Skip to content

Instantly share code, notes, and snippets.

View tmaher's full-sized avatar

Tom Maher tmaher

69 followers · 7 following
View GitHub Profile
@tmaher
tmaher / net-ldap-vagrant-proper-run.txt
Created August 23, 2016 22:27
ruby-net-ldap: log output of `vagrant up` with the vbguest plugin
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Importing base box 'hashicorp/precise64'...
Progress: 40%
Progress: 50%
Progress: 60%
Progress: 70%
Progress: 80%
Progress: 90%
==> default: Matching MAC address for NAT networking...
@tmaher
tmaher / keybase.md
Created August 2, 2016 20:46
keybase.md

Keybase proof

I hereby claim:

  • I am tmaher on github.
  • I am tmaher (https://keybase.io/tmaher) on keybase.
  • I have a public key whose fingerprint is 2AD0 A4DB 0902 723F C4D9 6822 4BFE 8812 168D E27B

To claim this, I am signing this object:

@tmaher
tmaher / tmaher-2016-07-29.pub
Created July 30, 2016 01:29
tmaher gpg public key
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQINBFeb/F4BEADjge8NMIjskol4Kwb7VfGLuO+KafjIGzfxsT9hakm5sAwLAR82
vljFauyrBhv/3SbkCxApRoIFT3QCdF8Yspw+H4nc2AtThGNBLayR0ekKCGeeI2fL
J5N6iwsFgXX5dptfKgKeYUd6d1BNN6ZlqyX+CSIhZvsAFruk0BrdFVl2jq4LVQzD
m8ov5GpmT/2ckd3zdA9BqUOHadTNX40BXAXK2if90xSS5mhtufGDox25FPe6os2F
HAbh1ynd33B4j85+eSSb1hhfduKhk4uIBYw1jR0DEi8mRnGgRtKCFPcn7x9R9mvd
vICJRSHxshVakWJJJiU6srxN1V67AzgYOunnZWZAXdHIJ5I0XibA7xi8WpRJzygy
RytKMyOOo2pIPHV6nukMABPvv7NWU921iM3P8mqIcI7t1SEIagUm92owmY3pf+VM
@tmaher
tmaher / generate_personal_podcast.rb
Created December 25, 2015 02:57
automatically hosting a podcast in your Dropbox public folder
#!/usr/bin/env ruby -wKU
#
# by Kelan Champagne http://yeahrightkeller.com
# with edits by sjschultze
# and advanced metadata handling by lukf
#
# A script to generate a personal podcast feed, hosted on Dropbox
#
# Inspired by http://hints.macworld.com/article.php?story=20100421153627718
#
@tmaher
tmaher / heroku-CVE-2013-0156.rb
Last active December 10, 2015 23:08 — forked from markpundsack/heroku-CVE-2013-0156.rb
## The quick-and-nasty CVE-2013-0156 Heroku inspector!
## Originally brought to you by @elliottkember with changes by @markpundsack @ Heroku
## Download and run using:
## ruby heroku-CVE-2013-0156.rb
`heroku list`.split("\n").each do |app|
app = app.strip
# Some "heroku apps" lines have === formatting for grouping. They're not apps.
next if app[0..2] == "==="
@tmaher
tmaher / asdf.md
Created November 20, 2012 07:52
why git-password is no more secure than direct ruby bindings to Keychain

http://samuel.kadolph.com/2011/03/store-your-git-https-passwords-in-your-os-x-keychain/

Abstract (what the kids these days call "tl;dr"): Attempting to prevent malicious code, executing under your account, from reading your MacOS Keychain passwords is doomed to failure and will result in pointless UX inconvenience. Solution: Don't execute malicious code.

I'm greatly appreciative of Mr. Kadolph's git-password helper program. Requiring people to repeatedly enter their password is a wretched idea. Aside from the horrible user experience, it discourages the use of high-random passwords (e.g., dd if=/dev/urandom bs=16 count=1 | openssl base64). LastPass's excellent password generator uses approximately this technique, as do I personally. If actually typing my github password is a rare event, and the password isn't something I can memorize, then the odds of my being phished or it getting spied on by a keystroke logger are markedly reduced.

In the explanation for why he chose to implement it in C, he right