicked-up flavor from Aged Cayenne Red Peppers, Mack pepper, and a hint of sweet molasses". According to the ingredients list, the primary ingredient is distilled vinegar, and you do taste the tartness. Next is aged cayenne red peppers, then sugar, canola oil, and water. 

Visually, the sauce is a very orange and thick sauce with a LOT of flecks of black pepper. If you taste the sauce alone, your tongue will feel the tartness of vinegar first, then the individual pepper bits as if you hit specks of sand. THEN the heat of the cayenne pepper hits the back of your throat and tongue. But the heat is relatively subtle, yet it will make you feel you are sweating somewhat, but the sweetness counterbalances the heat. 

If you put it on meat or other food, the thickness of the sauce allow it to cling to various surfaces, which is very helpful in retaining the sauce where they are needed. However, one tablespoon is 30 calories, and 340mg of sodium (about 15% of DV), and you probably need a bit more than that. 

Better than Tabasco or similar type sauces, IMHO. 4/5

App Discovery: Karakeep (aka Hoarder) a web clip manager

If you go on the web a lot, you often come across articles that you want to reference later. So do you bookmark it, email it to yourself, or do something else? (Evernote? OneNote? Obsidian? Pocket?)

I personally had used various services including one called Omnivore, but that shut down a few months back. Then I read somewhere that if you host your own, you don't have to be EVER at the mercy of some other service provider.

As I find clipping to Evernote way too slow (up to 15 seconds per clip), I decided to look for something else. 

Then I found KaraKeep. 

How KaraKeep Works

KaraKeep is both an app and a service. It takes clippings of articles you can transfer to it via bookmarks, Android app, app share, iOS app, Chrome or Firefox extensions, and so on. It will take whatever you sent it (and optionally, run it against an LLM to extract keywords) so later you can go back and browse or search through via regular search and keywords. 

How to Install / Self-Host KaraKeep

What's great about Karakeep: it runs via a Docker Container, so there is minimal configuration if you already have Docker Container all set up. You simply download the whole package, and "run" it. Done. They have documentation online, and Discord channel as well.  

To make KaraKeep server available to you from almost anywhere, you setup a Tailscale distributed VPN, and enroll both your PC (whichever that runs the Docker container) and your smartphone (where you plan to clip from) to make sure they can see each other. And really, that's it. 

From now on, when you see an interesting article on the smartphone, simily do share >> KaraKeep. No need to choose keywords, no need to choose specific labels, no need to specify title... Share it, and forget it. It's clipped almost instantly, no matter where you are, and whether you're on cellular data or wifi. 

Run the app itself (or if you're at home, go to the machine running KaraKeep and browse to http://localhost:3000) and you can see what you've clipped, and use search and keywords to find what you clipped on that subject. 

If you want to use LLM to automagically pull out keywords for your searches, you need to configure KaraKeep (server, on your PC) by following this guide. 

Troubleshooting

Oh, and if you ever run into a problem with Docker, something about port 3000 is already taken, you need to restart hns, with "net stop hns" then "net start hns". You may also need to restart the Docker Container for Karakeep. Then it should work. 

If it fails on the smartphone side, make sure Tailscale is RUNNING. Obviously Tailscale needs to run for the VPN to work, and send your traffic back to your network to the KaraKeep "server". 

Now go have fun clipping everything you needed. 

Watch Out for LEGAL Scams: App that Cost WAY TOO MUCH on Subscription

For those who don't operate multiple phones... Androids use JPEG (or JPG), but iPhones use HEIC. The two standards are NOT compatible. If you share a photo from iPhone straight to Android, it will not be viewable. So what do you do? 

You convert it. 

Except the first convert I ran into is... essentially a scam. It basically won't do anything unless you engage the "free trial" which means you'll be charged in 3 days. It didn't exactly mention what's the cost. Then I looked at the email I just got:

Auto-renew subscription of $14.99 PER WEEK for an image converter?!

This app subscription costs $14.99 PER WEEK. 

Not per year. Not per month. PER WEEK?!

And this app doesn't even do HEIC to JPG, despite its name, "Image Converter Premium". 

Needless to say, I cancelled ASAP. 

Some Quick "Spending Money" Side Gigs in San Francisco (6/14/2025)

Need some spending money in San Francisco, but don't have a lot of time? Here are two things I've tried and gotten money for, 2 hours at a time, pay starts at 17.50 per hour and up, for VERY simple work:

A) Condu.it

Want to help a company that wants to create a headset that turns your THOUGHTS into typed words on a computer? Condu.it is working on that, and they need help of people who can type without looking at the keyboard, wear this heavy headset, and spend two hours looking at a screen and type responses without looking. You get paid $50 for two hours, and you can do up to 10 hours total. Beware... they are so booked, they are paying extra $10/hr if you can go extra early or extra late. That's $25+ PER HOUR (not counting any cost to get there, but there's a bus that go within 2 blocks)

However, beware, there are a couple caveats:

* You need some neck strength, because the headset is heavy and they provide a "chin rest"

* You do the two hours in the dark, as they need the laser to align properly. If you need a break, ring the bell

* You REALLY need to know how to type without looking at the keyboard, because you can't see the keyboard! 

If you can do all that, you will make easy $50 for 2 hours, up to 10 hours total ($500). They will hand you a check right at the end, which you can remote deposit into your bank via your banking app. Click on link above to book. If you click through, tell them "Kasey Chang" sent you. :) We both get a small bonus.  

B) Reflex

Reflex is working on something similar, albeit, they want to use your jaw's micromovements via subvocalization and turn that into typed words. What does that mean? Can you "say" things without actually making the sounds? That's subvocalization. At the study, you wear a headset with some extra sensors (more like a regular headset), and read both out loud and subvocalize a bunch of nonsense phrases to calibrate the sensors. Once you got it calibrated, you read aloud a book of your choice, for the remainder of the time. If you go back, you get to keep reading the book, or choose any ebook for under $10 on Amazon and they'll buy it for you to read into the machine to train their AI on the words and your jaw muscle patterns.

Their pay is $35 for 2 hours to read a book out loud. However, they only pay via Paypal, so you *do* need a Paypal account (at Paypal.com)  You can keep booking more time, but no more than twice a day.  

Sounds interesting? Click here to book time with Reflex $35 for two hours. You'll be paid within hours of finishing your session. 

https://reflexresearchstudy.as.me/schedule/7307a5c3/appointment/72148510/calendar/any

Any way, hope you earn some extra money!

Restaurant Review: Kokio Republic (via Grubhub)

Hadn't had a meal delivered in a LONG time, decided on fried chicken. Apparently, nearest KFC does NOT deliver to my area (a few blocks too far?) so I had to pick someone else, and seems Kokio Republic was highly rated. 

Ordered combo 1: 4 pieces Korean Fried Chicken (hot and sweet flavor, mixed bone-in and bone-out), + 3 kimchi balls, which is just under $20. Added a pickled korean radish as side, and a bulgogi beef taco. Add driver fee, Grubhub charge, minus discount, plus tax, plus $3 tip, comes out to be just about $30. 

Delivery was fast, tried the food, felt as if I ordered the wrong thing, due to my changing taste buds. 

Kimchi balls: eh... didn't really taste like kimchi, a bit of grain, probably rice. I just had kimchi yesterday, and this doesn't taste like kimchi. 

Korean Fried Chicken: I did ask for mixed (half bone-in, half-boneless), and I probably should have just asked for all boneless. I did ask for hot and sweet, but it tastes mostly sweet, very little spice. I probably should have specified "fiery" (3 spice level vs 1). The chicken is nice and tender, not dry, but delivery means outside isn't crispy any more. 

Pickled Korean Radish: this is pickled? It just tastes like cubed with a little vinegar. It is crispy, and it does counter the saltiness of the chicken. But I probably should have ordered Persian cucumber instead. 

Bulgogi beef taco: hmmm... street taco (tiny little tortilla) with some better in the middle, tastes pretty good, but $5 for that little thing? A bit overpriced, IMHO. 

I probably should have ordered 6 pieces Korean Fried Chicken, fiery flavor, boneless, and instead of the bulgogi taco, something like kimchi beef risotto or noods, or tteokbokki skeweyer. 

For the price I paid, I just feel I didn't quite get my money's worth. It's not bad, but it's not that good either.     

Kokio Republic, 711 Geary, San Francisco

Cybersecurity: Seems Most People Think Most Cybercriminals are Uberhackers... They aren't!

One of the things I do on Reddit is hang out in /r/cybersecurity_help, and tell people what they claim was impossible. Like "I got hacked through ______". 

I don't mind people not believing me. Honest truth is sometimes hard to believe, or let's use Chinese proverb, 忠言逆耳. 

Two MONTHS ago, someone decided to post a portion of their iPhone's log, believing it contains evidence of them being monitored. Except it contained no such thing. It's quite easy to Google all the suspicious keywords like "tracked" and "proactiveHarvesting"... They are all built by Apple. So I replied there's nothing here that indicates anything about you being monitored. 

OP pivoted to a different theory, like "what if they hack me through Bluetooth or something else? I can find evidence of intrusion? "

I replied that you can't be hacked through Bluetooth nowadays, esp. if you have a modern iPhone and keep stuff updated. And evidence of intrusion had to be gathered by forensic analysis. It's not something regular folks can just run an app and "voila, evidence!". 

Then yesterday, some OTHER random guy decided to necro the topic from 2 months ago (and even OP had left the topic), and started blabbing about "Bluetooth hacking, just search for it."

As a cybersecurity professional, I am QUITE familiar with state of Bluetooth hacking. With noderm iPhones, the best you *can* do without some Zero-day exploit was Bluespam (keep popping up "trying to connect") 

There are other Bluetooth hacks, but they don't result in being able to control the iPhone. Just to summarize: 

Bluejacking -- the targeted user accepts the pairing attempt from a peripheral, which of course, results in the peripheral, acting as a keyboard and mouse, gaining some control of the iPhone. This is NOT done easily, as the user must ACCEPT the pairing attempt. It's not done invisibly or automatically. 

Bluesnarfing -- by using some exploits on VERY old firmware, hacker can transfer files the target phone. Again, only on very old firmware with problems. And most files "shared" this way are just regular stuff, like calendar, contacts, photos, texts, videos, and such. Stuff you normally use BT to transfer. They can't suddenly reach out into Banking app and take your account number and balance (at least, not with bluesnarfing alone). 

Bluebugging -- the most dangerous, but requires a VERY dangerous exploit that basically gave the attacker full control of the device through Bluetooth. You pretty much have to be running ANCIENT (like 5-10 year old) hardware and firmware with no security updates. 

Blueborne hacking -- a bunch of vulnerabilities discovered in 2017 (yes, 8 years ago) that got grouped together even though they are spread across iOS, Android, Windows, and even Linux, and some embedded OS, due to a Bluetooth problem. When it came to iOS, Blueborne problem was... an audio protocol over Bluetooth, called LEAP: Low Energy Audio Protocol. Guess what iOS was this fixed in? iOS 10. That's right. iOS 10. We're now on... iOS 18.5. 

Really, that's it. 

So I replied something like "Bluetooth hacking is from YEARS ago and usually doesn't even involve smartphones, but peripherals." 

His reply? "Those Flipper devices are something huh?"

Except there's only one: Flipper Zero, and while it *can* "hack" BT and BLE, the worst they can do to iOS is Bluespam. They are not capable of anything like Bluejack, Bluesnarf, Bluebug, or Blueborne. So it's completely irrelevant to the original topic. 

What was the purpose of the reply and who was he supposed to impress by mentioning a few keywords? I honestly have idea. Was he expecting to stump me? 

Frankly, to the average "civilian" (who's not in cybersecurity), the "hackers" seems like wizards, when most of them are actually scriptkiddo that can barely follow instructionss on a PC. They may be lead by someone who's somewhat more skilled, but they are hardly a "live in parents' basement" misunderstood genius stereotypical geek. 

Cybercriminals are usually NOT uberhackers. They can barely follow standard script. They are worse than scriptkiddies (or scriptkiddos). 

In fact, most civilians can't even distinguish device being hacked vs. account being hacked. 

Whether this is due to lack of compuiter literacy, I have no idea. 

And with the advent of AI, which can be used to further disguise the lack of compute literacy, things can only get worse. 

Guess that keeps us cybersecurity experts employed. 

App(s) Discovery: Files (Community) and FilePilot, two Explorer Replacements or Complements

Recently, I came across two different Windows Explorer "replacements or complements". Let's face it, Windows Explorer can get a facelift, but the codebase is ancient. What if someone started from scratch? And here we have two different visions... 

Please note that Microsoft never gave us a way to completely replace Windows Explorer, so there are various "hacks" including registry changes, call intercepts, and so on, but they all have pros and cons. Just beware. 

Files / https://files.community/

Files is a slick looking manager that's completely free. They do suggest you "purchase" it from the Microsoft store to enable auto-patching and thus support them with a bit of revenue, but it is optional. 

The interesting thing about this explorer replacement just about EVERYTHING visual is configurable. Want a background? No problem. Zoom, unzoomed, specific percentage, specific alignment, etc. etc? Can do. Color themes? No problem. Want certain UI elements to appear in a different location? No problem. 

But by default, it looks a lot like Explorer... multiple tabs, etc. That is, until you find the "settings" button at the bottom left. Then everything changes. 

This is free, so just go download it and give it a try, eh? 

FilePilot / https://filepilot.tech/

FilePilot is extremely speedy and free during the beta period. In fact, the download is LESS THAN 2 MB. While the visuals are not as configurable as Files, the UI is extremely slick, with the mouse wheel picking many of the options, such as the different views of files, from large, middle, small icons, to file list, details, and so on. It also supports command palette. EVERYTHING is lightning fast... 

In fact, why don't you just go give it a try? They probably will stop the beta sometime later this year, but in the meanwhile, the beta should still work fine. And you *may* find it useful enough to pay for the full version... even in the current beta state.