May 2012
9 posts
6 tags
Fix Time Machine Sparsebundle NAS Based Backup... →
if you ever get errors from Time Machine saying it needs to invalidate your existing backup and start again from scratch, and especially if you back up to something that’s NOT a time capsule or direct-attached external drive, this is for you.
6 tags
the system and network admin's 5-in-1 cable... →
Ethernet, crossover, modem, null modem, Cisco/Sun console. all in a single cable and adapter set. VERY handy. complete with pictures and step-by-step instructions to make it yourself!
3 tags
Ned Batchelder: Two problems →
7 tags
––thursday #5: diagnosing high readahead →
excellent analysis of MongoDB performance as negatively affected by excessive readahead.
4 tags
Does Hashing Make Data “Anonymous”? | Tech @ FTC →
Ed Felten (with some good comments from Dan Kaminsky et al.)
9 tags
Video streaming & net neutrality (or, Comcast... →
ber-gd:
When the Comcast/NBC Universal merger was approved by the Department of Justice, Comcast agreed to two interesting stipulations regarding the neutrality of their residential broadband service:
If Comcast provided capped broadband service, it would not exempt any traffic from the cap, and
it…
6 tags
Thomas Menari: Creating a Looking Glass with... →
tmenari:
Recently I wanted to run my own Looking Glass server so I can see what routes our network is taking without having to connect to all of our core routers. OpenBGPD comes with a looking glass script called bgplg. Depending on topology you may wish to configure the LG neighbour on the peering…
6 tags
7 tags
JSLint,The JavaScript Code Quality Tool →
April 2012
10 posts
8 tags
Sean Coates blogs: Remote pbcopy →
set up a forwarder that will allow you to inject text from a remote SSH session into the clipboard of your Mac. (obvious security implications; use with caution.)
5 tags
OSSEC & Splunk: SIEM for Everyone | Increased... →
4 tags
Six Stages of Debugging // plasmasturm.org →
That can’t happen.
That doesn’t happen on my machine.
That shouldn’t happen.
Why does that happen.
Oh, I see.
How did that ever work?
4 tags
MLcomp →
“MLcomp is a free website for objectively comparing machine learning programs across various datasets for multiple problem domains.”
5 tags
4 tags
Travis Goodspeed's Blog: Improving the MSP430 FET →
low-level hardware hacking that’s way beyond my skill level, but interesting reading. Travis Goodspeed is a really smart guy.
6 tags
Twitter Engineering: MySQL at Twitter →
interesting optimizations and patches for MySQL over at Twitter (now on github under the BSD license!)
6 tags
Zimbra & Mozilla email, 4 months later | mrz's... →
5 tags
Static analysis of an unknown compression format -... →
fascinating.
7 tags
“It turns out that wizard is quite the magician. It’s main trick is to provide a...”
– fail0verflow :: AT&T microcell fail
in which which we are reminded, yet again, of how big vendors still build consumer hardware and software with little thought given to security.
March 2012
8 posts
11 tags
ReadyNAS NV and Encryption (TrueCrypt) « Steve... →
TrueCrypt, iSCSI, ReadyNAS, etc. an interesting approach, but not sure if the risk mitigated by encryption (primarily physical theft of data while on the move - hence, FileVault on my laptop) is worth the hassle in this case (since anybody stealing it would have to first break into my house, not just grab a laptop on the run - or, it could be the cops/feds come calling, but that currently seems...
4 tags
Enable AirDrop Over Ethernet & AirDrop On... →
defaults write com.apple.NetworkBrowser BrowseAllInterfaces 1
4 tags
Unsung Heros (the list) « Cатсн²² (in)sесuяitу /... →
nice list of great - but uncommon - tools for use in security (many offensively-focused).
7 tags
IPv6 and OpenBSD (Part 1) « Kurt Seifried →
8 tags
Towards a More Transparent Security Model
cryptocatapp:
We’ve taken a few steps in order to improve the Cryptocat project’s transparency concerning its decisions on security:
Improvements regarding security transparency:
We have released version 1.2c of the Cryptocat protocol, which replaces our custom safe Diffie-Hellman prime with a prime taken from RFC 3526. Seeing as the primes in the RFC are all derived from π, we hope this will...
5 tags
Dive Into Mark ~ A mirror of Mark Pilgrim's GitHub →
thechangelog:
For many of you reading this, you might be playing catch up on the disappearance of Mark Pilgrim — like I was while writing this.
On October 4th, 2011 various websites of Mark’s (diveintomark.org, diveintohtml5.org, diveintoaccessibility.org, diveintogreasemonkey.org, diveintopython.org, etc.) started to return the HTTP status code, 410 Gone.
The 410 response is primarily...
8 tags
StalkR's Blog: SSH/HTTP(S) multiplexing with... →
works a lot like sslh (run SSH and HTTPS servers on the same port, by having a multiplexer listening and handing off requests to the appropriate service on the backend), but with one important advantage: it uses the Linux IP_TRANSPARENT feature to retain the original client IP (for great logging justice). It may be possible to patch this to work with e.g. OpenBSD’s pf(4) without too much...
8 tags
URL shorteners and privacy: The Good, the Bad and... →
Here is the short version of the reading guide: a URL shortener which gives a high priority to reliability, performance and privacy will use a 301 (“Moved Permanently”) response code, will not use cache control headers and will not use cookies. A URL shortener which gives high priority to its own ability to monetize its traffic by tracking users will do one or more of these things.
February 2012
5 posts
6 tags
Static Signing: An Alternative to SSL
jonmah:
A story of conflation
The HTTPS protocol stack (TLS/SSL) has been a remarkable success, providing sufficient confidence for online commerce and banking.
It’s not perfect: The crypto could be stronger, and should be simpler.
The Certificate Authority model is increasingly showing cracks.
But hey, I don’t yet hesitate to buy online.
HTTPS does two things.
It encrypts the data...
7 tags
iMessage delivery status issues
so I’ve been having this annoying problem for the past week or so with iMessage, where I’ll send a message from my iPhone, and it will briefly say “delivered” before changing status to “not delivered” - but on my iPad, that same message shows a status of “delivered” (and in reality, the message was indeed delivered and received by my wife). The...
5 tags
CFT: How Apple Treats the Gift of Open Source: The... →
in which Apple does a typically Apple thing: takes some fairly awesome open source software, goes back a number of revisions to a version that’s old and crusty, cuts out a bunch of stuff they’re not interested in, adds other new code/options under an incompatible license, and releases the whole thing to users with little to no documentation.
7 tags
SSL Skeleton Keys →
quirksintech:
From the Ars lede:
Critics are calling for the ouster of Trustwave as a trusted issuer of secure sockets layer certificates after it admitted minting a credential it knew would be used by a customer to impersonate websites it didn’t own.
The so-called subordinate root certificate allowed the customer to issue SSL credentials that Internet Explorer and other major browsers would...
7 tags
How To: Stream Mac Desktop to Apple TV |... →
context: I have only Apple TVs in the house now (no over-the-air or cable/satellite source), and am trying to figure out how to stream the Super Bowl to one of my Apple TVs so I can watch it on the big screen tomorrow. There are a number of options, but what I really want is to stream the desktop of one of my Macs (where I can stream the Super Bowl in a web browser) and display it on the Apple TV....
January 2012
7 posts
8 tags
Let's make TCP faster - The official Google Code... →
some interesting protocol tweaks to TCP that are in the process of becoming a standard, and can improve web browsing speed by 10-40% or more.
4 tags
Port-Independent SSL Detection | Crucial Security... →
break down an SSL payload, byte by byte, to gain a better understanding of what’s inside.
5 tags
Real-time Web Monitor - Akamai →
useful tool (Flash-based) for visualizing Internet traffic, latency or attack levels worldwide and percentage deviation from normal, from the perspective of Akamai’s many nodes around the Internet.
7 tags
“DataLossDB is a research project aimed at documenting known and reported data...”
– OSF DataLossDB | Data Loss News, Statistics, and Research
5 tags
MAC_Find: Vendor/Ethernet/Bluetooth MAC Address... →
8 tags
“Eventually consistent semantics provide almost no guarantees regarding the...”
– Probabilistically Bounded Staleness
“How eventual is eventual consistency? How consistent is eventual consistency? PBS provides answers to these questions using new techniques and simple modeling. Find out how and play with models in your browser on this page.”
nice HTML5-based...
5 tags
Linux Lighting Group - connect() wrapper →
tired of default 75 second timeouts for command line tools like nc(1) to give up trying to hit a remote host that isn’t responding? connect_wrapper.so to the rescue! tell your command to give up and move on to the next host if it doesn’t respond in, say, 3 seconds. builds (and presumably, runs) on OS X with minimal modifications.
December 2011
12 posts
6 tags
Convert keys between GnuPG, OpenSSH and OpenSSL -... →
prerequisite to using the existing PGP public keyserver infrastructure to store SSH keys (so that you can verify and swap SSH keys with others to enable secure file transfers - baroque, perhaps, but useful in certain cases). via @floatingatoll
6 tags
AA9PW FCC Exam Practice » So you want to learn... →
in the days after the nuclear apocalypse, amateur (“ham”) radio operators communicating in Morse code will be what enables civilization to rise again. Learn how to communicate clearly and competently in Morse code using the Koch method, explained in this blog post!
6 tags
WatchDTerm: A command line anywhere and everywhere
9 tags
Mac OS X living in 2 AD Domains = Kerberos breaks... →
currently dealing with this exact issue (not directly responsible for it myself, but I’m consulting on it). Apple made some … odd decisions in low-level implementations of things like NFS and Kerberos in OS X.
5 tags
Towards Elliptic Curve Cryptography
cryptocatapp:
Cryptocat relies on generating 4096-bit Diffie-Hellman keys in order to secure conversations effortlessly without the need for parties to agree on a pre-shared key. This has the following advantages:
Diffie-Hellman is relatively mathematically simple, and thus easier to implement.
4096-bit keys are considered very strong, in terms of asymmetric systems.
Diffie-Hellman hasn’t...
9 tags
How the iPad 2 Became My Favorite Computer →
a writer and artist’s take, reaching a similar conclusion as our previous writeup from a programmer
9 tags
OpenSSL memory use in Node.js | Paul's Journal →
in which compression being enabled by default leads to orders of magnitude more memory use and serious performance issues. (and in which your humble editor discovers a great new OS X tool, Instruments.app.)
3 tags
9 tags
Blosc →
Blosc is a high performance compressor optimized for binary data. It has been designed to transmit data to the processor cache faster than the traditional, non-compressed, direct memory fetch approach via a memcpy() OS call. Blosc is the first compressor (that I’m aware of) that is meant not only to reduce the size of large datasets on-disk or in-memory, but also to accelerate...
7 tags
I swapped my MacBook for an iPad+Linode
yieldthought:
On September 19th, I said goodbye to my trusty MacBook Pro and started developing exclusively on an iPad + Linode 512. This is the surprising story of a month spent working in the cloud.
It all started when I bought my first MacBook a couple of years ago. Frustrated by the inconsistent usage of ctrl/alt/option/arrow keys to jump words and screens and lines, I searched for a new...
6 tags
“If you have a mobile app that makes SSL connections to a service you control,...”
– Your App shouldn’t suffer SSL’s problems - Moxie Marlinspike
in which we examine the problems with using a general-purpose authentication infrastructure (SSL CAs), and some alternative approaches.