Skip to content

Instantly share code, notes, and snippets.

Avatar

Mike Tigas mtigas

View GitHub Profile
View gini-1.py
from __future__ import division
def gini(population):
"""
https://en.wikipedia.org/wiki/Gini_coefficient#Calculation
see "This may be simplified to:"
"""
pop = sorted(population)
n = len(pop)
View keybase.md

Keybase proof

I hereby claim:

  • I am mtigas on github.
  • I am mtigas (https://keybase.io/mtigas) on keybase.
  • I have a public key whose fingerprint is 4034 E60A A782 7C5D F21A 89AA A993 E715 6E0E 9923

To claim this, I am signing this object:

View dnsmasq.conf
#server=127.0.0.1#9053
server=8.8.8.8
server=8.8.4.4
domain-needed
bogus-priv
listen-address=127.0.0.1
no-resolv
local-ttl=300
neg-ttl=3600
@mtigas
mtigas / nginx.conf
Last active Nov 4, 2020
Nginx configuration for securedrop.propublica.org. (Based on Ubuntu 13.10 / Nginx 1.4.1 default config.)
View nginx.conf
# This configuration file is provided on an "as is" basis,
# with no warranties or representations, and any use of it
# is at the user's own risk.
#
# You will need to edit domain name information, IP addresses for
# redirection (at the bottom), SSL certificate and key paths, and
# the "Public-Key-Pins" header. Search for any instance of "TODO".
user www-data;
worker_processes 4;
View gist:8591092
$ alias openssl="`brew --prefix openssl`/bin/openssl"
$ openssl version
OpenSSL 1.0.1h 5 Jun 2014
$ openssl ciphers -v 'kEECDH+ECDSA+AESGCM kEECDH+AESGCM kEECDH+ECDSA+AES256 kEECDH+ECDSA+AES128 kEECDH+AES256 kEECDH+AES128 kEDH+AESGCM kEDH+AES256 kEDH+AES128 DES-CBC3-SHA +SHA !aNULL !eNULL !LOW !MD5 !EXP !DSS !PSK !SRP !kECDH !CAMELLIA !RC4 !SEED'
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
@mtigas
mtigas / ciphertest.sh
Last active Feb 12, 2018
test what SSL ciphersuites a given server supports
View ciphertest.sh
#!/usr/bin/env bash
#
# Modified version of http://superuser.com/a/224263
#
# You should make sure you have an OpenSSL 1.0.1+ installed. (Mac OS X? Use homebrew.
# This script automatically hooks into homebrew's installation of 1.0.1e, see line 22.)
#
#######
#
# usage:
View 0.txt
-Step 1: basic HTML skeleton for a full-screen map
-Step 2: initialize a map
-Step 3: add a tile layer
-Step 4: Add a marker
-Step 5: Add a line
-Step 6: Add a polygon
-Step 7: Styling: add a polygon with different styling
-Step 8: Click/hover
-On click, re-center map
-On hover, change styling of polygon
View btsync_key.py
#!/usr/bin/env python
#coding=utf-8
"""
btsync_key.py
generates keys of abitrary size, for bittorrent sync[1].
btsync uses a 32-char key as the secret identifier for a shared folder,
but this key actually be a Base64 string of any length > 40.[2] so
this script allows you to generate stronger keys than otherwise
possible.
@mtigas
mtigas / 01.md
Last active Sep 25, 2020
HTTPS / SSL certificate config stuff
View 01.md

Normal SSL cert

export DATE=`date +"%Y%m"`
export SITENAME="mike_tig_as"
export KEYNAME="$DATE-$SITENAME"

# Generate private key, make it have no password.
# change to 2048 if you want compatibility with CDNs / aws cloudfront / load balancers, etc
openssl genrsa -aes256 -passout pass:xxxx -out "${KEYNAME}.pass.key" 4096
openssl rsa -passin pass:xxxx -in ${KEYNAME}.pass.key -out ${KEYNAME}.key
View 0.md

Moved to http://www.propublica.org/nerds/item/is-the-u.s.-government-behind-torsploit

A new version of this report is located at ProPublica. Includes more detail and a comment from Susan Prosser, Vice President of Industry Relations at DomainTools, about the how the DomainTools "IP Explorer" tool gathers the "C block owner" value.


The new version mostly just adds information, but previous versions of this gist can still be seen at the "Revisions" button to the left. Earlier versions should be considered draft quality.


You can’t perform that action at this time.