Skip to content

Instantly share code, notes, and snippets.

View jwilkins's full-sized avatar

Jonathan Wilkins jwilkins

179 followers · 192 following
  • San Francisco, CA
View GitHub Profile
@jwilkins
jwilkins / keybase proof polyclef
Created September 23, 2017 18:55
### Keybase proof
I hereby claim:
* I am jwilkins on github.
* I am polyclef (https://keybase.io/polyclef) on keybase.
* I have a public key ASDqbe-Caz_CYQdPy5mKJ_H1Rgkn9q8jIyoVYE74v2kIzQo
To claim this, I am signing this object:
@jwilkins
jwilkins / nginx-non-transparent-ssl-proxy.md
Created March 31, 2017 19:24 — forked from dannvix/nginx-non-transparent-ssl-proxy.md
Guide to set up nginx as non-transparent SSL proxy, which subsitutes strings in the server responses

Use nginx as Non-Transparent SSL Proxy

Introduction

Many mobile apps have back-end API servers. They usually rely on the API replies to determine whether certain information is supposed to be shown. If the API responses could be manipulated on the fly, we may easily fool an unmodified app to expose some private data.

This manual guides you to set up nginx as non-transparent SSL proxy, which just subsitutes strings in the server responses (i.e. man-in-the-middle attack ourself). For both server-side (their API servers) and client-side (your device), the whole process is almost transparent.

@jwilkins
jwilkins / finex.md
Created August 6, 2016 04:03 — forked from dooglus/finex.md
@jwilkins
jwilkins / useful_commands.md
Created October 7, 2015 22:01
Useful commands
@jwilkins
jwilkins / androidshell.md
Last active August 29, 2015 14:27 — forked from zhengzhou/androidshell.md

============

MAPS

Debug KeyStore

keytool -list -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android

ADB

@jwilkins
jwilkins / gist:a868efc4d88f7515357b
Last active August 29, 2015 14:17 — forked from petertodd/gist:2ec211f86c2cc8ede377
NOTE: sounds decent for desktops/laptops, but servers gain no benefit (and are presumed to be out of scope) - jwilkins
> - floating ADC inputs, as Peter suggested;
> - five independent RC oscillators.
I've got another idea that requires no extra hardware. I think has a
solid theoretical basis which I've explored below in sufficient detail
to raise suspicions that I miss my old line of work:
tl;dr: Record the dt time between button clicks, adding dt to the
@jwilkins
jwilkins / gist:3943d3d1a4ea36f37f2d
Last active August 29, 2015 14:16
mining
http://www.reddit.com/r/Bitcoin/comments/2k7a46/sidechains_merge_mining_and_mining_centralization/clj1sls
https://bitcointalk.org/index.php?topic=205533.msg2149057#msg2149057
https://bitcointalk.org/index.php?topic=206303.0;all
http://www.reddit.com/user/adam3us
http://www.reddit.com/user/nullc
http://www.reddit.com/user/pwuille/
https://bitcointalk.org/index.php?action=profile;u=101601
https://en.bitcoin.it/wiki/User:Gmaxwell/alt_ideas
@jwilkins
jwilkins / gist:c298e419b6483aadd181
Created February 13, 2015 23:00
public pgp key ids == 0x00000000
gpg --keyserver pgp.mit.edu --recv-keys 00000000
gpg: requesting key 00000000 from hkp server pgp.mit.edu
gpg: key 00000000: public key "Thorsten Rapp <Thorsten@giblicht.de>" imported
gpg: key 00000000: public key "Julian Blake Kongslie (Born 1985-Mar-03 in Portland, OR, USA)" imported
gpg: key 00000000: public key "Nicolas Le Gland <nicolas@legland.fr>" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 3 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 3u
gpg: depth: 1 valid: 1 signed: 0 trust: 1-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2017-12-21
gpg: Total number processed: 3
@jwilkins
jwilkins / gist:5c64b6a23327e56de86c
Last active August 29, 2015 14:14 — forked from jstray/gist:fe34b6b7079c6bf15dc1

Journalism can be a high-risk activity, and some stories are a lot riskier than others. In a part one we covered the digital security precautions that every journalist should take. If one of your colleagues uses weak passwords or clicks on a phishing link, more sophisticated efforts are wasted. But assuming that everyone you are working with is already up to speed on basic computer security practice, there's a lot more you can do to provide security for a specific, sensitive story.

This work begins with thinking through what it is you have to protect, and from whom. This is called threat modeling and is the first step in any security analysis. The goal is to construct a picture -- in some ways no more than an educated guess -- of what you're up against. There are many ways to do this, but this post is structured around four basic questions.

  • What do you want to keep private?
  • Who wants to know?
  • What can they do to fi
@jwilkins
jwilkins / supermicro-mount-iso.sh
Last active August 29, 2015 14:12 — forked from DavidWittman/supermicro-mount-iso.sh
#!/usr/bin/env bash
# Loads and mounts an ISO over SMB via the
# SuperMicro IPMI web interface
#
# usage: supermicro-mount-iso.sh <ipmi-host> <smb-host> <path>
# e.g.: supermicro-mount-iso.sh 10.0.0.1 10.0.0.2 '\foo\bar\windows.iso'
set -x