Darren Olivier darrenolivier
This isn't a guide about locking down homebrew so that it can't touch the rest of your system security-wise.
This guide doesn't fix the inherent security issues of a package management system that will literally yell at you if you try to do something about "huh, maybe it's not great my executables are writeable by my account without requiring authorization first".
But it absolutely is a guide about shoving it into its own little corner so that you can take it or leave it as you see fit, instead of just letting the project do what it likes like completely taking over permissions and ownership of a directory that might be in use by other software on your Mac and stomping all over their contents.
By following this guide you will:
- Never have to run
sudoto forcefully change permissions of some directory to be owned by your account
These are notes from my efforts to get Ubuntu 20.04 installed on my older MacBook Pro. I'm making this gist public in the hopes that it's helpful to others.
I did a Minimal install, but selected the option to install additional 3rd-party drivers.
Wifi doesn't work during the install (because it requires a 3rd-party driver), so you won't be able to choose to download updates while installing. No big deal, run a software update after the install.
The installer takes about 25 minutes to complete. Post-install, most things work. The only driver I had to manually install was for the FaceTime camera. More on that below.
| FROM alpine:latest as builder | |
| LABEL maintainer="@singe at SensePost <research@sensepost.com>" | |
| RUN apk update && apk --no-cache add \ | |
| build-base \ | |
| && rm -rf /var/cache/apk/* | |
| WORKDIR / | |
| COPY yellow.c canary32.c canary32.h / | |
| RUN gcc -o yellow yellow.c canary32.c |
I still enjoy using Apple products and prefer them over alternatives, but in recent years, an increasing number of small bugs has made using them less pleasant. No single bug is fatal, but they add up. I wanted to document them to make it more likely that they will be fixed.
There are two main topics:
- Many small unnecessary bugs
- Strategy tax
This week NN Group released a video by Jakob Nielsen in which he attempts to help designers deal with the problem of customers being resistant to their new site/product redesign. The argument goes thusly:
- Humans naturally resist change
- Your change is for the better
- Customers should just get used to it and stop complaining
There's slightly more to it than that, he caveats his argument with requiring you to have of course followed their best practices on product design, and allows for a period of customers being able to elect to continue to use the old site, although he says this is obviously only a temporary solution as you don't want to support both.
| GOAL: Send a push notification after the (vibrations from the) dryer cycle has completely stopped. | |
| USING: | |
| * Inexpensive hardware (see below) | |
| * ESPhome (http://esphome.io) for chip firmware | |
| * Home Assistant (http://hass.io) for sensor state machine and push notification. | |
| --- | |
| SHOPPING LIST: |
I've just stolen HypnZA list of suggested links and added a few others by various people. (Please feel free to send me other links/info you think might be useful to add.)
HypnZA's commonly shared list (in the correct order):
- https://www.hacksplaining.com
- https://pentesterlab.com/exercises/web_for_pentester and https://pentesterlab.com/exercises/web_for_pentester_II
- Watch Ippsec's HackTheBox videos from oldest to newest, but attempt the box in the video before watching the video (requires a paid hackthebox account to access the machines in the videos)
| package main | |
| import ( | |
| "context" | |
| "flag" | |
| "fmt" | |
| "log" | |
| "net/http" | |
| "os" | |
| "os/signal" |