I hereby claim:
- I am tmaher on github.
- I am tmaher (https://keybase.io/tmaher) on keybase.
- I have a public key whose fingerprint is 2AD0 A4DB 0902 723F C4D9 6822 4BFE 8812 168D E27B
To claim this, I am signing this object:
Bringing machine 'default' up with 'virtualbox' provider... | |
==> default: Importing base box 'hashicorp/precise64'... | |
[KProgress: 40% | |
[KProgress: 50% | |
[KProgress: 60% | |
[KProgress: 70% | |
[KProgress: 80% | |
[KProgress: 90% | |
[K==> default: Matching MAC address for NAT networking... |
I hereby claim:
To claim this, I am signing this object:
-----BEGIN PGP PUBLIC KEY BLOCK----- | |
Version: GnuPG v2 | |
mQINBFeb/F4BEADjge8NMIjskol4Kwb7VfGLuO+KafjIGzfxsT9hakm5sAwLAR82 | |
vljFauyrBhv/3SbkCxApRoIFT3QCdF8Yspw+H4nc2AtThGNBLayR0ekKCGeeI2fL | |
J5N6iwsFgXX5dptfKgKeYUd6d1BNN6ZlqyX+CSIhZvsAFruk0BrdFVl2jq4LVQzD | |
m8ov5GpmT/2ckd3zdA9BqUOHadTNX40BXAXK2if90xSS5mhtufGDox25FPe6os2F | |
HAbh1ynd33B4j85+eSSb1hhfduKhk4uIBYw1jR0DEi8mRnGgRtKCFPcn7x9R9mvd | |
vICJRSHxshVakWJJJiU6srxN1V67AzgYOunnZWZAXdHIJ5I0XibA7xi8WpRJzygy | |
RytKMyOOo2pIPHV6nukMABPvv7NWU921iM3P8mqIcI7t1SEIagUm92owmY3pf+VM |
#!/usr/bin/env ruby -wKU | |
# | |
# by Kelan Champagne http://yeahrightkeller.com | |
# with edits by sjschultze | |
# and advanced metadata handling by lukf | |
# | |
# A script to generate a personal podcast feed, hosted on Dropbox | |
# | |
# Inspired by http://hints.macworld.com/article.php?story=20100421153627718 | |
# |
## The quick-and-nasty CVE-2013-0156 Heroku inspector! | |
## Originally brought to you by @elliottkember with changes by @markpundsack @ Heroku | |
## Download and run using: | |
## ruby heroku-CVE-2013-0156.rb | |
`heroku list`.split("\n").each do |app| | |
app = app.strip | |
# Some "heroku apps" lines have === formatting for grouping. They're not apps. | |
next if app[0..2] == "===" |
http://samuel.kadolph.com/2011/03/store-your-git-https-passwords-in-your-os-x-keychain/
Abstract (what the kids these days call "tl;dr"): Attempting to prevent malicious code, executing under your account, from reading your MacOS Keychain passwords is doomed to failure and will result in pointless UX inconvenience. Solution: Don't execute malicious code.
I'm greatly appreciative of Mr. Kadolph's git-password helper program. Requiring people to repeatedly enter their password is a wretched idea. Aside from the horrible user experience, it discourages the use of high-random passwords (e.g., dd if=/dev/urandom bs=16 count=1 | openssl base64
). LastPass's excellent password generator uses approximately this technique, as do I personally. If actually typing my github password is a rare event, and the password isn't something I can memorize, then the odds of my being phished or it getting spied on by a keystroke logger are markedly reduced.
In the explanation for why he chose to implement it in C, he right