Since 10.5, Mac OS X has had integrated keychain support in OpenSSH that lets one store one's SSH private key passphrase in the keychain. This makes it easy to securely store the passphrase permanently, instead of just per-session or per-boot as ssh-agent(1) does (unless the "Remember password in my keychain" option is not selected, in which case the passphrase is only stored in the memory of the running
Some time in 2010, Google, Adobe, and "dozens of other high-profile companies" were hacked by the Chinese government. The attack was done through a previously unknown vulnerability in Internet Explorer and considered to be highly sophisticated. The attackers copied intellectual property of these companies and accessed Gmail accounts of human rights activists.
Rather than directly hack into the accounts of those activists, the entire e-mail provider was compromised.
Lauren didn't race, so Dave, Eric and I did 3 races on track 7. The first race, I had a best lap of 15.455, the second, Eric and I both had a best of 15.385, and on the third race I did a 15.443. Dave set the best lap time of the week with a 15.306 in the last race and Eric and I both tied for 2nd with our previous 15.385. Though as the girl at the counter said, the week started a day ago. Dave is currently 13th for the month and Eric and I are both 16th. Not bad for never even seeing the track before.
Back when I used OpenBSD on my laptop and Pidgin for instant messaging, I wrote a D-Bus script to watch incoming messages and forward any to my cell phone that were received while my screen was locked. The script forwarded messages to Prowl's web API, which would forward them to my iPhone using push notifications.
The last time I switched back to a Mac desktop, I had to switch back to Adium and lost the ability to selectively forward messages. While Adium does have an event action to run an AppleScript, there's no way of passing the actual event text to the script, so it has to talk back to Adium and try to find the newest message. The only option was to generate Growl notifications for all messages and then configure Growl to forward them to Prowl. I got fed up with that pretty quickly, so I modified Adium to create a new event type for "messages received while away". That way I could have the Growl notification only on that event, so I would only get messages forwarded while away. That worked better, but it prevented me from being able to go away while still at my computer without getting a bunch of messages queued up on my phone.
I keep reading stories about these new Android tablets that are destined for failure because they're too big or too small or too expensive. I owned an iPad and sold it after a couple months because I didn't use it enough to justify the cost. While its large screen was nice for viewing webpages or playing games on the couch, it was also one more device that I had to sync, charge, carry around, and possibly pay for another data connection for. With that in mind, I had an idea the other week: why doesn't someone make an Android tablet that just acts like a docking station (or "shell") for an Android phone?
The tablet would essentially be a big screen with no guts. An Android phone would plug into the back of it like the battery of a laptop does (think aluminum Powerbook but without the need for a coin), so that when it was installed, the tablet would be flush on the underside and have the same form factor as an iPad or other tablet. Once the phone was connected, the tablet would provide a larger display for the phone, just like plugging an external monitor into a laptop. The tablet would have no CPU, storage, or memory of its own, and wouldn't even need its own battery (though perhaps it could include an internal one for additional run time). Since the phone is still powering everything, it would still be able to use its WiFi and 3G connections.
At about 9am yesterday morning, I noticed on the monitor that the CPU utilization of one of my servers was abnormally high, in addition to a sustained 1mbit/sec of inbound traffic and 2mbits/sec of outbound traffic. syslog messages from Asterisk showed it to be a SIP brute force attack, so I dropped the offending IP (an Amazon EC2 instance IP) into
/etc/idiots to block it and went back to my work.
A while later, I noticed the traffic still hadn't died down, so I reported the incident to Amazon and my server's network provider. No luck on either front; Amazon just sent back a form reply stating the incident was forwarded to the EC2 instance's owner (yeah, seriously) and the network provider said they wouldn't bother adding an ACL to their border equipment unless it was needed to protect their entire network. With the IP blocked on my server, the CPU utilization had died down and it was no longer sending out reply traffic, but I was worried about the inbound garbage traffic counting towards the server's monthly bandwidth cap.
update: this behavior is now supported natively in git with subtree merging.
for a project i'm working on, i need to host a local copy of a remote git repository inside of my project's git tree, but rooted in a subdirectory. it wasn't as straightforward as i was hoping, so i'm writing this so someone else can find it.
i've always formatted my mac os partitions with case sensitivity enabled, which usually means formatting a new system and re-installing mac os x as soon as i get it. after installing the 10.6.2 update, i lost my system menu bar icons and was forced to restore from a 10.6.1 backup made the day before.
following apple's instructions, i booted to the snow leopard installation dvd, chose the "restore system from backup" option and thought i was on my way. about 50% into the recovery, the recovery application crashed:
more snow leopard breakage: ruby compiled for a 64-bit processor crashes when doing certain calls through the dl module.
the gd2 ruby module (which just
dlopen's the gd2 c library) calls gd2's
gdImageStringFTEx function which crashes the ruby interpreter. apparently this is an old issue that is still unfixed in the ruby shipping with snow leopard (1.8.7p72; why so old apple?) or any 1.8.7 for that matter. even after ripping out the old ruby and installing the latest patchlevel (174), it still crashes:
pgp doesn't have a (non-beta) version of its whole disk encryption product that is compatible with snow leopard yet, so i was holding off on upgrading once my snow leopard dvd arrived. once i read that i would have to decrypt the entire drive (an ~8 hour process), uninstall pgp, upgrade, then re-install and re-encrypt the drive anyway, i figured i might as well do the first half now and wait for them to finally release the new version. please don't steal my laptop until i re-encrypt my hard drive.
installation of snow leopard was easy and fairly quick. i took screen shots of the drive in finder before and after to see how much disk space i saved, but since snow leopard now reports drive capacities in base 10, both values changed. before it was 6.95gb free on a 148.73gb drive. now it's 23.94gb free on a 159.7gb drive. i'm also not sure how pgp wde affected the disk space utilization, so i guess these numbers are meaningless.
dave wanted to go karting, so we went to cir. i haven't been there in a year but the track 1 configuration is still the same. i placed 1st in all 3 races, setting the best lap time of the week on the first race with a 15.07. the pro karting guy (you can always tell who they are because they show up with their own nomex suits) that placed second must have got mad that i beat him, so he did the next race (with only 3 other people) and set a new week-best of 14.77. i got my best down to 15.02 on the second race, and then a 15.26 on the third race with a kart that had a really loose throttle cable.
though now that my helmet has a tinted visor, everything is kind of dark in an indoor karting track. luckily there were no turtle shells or banana peels to avoid.
i am heavily using x11 under mac os x with ratpoison as my window manager. combined with mac's "spaces", this basically gives me full-screen x11 (but not actually full-screen with a root window) and a bunch of xterms in one screen, full-screen firefox in another, and then other mac applications in the rest.
i am also a heavy gimp user, but the attempts to port gimp to mac as a non-x11 app don't work very well at all. since i'm using fink, installing the regular x11 gimp was as easy as
fink install gimp2, but using gimp with ratpoison has never been fun.
3 years ago, i was using mac os x as my full-time workstation operating system on a 12" aluminum g4 powerbook. i eventually got annoyed at some hardware issues with the powerbook and some software issues with mac os x, which prompted me to switch back to a new thinkpad x40 running openbsd (and then to a thinkpad x200, then random netbooks running openbsd).
a few weeks ago, i purchased a new 13" macbook pro and immediately tried to put openbsd on it; not so much because i'm an openbsd zealot, but more so because i'm so much more productive in it than in anything else and i quickly get fed up when i can't get something done (and can't fix it).