-
System Prefs > Security & Privacy > Turn on filevault
-
System Prefs > Trackpad > Scroll & Zoom > Uncheck “Scroll direction: Natural”
-
System Prefs > Energy Saver > Turn off display after: 20 minutes
-
Install security updates
<!DOCTYPE html> | |
<!-- Demonstration of how a JavaScript redirect can be used as an XSS --> | |
<!-- For more more detail see https://subfn.net --> | |
<!-- Authored by Charles H ("subfn") <chooper@plumata.com> --> | |
<html> | |
<head> | |
<title>Testing JS redirect as XSS vector</title> | |
<script> | |
function goNext() { | |
current_url = new URL(window.location.href); |
#!/bin/bash | |
# Get the insertions and deletions for the last six months | |
git log --since 'last 6 months' --shortstat master > stats.log |
Greetings,
I am writing today to propose that redis should be able to support more than a single password. I know that many authentication and authorization schemes have been raised here before, but what makes this proposal different is that this is expressly for the purpose of supporting credrolls. This, I believe, will lead to a simpler implementation that will maintain many of the current behaviors.
Credrolls, or credential rotations, are difficult with the "single password only" scheme today. Currently, consumers of the redis server must expect to have failed requests for a short window while Redis passwords are being changed or they must be extended to be able to try multiple passwords when making requests. Today a credroll works by:
-
Changing the redis password:
requirepass newpassword
-
Updating all of the consumers to use the new password
sub@asdf:~$ time curl http://localhost:8080/?usernames=chuckbang,foxhop,japherwocky | |
[{"url":"http://steamcommunity.com/id/foxhop/","steamid":"76561197960708678","personaname":"Foxhop","summary":"No information given.","ingame":""},{"url":"http://steamcommunity.com/id/japherwocky/","steamid":"76561198049551053","personaname":"japherwocky","summary":"No information given.","ingame":"Team Fortress 2"},{"url":"http://steamcommunity.com/id/chuckbang/","steamid":"76561197961485911","personaname":"chuck!","summary":"No information given.","ingame":"Counter-Strike: Global Offensive"}] | |
real 0m0.468s | |
user 0m0.004s | |
sys 0m0.012s |
I hereby claim:
- I am chooper on github.
- I am charleshooper (https://keybase.io/charleshooper) on keybase.
- I have a public key whose fingerprint is D034 0F79 3E71 7C53 DAC9 0388 5829 17FE 9FAD DAA9
To claim this, I am signing this object:
if (is_level_acceptable(cert, issuer, sigalg, flags) == 0) { | |
gnutls_assert(); /* this didn't exist before */ | |
out = | |
GNUTLS_CERT_INSECURE_ALGORITHM | | |
GNUTLS_CERT_INVALID; | |
if (output) | |
*output |= out; | |
result = 0; | |
goto cleanup; /* or this */ | |
} |
source "http://rubygems.org" | |
gem "stripe" |
sub@asdf:~/projects/fsm$ irb -I | |
irb(main):001:0> require './door.rb' | |
=> true | |
irb(main):002:0> front_door = Door.new | |
=> #<Door:0x00000001913ab0 @state="closed"> | |
irb(main):003:0> front_door.open_ | |
Transition: closed => open | |
=> true | |
irb(main):004:0> front_door.close | |
Transition: open => closed |
Ideas are cheap. Make a prototype, sketch a CLI session, draw a wireframe. Discussions around concrete examples, not handy-waving abstractions. Don't say you did something, provide a URL that proves it.
Nothing is real until it's being used by a real user. This doesn't mean you make a prototype in the morning and blog about it in the evening. It means you find one person you believe your product will help and try to get them to use it.