February 2012
4 posts
7 tags
iMessage delivery status issues
so I’ve been having this annoying problem for the past week or so with iMessage, where I’ll send a message from my iPhone, and it will briefly say “delivered” before changing status to “not delivered” - but on my iPad, that same message shows a status of “delivered” (and in reality, the message was indeed delivered and received by my wife). The...
5 tags
CFT: How Apple Treats the Gift of Open Source: The... →
in which Apple does a typically Apple thing: takes some fairly awesome open source software, goes back a number of revisions to a version that’s old and crusty, cuts out a bunch of stuff they’re not interested in, adds other new code/options under an incompatible license, and releases the whole thing to users with little to no documentation.
7 tags
SSL Skeleton Keys →
quirksintech:
From the Ars lede:
Critics are calling for the ouster of Trustwave as a trusted issuer of secure sockets layer certificates after it admitted minting a credential it knew would be used by a customer to impersonate websites it didn’t own.
The so-called subordinate root certificate allowed the customer to issue SSL credentials that Internet Explorer and other major browsers would...
7 tags
How To: Stream Mac Desktop to Apple TV |... →
context: I have only Apple TVs in the house now (no over-the-air or cable/satellite source), and am trying to figure out how to stream the Super Bowl to one of my Apple TVs so I can watch it on the big screen tomorrow. There are a number of options, but what I really want is to stream the desktop of one of my Macs (where I can stream the Super Bowl in a web browser) and display it on the Apple TV....
January 2012
7 posts
8 tags
Let's make TCP faster - The official Google Code... →
some interesting protocol tweaks to TCP that are in the process of becoming a standard, and can improve web browsing speed by 10-40% or more.
4 tags
Port-Independent SSL Detection | Crucial Security... →
break down an SSL payload, byte by byte, to gain a better understanding of what’s inside.
5 tags
Real-time Web Monitor - Akamai →
useful tool (Flash-based) for visualizing Internet traffic, latency or attack levels worldwide and percentage deviation from normal, from the perspective of Akamai’s many nodes around the Internet.
7 tags
DataLossDB is a research project aimed at documenting known and reported data...
– OSF DataLossDB | Data Loss News, Statistics, and Research
5 tags
MAC_Find: Vendor/Ethernet/Bluetooth MAC Address... →
8 tags
Eventually consistent semantics provide almost no guarantees regarding the...
– Probabilistically Bounded Staleness
“How eventual is eventual consistency? How consistent is eventual consistency? PBS provides answers to these questions using new techniques and simple modeling. Find out how and play with models in your browser on this page.”
nice HTML5-based...
5 tags
Linux Lighting Group - connect() wrapper →
tired of default 75 second timeouts for command line tools like nc(1) to give up trying to hit a remote host that isn’t responding? connect_wrapper.so to the rescue! tell your command to give up and move on to the next host if it doesn’t respond in, say, 3 seconds. builds (and presumably, runs) on OS X with minimal modifications.
December 2011
12 posts
6 tags
Convert keys between GnuPG, OpenSSH and OpenSSL -... →
prerequisite to using the existing PGP public keyserver infrastructure to store SSH keys (so that you can verify and swap SSH keys with others to enable secure file transfers - baroque, perhaps, but useful in certain cases). via @floatingatoll
6 tags
AA9PW FCC Exam Practice » So you want to learn... →
in the days after the nuclear apocalypse, amateur (“ham”) radio operators communicating in Morse code will be what enables civilization to rise again. Learn how to communicate clearly and competently in Morse code using the Koch method, explained in this blog post!
6 tags
DTerm: A command line anywhere and everywhere
9 tags
Mac OS X living in 2 AD Domains = Kerberos breaks... →
currently dealing with this exact issue (not directly responsible for it myself, but I’m consulting on it). Apple made some … odd decisions in low-level implementations of things like NFS and Kerberos in OS X.
5 tags
Towards Elliptic Curve Cryptography
cryptocatapp:
Cryptocat relies on generating 4096-bit Diffie-Hellman keys in order to secure conversations effortlessly without the need for parties to agree on a pre-shared key. This has the following advantages:
Diffie-Hellman is relatively mathematically simple, and thus easier to implement.
4096-bit keys are considered very strong, in terms of asymmetric systems.
Diffie-Hellman hasn’t...
9 tags
How the iPad 2 Became My Favorite Computer →
a writer and artist’s take, reaching a similar conclusion as our previous writeup from a programmer
9 tags
OpenSSL memory use in Node.js | Paul's Journal →
in which compression being enabled by default leads to orders of magnitude more memory use and serious performance issues. (and in which your humble editor discovers a great new OS X tool, Instruments.app.)
3 tags
9 tags
Blosc →
Blosc is a high performance compressor optimized for binary data. It has been designed to transmit data to the processor cache faster than the traditional, non-compressed, direct memory fetch approach via a memcpy() OS call. Blosc is the first compressor (that I’m aware of) that is meant not only to reduce the size of large datasets on-disk or in-memory, but also to accelerate...
7 tags
I swapped my MacBook for an iPad+Linode
yieldthought:
On September 19th, I said goodbye to my trusty MacBook Pro and started developing exclusively on an iPad + Linode 512. This is the surprising story of a month spent working in the cloud.
It all started when I bought my first MacBook a couple of years ago. Frustrated by the inconsistent usage of ctrl/alt/option/arrow keys to jump words and screens and lines, I searched for a new...
6 tags
If you have a mobile app that makes SSL connections to a service you control,...
– Your App shouldn’t suffer SSL’s problems - Moxie Marlinspike
in which we examine the problems with using a general-purpose authentication infrastructure (SSL CAs), and some alternative approaches.
6 tags
Carrier IQ is on iOS
chpwn:
Carrier IQ, the now infamous “rootkit” or “keylogger”, is not just for Android, Symbian, BlackBerry, and even webOS. In fact, up through and including iOS 5, Apple has included a copy of Carrier IQ on the iPhone. However, it does appears to be disabled along with diagnostics enabled on iOS 5; older versions may send back information in more cases. Because of that, if you want to disable...
November 2011
9 posts
8 tags
Links » Fixing CAs →
Ben Laurie and Adam Langley (if you know much about SSL, you will recognize those names) have a proposal on mitigating the rogue/pwned CA issue that has been plaguing the Internet recently (most notably with Iran earlier in 2011).
6 tags
SMTPRoutes - Python-powered SMTP server with... →
thechangelog:
A cool project from Benjamin E. Coe for SMTP using an elegant DSL in Python:
class ExampleRoute(Route):
@route(r'(?P<prefix>open)@(?P<suffix>.*)')
def open_route(self):
print "%s at %s sent the message: \n\n %s" % (
self.prefix,
self.suffix,
self.message
)
Messages are routed to methods in your class based...
4 tags
4 tags
ifconfig.me →
via @marcusramberg, this works like whatismyip.com, but if you use it from the command line (e.g. “curl ifconfig.me”) you get just an IP in response - perfect for scripting purposes to determine the IP as seen by the Internet. Not sure if it works with IPv6 yet.
6 tags
Master the New Gmail with These Tips, Shortcuts,... →
exhaustive list, covering shortcuts, extensions, layout tweaks, advanced searches and filters, labs, desktop integration and more.
4 tags
Parallel Implementations « #AltDevBlogADay →
John Carmack on the parallel development process, and how his approach to programming has changed over time.
7 tags
walkthrough of the BEAST HTTPS Attack →
nice detailed step-by-step analysis of how a BEAST attack would work, and discussion of effective (and ineffective) mitigations.
8 tags
This security update resolves a privately reported vulnerability in Microsoft...
– Microsoft Security Bulletin MS11-083 - Critical : Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
read that again: sending crafted UDP packets to a closed port can result in remote code execution.
trustworthy computing, indeed.
6 tags
SSH Probes and the Great Firewall of China →
interesting detective work by a security officer at Sweden’s National Supercomputer Centre at Linköping University leads to deduction of a new feature being enabled on China’s national firewall.
October 2011
16 posts
5 tags
Simple Two-Factor SSH Authentication with Google... →
nice - free to implement two-factor auth for SSH logins (no RSA token required).
7 tags
BREADBOX64 is a twitter client for the C64/128 which allows you to tweet from a...
– :: v a n . d e n . b r a n d e ::
6 tags
What you should be asking at this point is whether a computational DoS attack...
– SSL/TLS and Computational DoS - Educated Guesswork
5 tags
How StackExchange Scales - Up, Not Out (or, Big... →
the folks at StackExchange take a different approach to scalability than most other high traffic sites these days - up, not out; Windows, not Linux; a small number of more expensive, more powerful servers rather than a spread over a large number of cheaper commodity boxes; in-house, not on Amazon or some other cloud provider.
Many good insights in this overview of a recent podcast discussion.
6 tags
Service overview and network port requirements for... →
7 tags
World's best introduction to sed →
4 tags
iOS5 Redsn0w Jailbreak (Tethered) →
nice step-by-step on the (currently tethered) jailbreak for iOS 5. tl;dr is “run redsn0w, click the jailbreak button. when finished, run it again, click extras, click just boot, and you’re done.” tethered means every time you reboot the phone, you’ll need to plug it in and run redsn0w to get your jailbreak back - if not, it defaults back to the standard iOS, so no great...
4 tags
On Go →
11 tags
importing S/MIME certificates to iOS 5
now that Mail in iOS finally supports S/MIME, you can cryptographically sign (or encrypt) your email. You may in fact already be doing this in Mail.app if you have a Mac, or in Thunderbird, Outlook or some other program otherwise. This writeup assumes you’re using a Mac; if you’re using Windows, my condolences. I’m sure somebody will come up with something to help you at some...
9 tags
OpenBSD-EEVDF →
“This project is a little experiment of mine trying to port some (most) of the concepts of the Linux BrainF*ck scheduler to OpenBSD. The BrainF*ck scheduler is an earliest effective virtual deadline first scheduler. It computes a virtual deadline for each process taking into account only the processes priority and orders processes for scheduling according to their deadlines. Each process may...
5 tags
3 tags
Uncrustify - Source Code Beautifier for C-like... →
6 tags
Happy SysAdm: The disk is offline because of... →
if you ever find yourself in the position of having to assign iSCSI LUNs to a Windows 2008 server on VMware, this may be of use to you. Note that in the disk management UI, right-clicking on the name of a disk, and right-clicking on the graphical representation of that same disk, DO NOT yield the same set of context menus. You have been warned.
5 tags
What to expect in OpenBSD 5.0 onwards, and how the... →
great in-depth writeup explaining how the OpenBSD release process works. why it’s so consistent and stable, and how architectural changes are introduced gently over time and with lots of testing.
4 tags
Provisioning Root on Softraid →
FINALLY. in-kernel support for this; been waiting for this for years. woot!
5 tags
Sinatra 1.3 is out!
thechangelog:
Sinatra 1.3 is out!Sinatra 1.3.0 is out with two big news items. The Chairman is now traveling with his own band. [Sinatra Contrib, the community-sourced collection of extensions](https://github.com/sinatra/sinatra-contrib), is now versioned with Sinatra itself, ensuring compatibility. Sinatra Contrib provides some niceties on top of Sinatra for common tasks like config files,...
September 2011
25 posts
7 tags
Security Hang-Ups | Evernote Tech Blog →
in which the Evernote crew discovers the value of a low idle timeout, especially for SSL connections. Anybody who’s worked at a large web shop has probably run into this before …
5 tags
Skype XSS Explained « Superevr →
nice technical details