Securing Firefox, Chrome and Thunderbird against client-side attacks

Imagine someone half-competent wants to hack into your computer. They want to read your e-mail, steal your bitcoins, transfer funds via your PayPal account, etc.

You're behind a firewall (or more commonly a NAT router) and you don't have any open ports / servers running. So you're safe right?

Blog Tags: 

TurnKey v14.0 RC1 is LIVE! (aka we need YOU!)

Update: v14.0 stable is available in all build types: OVA & VMDK, Proxmox, OpenNode & Docker (Proxmox build is somewhat generic LXC/OpenVZ container) and Xen & OpenStack.

How to upgrade a Debian package to a newer upstream version

Duplicity issued a new stable version with a few bugfixes. I didn't want to wait for the Debian sid package to update so I updated it myself.

This was very simple as the Debian duplicity package uses dpatch to manage all the patches to the original source code. The patches go to debian/patches.

When the package is built debian/rules applies these patches:

dpatch apply-all

Creating a new dpatch is also automated::

# 1. create a new patch: invokes a new shell. Edit files and exit # when you're done dpatch-edit-patch <patch_name>

Blog Tags: 

Invalidating the disk cache on Linux

Here's a super easy way to invalidate the disk cache, which is useful for testing IO performance in the real world, where you can't rely on all of your reads being served up from a super-fast RAM cache rather than a vastly slower physical disk drive.

This will free up everything in the disk cache:

echo 3 > /proc/sys/vm/drop_caches

Or if you want more control over exactly what is being freed...

  1. This frees up the pagecache (e.g., cache of contents of files):

Blog Tags: 

pyproject-pub: A simple Python project template

I hate repeating myself. It's boring. Life is too short. Like any self respecting hacker I will go out of my way to avoid it, even when I suspect it would cost me more to automate something away than to just do it by hand.

On the other hand, doing stuff I've done before by hand is no fun, while writing scripts is fun. Even when it does take longer, time is relative, or so Einstein said.

Blog Tags: 

Understand the system, make stuff happen, or die trying.

Specialization. Most of the people who work for big companies do it. They're good at this one specific thing the company needs to get done. They work with other people who are good at other things.

On one hand, specialization is necessary and useful. It doesn't make sense to try and train everybody to be good at everything. As they say, jack of all trades and master of none.

Blog Tags: 

Getting started with Python and Lisp

A few weeks ago I talked with a friend studying computer science who I discovered had never experienced the joy of programming with a high level language. Not only that but he didn't have the first clue what he was missing. I feared without my immediate intervention another perfectly good mind would be wasted in programming hell. At his university they were using Java for nearly everything so he had somehow gotten the terribly mistaken idea that it didn't really matter what programming language one used. I carefully explained that:

Why I love programming: a crude theory of mind

I've been programming a bit today and I am enjoying myself and focusing for hours at end, which has lately been next to impossible for me when working on other things (e.g., website design).

It's made me think about why I'm having such a hard to reproducing the focus and satisfaction I feel when I'm programming when I'm doing non-programming stuff.

Fact is, I've noticed I find it much more difficult to get in the zone when I'm not programming. I feel slow and unproductive (compared with development) and that leads to low morale and avoidance/procrastination feedback loops.

Blog Tags: 

Why parallel programming is hard

Implementing Cloudtask took more time than I had planned due mainly to the challenges of parallel programming, which I hadn't done that much of before. Also, parallel programming really is inherently far more difficult than serial programming.

In my mind there are three major challenges:

How to get the bone

Sometimes working on big projects can be frustrating. I think that's mainly because it's easy to get so immersed in detail that you lose sight of the big picture. A big project tends to break down recursively into sub-projects, and sub-sub-projects that you only realize are necessary after the "direct approach" turns out to be not a shortcut but an illusion, something that starts out looking like a shortcut and turns out to be a dead-end or actually a very long way around (e.g., fast short term results that are unsustainable in the long run). Then you have to turn back.

Blog Tags: 


Subscribe to Blog