brandongalbraith

Generate Symantec VIP Access Token as OTP

Recently I came across a web service that required two-factor authentication using the Symantec VIP Access App. I already manage all of my OTP tokens in a different app (If you are on iOS I highly recommend using OTP Auth by Roland Moers.) and did not want to have to use yet another app to generate the TOTP.

There is a way to generate a Symantec VIP Access compatible token very easily if you have access to an environment which can run Python PIP. I happen to have Ubuntu Windows Subsystem Linux running on my machine. (If you are running Windows 10 and don't have this you should really check it out.) Let's get started...

hello

Instructions

Here we install python3-pip and qrencode so we can generate our secret, I

brandongalbraith

Overview

This gist details how to create or restore a disk image in Mac OSX. There are three methods that are described: Carbon Copy Cloner, Disk Utility, and CommandLine.

• Disclaimer:
  • I have no financial incentives to https://bombich.com or Apple.
  • Always make a backup of your data, and make 2 separate backups before trying something new.
  • The following steps have been tested and are a summary of my personal recommendations, but should be used at your own risk.
  • If there is a chance of imminent data loss, contact a professional for assistance, and do not rely on a random person from the Internet for help.

Method 1: Carbon Copy Cloner (CCC)

brandongalbraith

FROM hayd/alpine-deno:1.10.1
WORKDIR /src/app

ADD deps.ts ./
RUN ["deno", "cache", "deps.ts"]

ADD *.ts ./
RUN ["deno", "cache", "mod.ts"]

ENTRYPOINT ["deno", "run", "--unstable", "--allow-net", "--allow-hrtime", "--allow-env", "--cached-only", "--no-check", "mod.ts"]

brandongalbraith

GENERAL TODO:

• The examples are all over the place. They need to be more consistent.
• Check that x-archive-queue-derive header. I just skimmed it and it doesn't seem right.
• Investigate getting an "ias3support@archive.org" address for support requests
• Some of the standard metadata fields are repeatable, some are not. State this in the descriptions.
• Excellent Hank idea: Quick Start (TL;DR) section to avoid all the gory details
• Dang, but this damn thing is hard to read. Will that get better when it gets converted to the PHP wrapper? I have my doubts. May need a some quick George love to give tips for better readability.
• All the other 'foo' (read: green) bits below

brandongalbraith

hashlookup.circl.lu

CIRCL hash lookup is a public API to lookup hash values against known database of files. NSRL RDS database is included. More database will be included in the future. The API is accessible via HTTP ReST API and the API is also described as an OpenAPI.

Get information about the hash lookup database (via ReST)

curl -X 'GET' \
  'https://hashlookup.circl.lu/info' \
 -H 'accept: application/json'

brandongalbraith

Generating Authy passwords on other authenticators

---

There is an increasing count of applications which use Authy for two-factor authentication. However many users who aren't using Authy, have their own authenticator setup up already and do not wish to use two applications for generating passwords.

Since I use 1Password for all of my password storing/generating needs, I was looking for a solution to use Authy passwords on that. I couldn't find any completely working solutions, however I stumbled upon a gist by Brian Hartvigsen. His post had a neat code with it to generate QR codes for you to use on your favorite authenticator.

His method is to extract the secret keys using Authy's Google Chrome app via Developer Tools. If this was not possible, I guess people would be reverse engineering the Android app or something like that. But when I tried that code, nothing appeared on the screen. My guess is that Brian used the

brandongalbraith

# gem install crack rest-client fastercsv
require 'rubygems'
require 'crack'
require 'rest_client'
require 'fastercsv'

# To use, get an access token here, by clicking "get access token" 
# and checking user.groups in the dialog box
# https://developers.facebook.com/tools/explorer?method=GET&path=209024949216061%2Ffeed
#

brandongalbraith

#!/usr/bin/env bash
# Takes a YouTube URI to a playlist (fairly liberal, it's fine as long
# as the playlist id can be extracted), and prints a list of URIs in a
# YouTube playlist.
#
# Requires youtube-dl 2014.10.24, tested on youtube-dl
# 2014.11.02.1. Feature subject to change.
youtube-dl -j --flat-playlist "$1" | jq -r '.id' | sed 's_^_https://youtube.com/v/_'

brandongalbraith

#!/usr/bin/env ruby

# you must have SoX installed to generate touch tones
# brew install sox

# also, whatever application you run this script from will need to be authorized
# to control your computer, via System Preferences > Privacy > Accessibility

# finally, don't run this with headphones plugged in :)

brandongalbraith

Turning PostgreSQL into a queue serving 10,000 jobs per second

RDBMS-based job queues have been criticized recently for being unable to handle heavy loads. And they deserve it, to some extent, because the queries used to safely lock a job have been pretty hairy. SELECT FOR UPDATE followed by an UPDATE works fine at first, but then you add more workers, and each is trying to SELECT FOR UPDATE the same row (and maybe throwing NOWAIT in there, then catching the errors and retrying), and things slow down.

On top of that, they have to actually update the row to mark it as locked, so the rest of your workers are sitting there waiting while one of them propagates its lock to disk (and the disks of however many servers you're replicating to). QueueClassic got some mileage out of the novel idea of randomly picking a row near the front of the queue to lock, but I can't still seem to get more than an an extra few hundred jobs per second out of it under heavy load.

So, many developers have started going straight t