Update: Kyle Spearrin, the lead developer of Bitwarden, contacted me regarding this blog post. Some issues (unnecessary loading of resources from CDNs and disclosure of my email address to a third-party without confirmation) have already been resolved. Mitigations for other issues were already in place, although I haven’t had time to confirm this yet. I’ll update this […]
I cobbled together a unixy command / application launcher and auto-typer. I’ve dubbed it Lurch. Features: Fuzzy filtering as-you-type. Execute commands. Open new browser tabs. Auto-type into currently focussed window Auto-type TOTP / rfc6238 / two-factor / Google Authenticator codes. Unixy and composable. Reads entries from stdin. You can use and combine these features to […]
Disclaimer: There is no actual profit. That was just one of those clickbaity things everybody seems to like so much these days. Also, it’s not really fun. Alright, on with the show! A common practice is to add users that need to run Docker containers on your host to the docker group. For example, an […]
Thinking about using the grsecurity linux kernel hardening patches? Better check with your legal team. Not only are they likely violating the GPLv2 with their patch-set, but if you point out that, in your opinion, they are violating the GPLv2, they’ll sue you. And not only you, but anybody that is even remotely involved in […]
Another case of online theft whereby the attacker takes over a victim’s phone and performs an account reset through SMS has just hit the web. This is the sixth case I’ve read about, but undoubtedly there are many many more. In this case, the victim only lost $200. In other cases, victims have lost thousands […]
Getting HTTP error 429 when trying to call Reddit APIs or .json endpoints? Try changing your User Agent header to something else. Reddit bans based on user agent.
Sometimes other people change configurations on machines that I help administer. Unfortunately, I wouldn’t know when they changed something or what they changed. There are many tools available to track configuration changes, but most are way overpowered. As a result they require too much time to set up and configure properly. All I want is […]
UPnP stands for Universal Plug and Play. It’s a standard for discovering and interacting with services offered by various devices on a network. Common examples include: Discovering, listing and streaming media from media servers Controlling home network routers: e.g. automatic configuration of port forwarding to an internal device such as your Playstation or XBox. In this […]
Recently I suddently couldn’t log into Openvas v8 running on Ubuntu 14.04 anymore. Nothing had changed about the machine (as far as I knew), but I got the following message when trying to log in with any account: Login failed. OMP service is down The logs (/var/log/openvas/openvasmd.log) showed the following message: lib serv:WARNING:2016-01-19 15h52.12 utc:21760: […]
Search this blog:
The text of all posts on this blog, unless specificly mentioned otherwise, are licensed under this license.