Instantly share code, notes, and snippets.


Not all random values are created equal - for security-related code, you need a specific kind of random value.

A summary of this article, if you don't want to read the entire thing:

  • Don't use Math.random(). There are extremely few cases where Math.random() is the right answer. Don't use it, unless you've read this entire article, and determined that it's necessary for your case.
  • Don't use crypto.getRandomBytes directly. While it's a CSPRNG, it's easy to bias the result when 'transforming' it, such that the output becomes more predictable.
  • If you want to generate random tokens or API keys: Use uuid, specifically the uuid.v4() method. Avoid node-uuid - it's not the same package, and doesn't produce reliably secure random values.
  • If you want to generate random numbers in a range: Use random-number-csprng.

You should seriously consider reading the entire article, though - it's


Use React with Gulp, Browserify and Babelify. This allows you to use React in jsx & node.js style. It let's you use require('module') in your JavaScript. Babelify will transform the jsx code to JavaScript code.


gulp build-react

This will generate a main.min.js file in the build directory with sourcemaps.


View pbkdf2dotnetsample.cs
public class PasswordHash
public const int SaltByteSize = 24;
public const int HashByteSize = 20; // to match the size of the PBKDF2-HMAC-SHA-1 hash
public const int Pbkdf2Iterations = 1000;
public const int IterationIndex = 0;
public const int SaltIndex = 1;
public const int Pbkdf2Index = 2;
public static string HashPassword(string password)
View ConfusedDDD.fs
module Person =
open System
type PersonState = private { id: Guid; name: string; age: int}
let createPerson id name age = {id = id; name = name; age = age}
let changeName name personState = {personState with name = name}
let changeAge age personState =
// some crazy business rule involving age
{personState with age = age}
module SomeOtherModule =
View nextTick.js
// Only add setZeroTimeout to the window object, and hide everything
// else in a closure.
(function() {
var timeouts = [];
var messageName = "zero-timeout-message";
// Like setTimeout, but only takes a function argument. There's
// no time argument (always zero) and no arguments (you have to
// use a closure).
function setZeroTimeout(fn) {

How to set a fixed MAC address on a TAP interface (OpenVPN client) on Tomato Firmware


Using the lladdr 00:11:22:33:44:55 option in the OpenVPN client custom configuration form doesn't change the MAC of the tap interface.


Paste this in the custom configuration box:

script-security 2
View .gitattributes
*.js diff="javascript"
initialize: ->
@bind 'all', @_trackPageview
_trackPageview: ->
url = Backbone.history.getFragment()
_gaq.push(['_trackPageview', "/#{url}"])
View gist:1599013
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data.SqlClient;
using Dapper;
// to have a play, install Dapper.Rainbow from nuget
View Get-FileEncoding.ps1
function Get-FileEncoding($Path) {
$bytes = [byte[]](Get-Content $Path -Encoding byte -ReadCount 4 -TotalCount 4)
if(!$bytes) { return 'utf8' }
switch -regex ('{0:x2}{1:x2}{2:x2}{3:x2}' -f $bytes[0],$bytes[1],$bytes[2],$bytes[3]) {
'^efbbbf' { return 'utf8' }
'^2b2f76' { return 'utf7' }
'^fffe' { return 'unicode' }
'^feff' { return 'bigendianunicode' }