May 2012
9 posts
6 tags
Fix Time Machine Sparsebundle NAS Based Backup... →
if you ever get errors from Time Machine saying it needs to invalidate your existing backup and start again from scratch, and especially if you back up to something that’s NOT a time capsule or direct-attached external drive, this is for you.
May 29th
6 tags
the system and network admin's 5-in-1 cable... →
Ethernet, crossover, modem, null modem, Cisco/Sun console. all in a single cable and adapter set. VERY handy. complete with pictures and step-by-step instructions to make it yourself!
May 24th
3 tags
Ned Batchelder: Two problems →
May 23rd
7 tags
––thursday #5: diagnosing high readahead →
excellent analysis of MongoDB performance as negatively affected by excessive readahead.
May 11th
4 tags
Does Hashing Make Data “Anonymous”? | Tech @ FTC →
Ed Felten (with some good comments from Dan Kaminsky et al.)
May 9th
9 tags
Video streaming & net neutrality (or, Comcast... →
ber-gd: When the Comcast/NBC Universal merger was approved by the Department of Justice, Comcast agreed to two interesting stipulations regarding the neutrality of their residential broadband service: If Comcast provided capped broadband service, it would not exempt any traffic from the cap, and it…
May 9th
7 notes
6 tags
Thomas Menari: Creating a Looking Glass with... →
tmenari: Recently I wanted to run my own Looking Glass server so I can see what routes our network is taking without having to connect to all of our core routers. OpenBGPD comes with a looking glass script called bgplg. Depending on topology you may wish to configure the LG neighbour on the peering…
May 8th
27 notes
6 tags
May 8th
16 notes
7 tags
JSLint,The JavaScript Code Quality Tool →
May 3rd
1 note
April 2012
10 posts
8 tags
Sean Coates blogs: Remote pbcopy →
set up a forwarder that will allow you to inject text from a remote SSH session into the clipboard of your Mac. (obvious security implications; use with caution.)
Apr 27th
5 tags
OSSEC & Splunk: SIEM for Everyone | Increased... →
Apr 23rd
4 tags
Six Stages of Debugging // plasmasturm.org →
That can’t happen. That doesn’t happen on my machine. That shouldn’t happen. Why does that happen. Oh, I see. How did that ever work?
Apr 18th
4 tags
MLcomp →
“MLcomp is a free website for objectively comparing machine learning programs across various datasets for multiple problem domains.”
Apr 13th
5 tags
Apr 13th
4 notes
4 tags
Travis Goodspeed's Blog: Improving the MSP430 FET →
low-level hardware hacking that’s way beyond my skill level, but interesting reading. Travis Goodspeed is a really smart guy.
Apr 10th
6 tags
Twitter Engineering: MySQL at Twitter →
interesting optimizations and patches for MySQL over at Twitter (now on github under the BSD license!)
Apr 9th
6 tags
Zimbra & Mozilla email, 4 months later | mrz's... →
Apr 9th
5 tags
Static analysis of an unknown compression format -... →
fascinating.
Apr 8th
7 tags
“It turns out that wizard is quite the magician. It’s main trick is to provide a...”
– fail0verflow :: AT&T microcell fail in which which we are reminded, yet again, of how big vendors still build consumer hardware and software with little thought given to security.
Apr 5th
1 note
March 2012
8 posts
11 tags
ReadyNAS NV and Encryption (TrueCrypt) « Steve... →
TrueCrypt, iSCSI, ReadyNAS, etc. an interesting approach, but not sure if the risk mitigated by encryption (primarily physical theft of data while on the move - hence, FileVault on my laptop) is worth the hassle in this case (since anybody stealing it would have to first break into my house, not just grab a laptop on the run - or, it could be the cops/feds come calling, but that currently seems...
Mar 14th
1 note
4 tags
Enable AirDrop Over Ethernet & AirDrop On... →
defaults write com.apple.NetworkBrowser BrowseAllInterfaces 1
Mar 12th
4 tags
Unsung Heros (the list) « Cатсн²² (in)sесuяitу /... →
nice list of great - but uncommon - tools for use in security (many offensively-focused).
Mar 12th
2 notes
7 tags
IPv6 and OpenBSD (Part 1) « Kurt Seifried →
Mar 10th
8 tags
Towards a More Transparent Security Model
cryptocatapp: We’ve taken a few steps in order to improve the Cryptocat project’s transparency concerning its decisions on security: Improvements regarding security transparency: We have released version 1.2c of the Cryptocat protocol, which replaces our custom  safe Diffie-Hellman prime with a prime taken from RFC 3526. Seeing as the primes in the RFC are all derived from π, we hope this will...
Mar 6th
2 notes
5 tags
Dive Into Mark ~ A mirror of Mark Pilgrim's GitHub →
thechangelog: For many of you reading this, you might be playing catch up on the disappearance of Mark Pilgrim — like I was while writing this. On October 4th, 2011 various websites of Mark’s (diveintomark.org, diveintohtml5.org, diveintoaccessibility.org, diveintogreasemonkey.org, diveintopython.org, etc.) started to return the HTTP status code, 410 Gone. The 410 response is primarily...
Mar 5th
9 notes
8 tags
StalkR's Blog: SSH/HTTP(S) multiplexing with... →
works a lot like sslh (run SSH and HTTPS servers on the same port, by having a multiplexer listening and handing off requests to the appropriate service on the backend), but with one important advantage: it uses the Linux IP_TRANSPARENT feature to retain the original client IP (for great logging justice). It may be possible to patch this to work with e.g. OpenBSD’s pf(4) without too much...
Mar 2nd
8 tags
URL shorteners and privacy: The Good, the Bad and... →
Here is the short version of the reading guide: a URL shortener which gives a high priority to reliability, performance and privacy will use a 301 (“Moved Permanently”) response code, will not use cache control headers and will not use cookies. A URL shortener which gives high priority to its own ability to monetize its traffic by tracking users will do one or more of these things.
Mar 2nd
February 2012
5 posts
6 tags
Static Signing: An Alternative to SSL
jonmah: A story of conflation The HTTPS protocol stack (TLS/SSL) has been a remarkable success, providing sufficient confidence for online commerce and banking. It’s not perfect: The crypto could be stronger, and should be simpler. The Certificate Authority model is increasingly showing cracks. But hey, I don’t yet hesitate to buy online. HTTPS does two things. It encrypts the data...
Feb 29th
2 notes
7 tags
iMessage delivery status issues
so I’ve been having this annoying problem for the past week or so with iMessage, where I’ll send a message from my iPhone, and it will briefly say “delivered” before changing status to “not delivered” - but on my iPad, that same message shows a status of “delivered” (and in reality, the message was indeed delivered and received by my wife). The...
Feb 28th
5 tags
CFT: How Apple Treats the Gift of Open Source: The... →
in which Apple does a typically Apple thing: takes some fairly awesome open source software, goes back a number of revisions to a version that’s old and crusty, cuts out a bunch of stuff they’re not interested in, adds other new code/options under an incompatible license, and releases the whole thing to users with little to no documentation.
Feb 14th
1 note
7 tags
SSL Skeleton Keys →
quirksintech: From the Ars lede: Critics are calling for the ouster of Trustwave as a trusted issuer of secure sockets layer certificates after it admitted minting a credential it knew would be used by a customer to impersonate websites it didn’t own. The so-called subordinate root certificate allowed the customer to issue SSL credentials that Internet Explorer and other major browsers would...
Feb 14th
3 notes
7 tags
How To: Stream Mac Desktop to Apple TV |... →
context: I have only Apple TVs in the house now (no over-the-air or cable/satellite source), and am trying to figure out how to stream the Super Bowl to one of my Apple TVs so I can watch it on the big screen tomorrow. There are a number of options, but what I really want is to stream the desktop of one of my Macs (where I can stream the Super Bowl in a web browser) and display it on the Apple TV....
Feb 4th
7 notes
January 2012
7 posts
8 tags
Let's make TCP faster - The official Google Code... →
some interesting protocol tweaks to TCP that are in the process of becoming a standard, and can improve web browsing speed by 10-40% or more.
Jan 24th
28 notes
4 tags
Port-Independent SSL Detection | Crucial Security... →
break down an SSL payload, byte by byte, to gain a better understanding of what’s inside.
Jan 20th
12 notes
5 tags
Real-time Web Monitor - Akamai →
useful tool (Flash-based) for visualizing Internet traffic, latency or attack levels worldwide and percentage deviation from normal, from the perspective of Akamai’s many nodes around the Internet.
Jan 20th
13 notes
7 tags
“DataLossDB is a research project aimed at documenting known and reported data...”
– OSF DataLossDB | Data Loss News, Statistics, and Research
Jan 17th
17 notes
5 tags
MAC_Find: Vendor/Ethernet/Bluetooth MAC Address... →
Jan 9th
17 notes
8 tags
“Eventually consistent semantics provide almost no guarantees regarding the...”
– Probabilistically Bounded Staleness “How eventual is eventual consistency? How consistent is eventual consistency? PBS provides answers to these questions using new techniques and simple modeling. Find out how and play with models in your browser on this page.” nice HTML5-based...
Jan 4th
15 notes
5 tags
Linux Lighting Group - connect() wrapper →
tired of default 75 second timeouts for command line tools like nc(1) to give up trying to hit a remote host that isn’t responding? connect_wrapper.so to the rescue! tell your command to give up and move on to the next host if it doesn’t respond in, say, 3 seconds. builds (and presumably, runs) on OS X with minimal modifications.
Jan 4th
19 notes
December 2011
12 posts
6 tags
Convert keys between GnuPG, OpenSSH and OpenSSL -... →
prerequisite to using the existing PGP public keyserver infrastructure to store SSH keys (so that you can verify and swap SSH keys with others to enable secure file transfers - baroque, perhaps, but useful in certain cases). via @floatingatoll
Dec 21st
25 notes
6 tags
AA9PW FCC Exam Practice » So you want to learn... →
in the days after the nuclear apocalypse, amateur (“ham”) radio operators communicating in Morse code will be what enables civilization to rise again. Learn how to communicate clearly and competently in Morse code using the Koch method, explained in this blog post!
Dec 21st
4 notes
6 tags
WatchWatch
DTerm: A command line anywhere and everywhere
Dec 14th
5 notes
9 tags
Mac OS X living in 2 AD Domains = Kerberos breaks... →
currently dealing with this exact issue (not directly responsible for it myself, but I’m consulting on it). Apple made some … odd decisions in low-level implementations of things like NFS and Kerberos in OS X.
Dec 14th
3 notes
5 tags
Towards Elliptic Curve Cryptography
cryptocatapp: Cryptocat relies on generating 4096-bit Diffie-Hellman keys in order to secure conversations effortlessly without the need for parties to agree on a pre-shared key. This has the following advantages: Diffie-Hellman is relatively mathematically simple, and thus easier to implement. 4096-bit keys are considered very strong, in terms of asymmetric systems. Diffie-Hellman hasn’t...
Dec 11th
20 notes
9 tags
How the iPad 2 Became My Favorite Computer →
a writer and artist’s take, reaching a similar conclusion as our previous writeup from a programmer
Dec 10th
11 notes
9 tags
OpenSSL memory use in Node.js | Paul's Journal →
in which compression being enabled by default leads to orders of magnitude more memory use and serious performance issues. (and in which your humble editor discovers a great new OS X tool, Instruments.app.)
Dec 10th
22 notes
3 tags
Dec 9th
3 notes
9 tags
Blosc →
Blosc is a high performance compressor optimized for binary data. It has been designed to transmit data to the processor cache faster than the traditional, non-compressed, direct memory fetch approach via a memcpy() OS call. Blosc is the first compressor (that I’m aware of) that is meant not only to reduce the size of large datasets on-disk or in-memory, but also to accelerate...
Dec 9th
25 notes
7 tags
I swapped my MacBook for an iPad+Linode
yieldthought: On September 19th, I said goodbye to my trusty MacBook Pro and started developing exclusively on an iPad + Linode 512. This is the surprising story of a month spent working in the cloud. It all started when I bought my first MacBook a couple of years ago. Frustrated by the inconsistent usage of ctrl/alt/option/arrow keys to jump words and screens and lines, I searched for a new...
Dec 7th
439 notes
6 tags
“If you have a mobile app that makes SSL connections to a service you control,...”
– Your App shouldn’t suffer SSL’s problems - Moxie Marlinspike in which we examine the problems with using a general-purpose authentication infrastructure (SSL CAs), and some alternative approaches.
Dec 5th
8 notes