Skip to content

Instantly share code, notes, and snippets.

Simon Massey simbo1905

Block or report user

Report or block simbo1905

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@simbo1905
simbo1905 / open-letter.txt
Last active Dec 7, 2018
Re: Starwood Guest Reservation Database Security Incident
View open-letter.txt
Arne,
Thanks for your candid email. I appreciate it.
I am encouraged by the fact that you had AES-128 encrypted data my card payment details. Yet it the fact that
you don't know whether the key was stolen means that we need to assume it was.
What I am concerned about is that you don't need to actually ever store card details if you use the latest
payments technology. Holding "card on file" is a legacy technique. The modern approach given GDPR liability
is to not hold the card details but an encrypted card token. Your card acquirer gateway can then hold the
@simbo1905
simbo1905 / run
Created Nov 29, 2018
OKD openshift randomise which database portal host to use for compose.com high availability
View run
#!/bin/sh -e
if [[ ! -z ${DB_HOST_LIST} ]]; then
echo "Selecting DB_HOST from ${DB_HOST_LIST}"
SELECT_LIST_SEPERATOR=","
SELECT_ARRAY=( ${DB_HOST_LIST//$SELECT_LIST_SEPERATOR/ } )
export DB_HOST="${SELECT_ARRAY[$RANDOM % ${#SELECT_ARRAY[@]}]}"
echo "DB_HOST=${DB_HOST}"
fi
@simbo1905
simbo1905 / config.yml
Last active Dec 2, 2018
compile and test php on circleci using redhat openshift s2i image that matches OCP builds
View config.yml
version: 2.0
jobs:
build:
docker:
- image: "registry.access.redhat.com/rhscl/php-71-rhel7:latest"
steps:
- checkout:
path: /tmp/src/
# Download and cache dependencies
@simbo1905
simbo1905 / question.md
Last active Nov 11, 2018
proposed revised devops question
View question.md

when should a pod run multiple containers and how would container failures be handled?

The kubernetes docs allow for multiple containers in a pod. When might this be a good idea and how are failures handled?

@simbo1905
simbo1905 / java-images-broken-in-chrome.java
Last active Nov 6, 2018
This Java code renders the text "Houcine Salma Bendor" as jpg or png it renders differently
View java-images-broken-in-chrome.java
public static final String FORMAT_NAME = "jpg"; // change me to png!
public final static void generateImage(final String text, final String fileNameWithoutExt) throws Exception {
/*
Because font metrics is based on a graphics context, we need to create
a small, temporary image so we can ascertain the width and height
of the final image
*/
BufferedImage img = new BufferedImage(1, 1, BufferedImage.TYPE_INT_ARGB);
@simbo1905
simbo1905 / GnuPG-2.2.md
Last active Aug 10, 2019 — forked from vt0r/GnuPG-2.2.md
Build/install instructions for GnuPG 2.2.x on Centos 7 and similar distros (formerly for 2.1.x)
View GnuPG-2.2.md

GnuPG 2.2.x Build Instructions

Below are my build instructions for GnuPG 2.2.9, released on July 12th, 2018. These instructions are built for a headless Centos 7 LTS server (specificaly the openshift/base-centos7 docker image).

You use the below install script to install GnuPG 2.2.x by running the following commands:

# if you are root in a docker image:
curl -OL "https://gist.githubusercontent.com/simbo1905/ba3e8af9a45435db6093aea35c6150e8/raw/83561e214e36f6556fd6b1ec0a384cf28cb2debf/install-gnupg22.sh" && bash ./install-gnupg22.sh
# else if you need to sudo to do the installs:
@simbo1905
simbo1905 / commands.sh
Created Jul 2, 2018
create a project on one git server with an upstream elsewhere
View commands.sh
# If there is a repo in, say Heroku, or say BitBucket, and you want to push to it code from GitHub
git remote add upstream git@github.com:hyperledger/indy-sdk.git
# pull everything from upstream clobbering anything local (assumes you start with an empty repo)
git pull -s recursive -X theirs upstream master
@simbo1905
simbo1905 / how-to-start-up-on-openshift.md
Last active Nov 11, 2018
Starting Up On OpenShift with Laravel and ReactJS www.realworld.io demo apps
View how-to-start-up-on-openshift.md

Introduction

This is the code that goes with the presentation at https://docs.google.com/presentation/d/1kQhNGoVdoXhnsfwnsgmEBYMftVYR1Vx8QqdCqWSZXiI

These instructions are how to setup what I demoed in that presentation. It is a realistic backend API and frontend SPA. Due to time constraints my presentation demo will start with a working setup and the section "Some 'real world' things to demo in the presentation". All the steps to set everything up are below.

The demo code we will deploy is part of the www.realworld.io project where different people write alternative interoperable frontends or backends. Below I have chosen ReactJS and Laravel but you could use any of the demo apps that use different langages and frameworksgs

Prerequisites Instructions

@simbo1905
simbo1905 / create-env-secret.sh
Last active Mar 19, 2018
loads an .env file containing key=value environment variables into an openshift secret `NAME=example ./create-env-secret.sh .env`
View create-env-secret.sh
#!/bin/bash
if [ "$NAME" = "" ]
then
echo "You must set NAME of the secet as an env var"
exit 1
else
echo "Creating secet/$NAME"
fi
@simbo1905
simbo1905 / PwnedPaswordsMongoDB.md
Last active Feb 18, 2019
How To Load The HIBP Pwned Passwords Database Into MongoDB
View PwnedPaswordsMongoDB.md

How To Load The HIBP Pwned Passwords Database Into MongoDB

NIST recommends that when users are trying to set a password you should reject those that are commonly used or compromised:

When processing requests to establish and change memorized secrets, 
verifiers SHALL compare the prospective secrets against a list that 
contains values known to be commonly-used, expected, or compromised.

But how do you know what are the compromised passwords? Luckily Troy Hunter put a lot of effort into building the "Have I Been Pwned (HIBP)" database with the SHA1 hashes of 501,636,842 passwords that have been compromised on the internet. Sweet.

You can’t perform that action at this time.