Archive for the ‘Society’ Category

2012w14

Sunday, April 8th, 2012

Not a whole lot to say this week, it has mostly been work, sleep, work, sleep, … well you get the picture.

Some noteworthy things however:

Just how, in their infinite wisdom, does the EU expect to test the security of their own servers and services if they are going to outlaw so-called “cyber-attack tools”. For that matter, how do they propose ANY manufacturer of ANY type of digital system perform ANY type of actual security testing worth a damn?

Social AND Private? Well… not quite yet, but if they get the p2p and encryption stuff working, then we’re in business :)

ENCRYPT ALL THE THINGS! ;)

And it wouldn’t be one of my hallmark blagposts if it didn’t have some random links which may or may not be of any value, no would it?

Dunno just what it might be useful for, but creating 3D graphics procedurally using Lua, like with Fugu seems like just the right approach for me. If I were to do 3D models that is.

Now this promises to be an interesting game.

And a rather interesting programming language.

:wq

2012w08

Sunday, February 26th, 2012

Hacks

A capture the flag game where the objective is to break into a computer system.

Commandline

I found myself needing to remove a couple (three) columns from a file containing about 15 columnts per line. And sure, I could have done something like awk '{ print $1 " " $2 " " $3 " " }' for the 12 columns I wanted, but that would have been tedious.

There just had to be a better way. And of course there was ;)

* * * * * *

I’ve been entertaining an idea which would need version controlled updates, and they’d also need to be trusted. So I’d need signed commits, and since I’m mostly using git nowadays, I needed to find out if this was possible. It is.

* * * * * *

Since starting my new job I’ve realized just how important it can be to write portable scripts (especially echo has bitten me in the ass a couple of times already) so this post was pretty useful to me.

Society

Now this was a pretty inspiring post.

* * * * * *

A pretty funny post about how truly sorry a state the TV is in.

2012w07

Sunday, February 19th, 2012

What I thought I’d do was I’d try some more tweaks, this one about categorization. Mostly because I think some of the neat things I’ve stumbled over in the past couple of weeks might not deserve their own heading. So I am revamping the headings:

Hacks

I thought this section would be about… not necessarily hacks, but if you would, the hacker mentality. Redefining a problem, is one such trait.

And building an eco-friendly house for around $5000 is defintively another.

Finally, Hacking Hacker News, which sounds like a rather fun project.

Tech

I’ve been meaning to learn wireshark, mostly because I could probably put it to pretty good use at work, and then I found pcap2msc which could probably be pretty useful for visualizing the collected data.

I also found a pretty useful site, Sleepyti.me which, given an average sleep cycle of 90 minutes, and user input when she wishes to wake up, calculates when the user should go to bed. Neat!

Commandline

I came across a very good explanation on how to use join.

I’ve also looked into how to increase trust in commits in git, namely by signing commits with your gpg key, and it turned out to be downright easy to accomplish.

Society

I guess that if we are completely ok with any potential ramifications of businesses keeping track of everything we buy, and speculating about what our purchases indicate, then it is completely ok to dispose of cash altogether. Personally it scares the willies out of me.

It’s funny how people seem to always confirm my concerns by abusing powers they shouldn’t have had in the first place…

I knew there was a I keep calling these guys the MAFIAA. Asshats…

While I understand this point and certainly agree to a certain degree, I maintain that if more people voted with their wallets, they’d soon run out of funds with which to buy new laws.

:wq

2012w05

Sunday, February 5th, 2012

Update: Ooops, I guess we gone incremented the year again… and no one thought to tell me :(

TPP (yet another ACTA-type thingy)

Here we go again…. But it seems there is at least one intelligent/regretful person to have realized the error of her ways from last time.

I am fearful however that we are going to have to suffer more shit like this until we eradicate the “entertainment industry” (peacefully of course, vote with your wallets people!)

Because really, would you want this to be the future?

I am not in any way, shape or form serious about the following suggestion: We could of course present the internets the way the “entertainment industry” wants it, to them at least, already today. But I do love this type of humor :)

And with all these new moronic laws running rampant and frakking up the internets, this begs the question: What happens to your files when a cloud service dies? — personally I would have replaced “files” with “data” but whatever, still a worthwhile read.

Before closing the book on the subject of copyright for this time… If you’re a photographer (well, I guess, as we’ve seen with Apple/Samsung, this applies if you are a hardware designer as well): don’t take photographs which are too similar to other photographs

Educational Games

This game was both fun and, at least to me, innovative. Just a wee bit too slow for my netbook, but a real treat if it could inspire someone to start programming :)

SEC — Simple Event Correlator

I don’t really remember what I was looking for when I find this, but I was almost immediately intrigued. Now, I had to read through that first paragraph on their web page a couple of times, and then still read the two excellent tutorials before I figured out what I could use it for, and I think I can express that shorter: look at logfiles, if X happens, execute command Y.

It is a little more complex than that, like if X happens, but A doesn’t happen within a specified time window following X etc.

freedom.txt

This is an interesting initiative which seems to have it roots here and is now maintained on github.

I think the wording of the text regarding governments is a bit inflammatory and could probably be misconstrued, deliberately or otherwise, and turned into a weapon against the initiative itself.

Personally I’d have preferred either to have the wording changed, seeking instead to inspire and educate (yes I know, presumptuous of me to believe I hold the truth) our fellow citizens, or at the very least change the wording into something less misinterpretable.

We should hold those we have elected to govern us at higher standards, instead of not reacting at all, letting them off the hook as it were, whenever they err on the side of dishonesty and/or corruption.

I don’t feel I can really put my signature on that text as it currently stands, but I think I’ll remix it to something I can stand for.

If nothing else, the most interesting idea I got out of it, was the addition of “points of interests” links and IP addresses (see the github page for that). There are some services on there which further makes me unable to put my name on that document, but hoarding IP addresses, and mapping them to domain names, is interesting…

More on this later, when I have thought some more about it.

Links

2012w04

Sunday, January 29th, 2012

Update: Ooops, I guess we gone incremented the year again…

Links

In a nutshell, this is exactly why I stay as far away from Apple as I possible can.

This whole cloud business and software as a service sure works well, doesn’t it?

2012w3

Sunday, January 22nd, 2012

mitmproxy

Granted, there shouldn’t be all that many use cases for a software such as this for a non-pentesting, non-criminal, but the fact that it can record and replay previous interactions, which can be useful, for instance, to automate login on access protected networks (hopefully ones that we already have permission to enter, but find the actual logging in part a real hassle).

Procedural City, Part 1

I thoroughly enjoyed reading this entire series of blog posts, in which the author had the “simple” goal of generating an entire city, digitally, in a procedural manner.

Fedora Friendfinder

Ok, so this is just humor, but you know what? It is good humor :)

XXXTerm

This sounds like something kinky, but is in reality a minimalist web browser with sophisticated security features designed-in.

So, a bit like luakit but with a funnier name ;)

Pipeviewer

pipeviewer really is something I could have more use for, if I just ever remebered to use it ;)

The next SOPA

You know what? This guy is on the right track. And I think Joel is as well.

MPAA shows us just why they are not a part of the solution. Mostly it is because they, and the rest of the abusive copyright-holders are their own worst enemy. Of course, they won’t go down peacefully, so it really is time for us to start fighting back. And there are plenty of targets to chose from.

In related news, it seems the Polish internet community is “unhappy” with ACTA… very nice :)

2011w52

Sunday, January 1st, 2012

Merry belated christmas greetings everyone! And by the time this post is published I could extend it with Happy belated new years greetings as well ;)

vim + html5 syntax

I’ve been tinkering a lot with html5 during my vacation and vim just didn’t want to play nicely with the new html-tags.

Namely, as it wouldn’t recognise the new semantic structural tags (footer, header, article, section, nav, aside) it wouldn’t indent the source properly and it was a cause for both distraction, and the resulting frustration.

I was not the first to feel this frustration, and a quick search turned up this result which solved both the html and css syntax issues (check the comments for the css solution). Very elegant solution, and now I’ve also learned about vim’s .vim/after/ directory… That was pretty cool.

Learning html5

I’ve actually shied away from doing stuff with html5, as whenever I tried to wrap my head around the new tags and how they should be used, there were just a myriad of different sites interpreting the usage in subtle but differing ways, but I finally found a resource which makes sense to me, so until a definitive interpretation has been hammered out, that’s the one I’m going to stick with.

Also, for sticky footers using css, and html5, check out this page. I had no trouble getting that to work.

Links

This question pretty much sums up why I like the command line so much

This looks interesting for synching (and deleting) without having to worry about doing “the right thing”

Nice list of things one could do with a home server

Doing it for teh lulz, 1903 style

EA, Nintendo and Sony now only covertly support SOPA (through their membership in various interest organizations). Wanting to eat the cake and still have it huh?

Tom’s Hardware not being amused by SOPA

Oh how I so hope that Wikipedia, Google, et al, will go down this path. (I do think there is a difference between companies lobbying, writing laws, and pressuring governments, and companies urging people to put pressure on governments, so yes, I think this is ok)

An interesting theory about why cinemas are having such a rough time

Haven’t had a chance to try this, but creating art using a written grammar does sound pretty neat, especially if you could get a script and /dev/random involved as well ;)

German police tracking people via silent SMS. I am beginning to think that rms is correct in his cellphone “usage”

Too much reading and constant information overload makes us pretty little passive consumers

2011w51

Sunday, December 25th, 2011

Bash variable string operators

I had a file filled with URLs to files I needed to download. Some of the files on the list, however, had already been downloaded, so no need to do it all again.

Should be fairly easy, right? cat the file to a while loop, reading the lines one by one, extracting the filename from the URL, check that it isn’t existing already, and if it isn’t, download it with wget.

So… how do you go about extracting the filename? You could certainly use sed and store the extracted filename in a separate variable, but that seems kindof wasteful, especially in a one-liner while loop. This article provided me with another option.

${line##*/} which deletes the longest possible match from the left (which in this case means up to (including) the last “/”) i.e. everything up to the name of the file.

No can haz censorship plz

If you’d like to make it clear that you too oppose SOPA (which, fittingly, means “garbage” in Swedish) then head over to Github, pick up your very own copy of stopcensorship.js, embed it on your site, and you’re set :)

I am also noting, with some glee, that GoDaddy is catching a whole lot of flak for their support of SOPA.

The only thing companies truly understand is when you hit them where it hurts, and that is their wallets (or as some brilliant person jokingly expressed it: “stop hitting us in our quarterly reports!”), and the only way to do that, is by voting with your own wallet.

I’m so happy about the fact that more and more people are catching on to this realization that I could… shit rainbows :)

Japanese Whaling + Tsunami disaster relief funds = disgusting

Just when I didn’t believe it possible for the Japanese whaling industry to appear as bigger scumbags than they already appear (yes, it is a quite one-sided story we’re getting from “Whale Wars” but according to National Geographic, the whalers have gotten the chance to tell their side of the story, and it would seem likely that they decline because they know full well just what type of scumbags they are… but hey, that’s just my opinion…) they go and do even more disgusting stuff, like using money from the tsunami relief donations to hire security ships to keep the Sea Shepherd Conservation Society away from their dirty business…

:wq

2011w46

Sunday, November 20th, 2011

First of all: this is really disturbing.


Commands and flags

I think I’ve already mentioned watch, and how that could be useful at time (e.g. $ watch -n 10 -d 'ls -l')

I just found out about a value which can optionally be appended to the -d flag: -d=cumulative

It has its own flag as well --cumulative, and quoting the man-page it makes highlighting “sticky”, presenting a running display of all positions that have ever changed.

Also, this week I learnt about sdiff, which seems neat if you’re on a system which doesn’t have vim (and thus vimdiff) installed.

Anoter nice flag I just found for grep is -m <int> which tells grep to stop looking after the INT first matches.

Scripting Vim

Ok, so I’ve been running into this problem where I am using my own .vimrc configuration in other places, in systems where the vim version isn’t the same as the one I use myself.

This has proven problematic as some of the configuration options I use (most notably set cul (which gives me a better indication about which line the cursor is on)) doesn’t exist in … say a vim version less than 7.

Which meant that if I loaded the same .vimrc config on a system running a vim version earlier than 7, I’d get a warning at startup, which I’d have to press enter to pass by. Irritating.

As luck would have it, it isn’t all that difficult to make a little conditional to check which version is currently loading the config and just ignore the settings which won’t work for that version, such as:

if v:version >= 700
    set cul
endif

Links

Finally, at this years FSCONS I was introduced to the site renderfarm.fi where people can go to either contribute CPU-cycles, or get CPU-cycles, (or both) to help speed up rendering.

:wq

FSCONS 2011

Monday, November 14th, 2011

FSCONS 2011 is now over, but fear not, FSCONS 2012 is only about a year away.

All of the participants; volunteers, speakers and visitors alike, whom I’ve had the pleasure of speaking with had only good things to say.

The overall feeling is that this was the best FSCONS yet. I am inclined to agree—but of course I am biased—due to the very low amount of incidents at all.

There were some, which is to be expected, but nothing really major, and nothing showstopping.

There were some close calls, but—and this is one of the many GREAT things about FSCONS: the visitors—in most of the close calls, visitors stepped up, graciously lending their own equipment and thereby saving the day.

And this is what I love about FSCONS. Everyone participating, no matter who they are, what they do, all bring their very best.

That, and getting to meet people I’ve only otherwise known through emails. :)

Finally, rest assured that I have a list of all the small things I observed to be in need of improvement.