That's a phrase I heard for the first time when I became a manager; my boss would tell me I needed to "inspect what I expect." To be honest, I don't think I fully understood the phrase until a lot later. In the context of leadership, it means that if you have certain expectations for your team, you should actively verify that those expectations are being met and investigate the cause if they're not. Don't wait until eval season to say "You failed to meet expectations", instead, review expectations regularly, and if someone isn't meeting them, it's your job to figure out why. Have you defined the expectations in a way that they understand? Are your expectations realistic? Did you provide the resources they needed to meet the exceptions? Did you provide guidance when needed? And so on.

You might be asking: "Sure, but why is this on a blog about computers and stuff?"

Expectations

You might have the expectation that your network is secure. You don't remember adding any firewall rules or forwarding any ports, or maybe you followed some YouTube tutorial and they told you to proxy your incoming connections through Cloudflare. Maybe you set up a "deny all" line in that NGINX config or you only access your network through a VPN. You expect that your network is safe from outside actors.

To use a real world example, my father set up several Lorex brand CCTVs on his home network to save video to an NVR. He configured a VPN to allow secure remote access to the NVR and assumed that everything was safe. He didn't create any firewall rules or port forwarding to allow access by anything other than the VPN. He expected that this was safe, and in theory, it should have been.

Inspection

We traveled together for a holiday and while drinking coffee one morning, I showed him Censys. Censys is search engine, but unlike Google or Bing, which search for webpages, Censys searches for the actual devices. It indexes the IP addresses of everything on the internet and everything about them. You can write queries to search this index for almost anything you can think of.

For a quick demonstration, I just searched for his home IP address, and we were both surprised when we saw the results:
not actually his results

Umm... What?

For those who might not know RTSP stands for Real-Time Streaming Protocol. It is a protocol designed to stream video over a network, commonly used for CCTV cameras. The HTTP port was the HTML login screen for one of his cameras. We clicked it and I sarcastically tried a default login (admin, admin) and we found ourselves staring at his basement.
As far as he knew, he took all the appropriate steps to secure the devices on his network and expected that nothing was unsafely exposed, but he hadn't inspected that expectation. We found that the camera was factory configured to expose itself via uPnP, a technology which allows devices to request changes to port-forwarding and firewall rules without user involvement. This is supposed to allow for easy set-up by inexperienced users, but it can also create significantly compromise security without the use knowing about it. In our case, my father is not an inexperienced user, he's been a computer engineer since the 80s and has even worked for one of the major producers of networking equipment. He took all the right steps to get his expected result, he just hadn't inspected it ensure that his expectation was being met.

Inspect What You Expect

Censys can be a great starting point when evaluating your network by helping you to understand what you have exposed to the internet. Censys queries can be as simple as an IP address if you just want to see a single point, or they can search broadly for very specific things.

Here are the results of a very simple query looking for exposed FTP servers based out of japan:
japan

There's a lot of FTP servers, obviously, but did you notice that SSH server on port 10022? Some people expect that services will be hidden if they run them on non-standard ports, but don't inspect to see if that's actually the case. Here, we can see that the SSH server is still quite visible, despite being on a non-standard port, just like those non-standard HTTP servers on the other entries. Clicking into an entry will provide even more information, like the software versions, request responses, and so on.

Through Censys, I realized that I was running an older version of Nginx than I thought I was, and that this older version had a number of vulnerabilities that were patched in later versions. I expected that I was running the a current version, but my inspection showed me otherwise.

Final thoughts

While a tool like Censys isn't the only tool you should use to inspect your security expectations, it's a great starting point, since it can show you what your network looks like to the internet. t's also a fun tool to use to explore the internet from a different angle. Instead of just searching the surface of the web for youtube videos and news stories, try searching deeper for Roombas, smart lights, or security cameras.

The important takeaway, though, is that just because you think that something is working how you expect it to, doesn't always mean that it is.
The only way to know for sure is to inspect what you expect.

What is it?

The Lynx Browser (not to be confused with the later Links Browser), is the oldest actively maintained web browser, initially developed in 1992 and still being maintained today. What makes lynx look a bit different from other modern browsers is the fact that even in 2025, it can only display basic text. The lynx browser ignores all of the ads, pictures, JavaScript, fancy formatting, and annoying infinitely-scrolling slop, to just delivery the content you want to read. Not only does this reduce distractions, but it's also great to use if your internet connection has limited bandwidth.

Using lynx

Lynx is included in the repos of most Linux distributions, so installing it is just a matter of running install lynx via your favorite package manager. Lynx runs in the terminal emulator, and can be started by the command lynx or you can directly open a specific website with lynx {website you want}.

Here's an example of Google.com:

google.com

And here's Wikipedia:

Wikipedia

The formatting has obviously changed quite a bit, but all of the content is still there. This makes lynx great for sites where you just want to be able to read the content quickly, without distractions. Lynx also supports the gopher protocol, and since gopher is a text-based service to begin with, browsing the gopherspace from lynx feels completely natural.

Super Dimensional Fortress's User's Gophersites:

Super Dimensional Fortress

Pitfalls

There are, however, a few downsides to accessing the modern W3 through a text-only browser. The things that many of us would like to avoid (ads, JavaScript, endlessly scrolling slop, etc) have been so deeply entrenched in some sites that the they simply can't function without it. You might think that this could be a great way to revisit pages that you used to enjoy, like Facebook, but here's how the modern Facebook (even m.facebook) looks on Lynx:

In fact, even some some simple websites might not display well in lynx built if they're built with certain older formatting tools, like frames. Here's my own website as an example. It's worth noting, though, that while my site doesn't look correct without displaying frames, it can still be fully navigated by using the FRAME: links at the top:

k3can's homepage

Thoughts

So, while lynx is unlikely to fully replace your graphical browser on the modern web, it's still surprisingly useful for focused reading, navigating gopherspace, and for situations with limited bandwidth. Installing lynx is simple and the entire browser is only 6 MiB in size, so it's a great tool to have on your system.

K3CAN

Tech

Inspect What You Expect

Expectations

Inspection

Inspect What You Expect

Final thoughts

Lynx - A Text Based Web (and Gopher) Browser

What is it?

Using lynx

Pitfalls

Thoughts

Search

About

Categories

Tags

Latest entries

Subscribe (RSS)

Links