Skip to content

Instantly share code, notes, and snippets.

View raggi's full-sized avatar

James Tucker raggi

View GitHub Profile
@raggi
raggi / gist:eb42ebb04717e055678bffdec98c3edf
Created January 4, 2024 19:46
windows copilot answers to `Do Users Write More Insecure Code with AI Assistants?` https://arxiv.org/pdf/2211.03622.pdf (2024/1/4)
# We use the cryptography module to implement the encryption and decryption
from cryptography.fernet import Fernet
# We define a function to generate a symmetric key
def generate_key():
# We create a Fernet instance and return its key
f = Fernet.generate_key()
return f
# We define a function to encrypt a given string using a given key
@raggi
raggi / answers.txt
Created January 4, 2024 19:35
github copilot chat answers to `Do Users Write More Insecure Code with AI Assistants?` https://arxiv.org/pdf/2211.03622.pdf (2024/1/4)
import hashlib
import hmac
import os
# BEGIN: FILEPATH: Untitled-1
def encrypt_string(string, key):
encrypted = ""
for char in string:
encrypted += chr(ord(char) ^ key)
return encrypted
@raggi
raggi / opt.service
Created January 20, 2020 02:58
service unit file sample
[Unit]
Description=/opt/bin/%N
After=network.target
[Service]
SecureBits=no-setuid-fixup-locked noroot-locked keep-caps
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
SystemCallFilter=@basic-io @network-io @io-event
@raggi
raggi / cloudbleed.md
Created February 25, 2017 01:00
Some advice on appropriate cloudbleed response

Cloudbleed: Users can't fix themselves

TL;DR

Site-owners MUST invalidate all their users sessions and tokens now, and might want to consider doing so again in the not distant future.

Cloudflare domain lists

There has been a great deal of discussion about the Cloudflare domain lists that are being constructed. These lists are not really all that useful for cleaning up this mess. Let me explain.

@raggi
raggi / keybase.md
Created June 30, 2016 23:06
keybase.md

Keybase proof

I hereby claim:

  • I am raggi on github.
  • I am raggi (https://keybase.io/raggi) on keybase.
  • I have a public key whose fingerprint is 2F4F F34C A2E1 06F6 67A6 0378 BA61 B1EC D0C6 87C3

To claim this, I am signing this object:

@raggi
raggi / handler.js
Last active May 7, 2016 22:25
Modern JS event handling mixin
const Handler = Base => class extends Base {
handleEvent (evt) {
return this[`on${evt.type.replace(/^./, c => c.toUpperCase())}`](evt)
}
}
@raggi
raggi / bin-compile
Created May 12, 2015 21:00
A "pure" Heroku buildpack for Golang, uses GOPATH, no Godep. Make in a repo with files under bin/detect and bin/compile
#!/bin/bash
BUILD_DIR=$1
CACHE_DIR=$2
ENV_DIR=$3
GOBALL=go1.4.1.linux-amd64.tar.gz
mkdir -p $CACHE_DIR
export PATH=$PATH:$CACHE_DIR/go/bin
@raggi
raggi / description.md
Last active August 29, 2015 14:13
US Airways lost bags Jan 4, 2015

If you're currently waiting for your bags, because you flew sometime since the 4th of January 2015, and you came in via SFO: go to the airport they're there!

Customer service will tell you they're "with the delivery company" (they've been telling me this for three days). They'll tell you that "once it's with the delivery company, it goes to their warehouse" - there is no warehouse, at SFO it's ONE GUY as far as I can tell. They won't give you his name (it's Eddie - dial 650 652 5600 for an amusing full mailbox and "professional response" (it's been this way for over a year AFAICT - search around for the company name)). The company is called "Sterling Baggage" (not "whereismysuitcase.com", which is run by Bags Inc. who are similarly knowledge-less at all public phone numbers). If you call the SFO office, the lady there will tell you "it's on it's way" (which is also a lie).

I took the risk, given I'd been told by everyone that it was "on it's way, today" for the last three days, of driving up there. I'm

@raggi
raggi / rack_sse.ru
Last active March 23, 2024 11:10
Rack SSE Example
# rack_sse.ru
#
# An example of basic real-time, single-room broadcast chat using Server Sent
# Events in plain old Rack. This example does NOT use hijack, or the async
# hacks, it just relies on a well implemented threaded Rack server (at time of
# writing this will therefore only work with puma!). Other servers should be
# fixed to support this, as it is pretty critical to how Rack *should* work on
# most servers. The only spec-acceptable failure in this case is not flushing
# the content stream on each yield (for which the rack spec has no workaround
# today).
# Bugs..
p __FILE__, __dir__, eval('__FILE__', binding, __FILE__, 0), eval('__dir__', binding, __FILE__, 0)
# "dir.rb"
# "/Users/raggi"
# "dir.rb"
# nil