Which of my Firefox passwords might have been compromised by Cloudflare’s memory leak?

February 24th, 2017

Yesterday the internet learned that Cloudflare had been randomly spewing the contents of some connections through their services into other HTTP responses. What fun! Now we need to change all our passwords, rotate our keys, expire sessions, etc. because someone used C code in a sensitive context. But I have hundreds of passwords, and I don't want to change all of them. Here's how I found a set of candidates that could have been affected, using Firefox's password store.

Update 2017-02-24: Uses later date to only check sites in high-risk period.

Update 2017-02-24: Now actually checks if each identified site currently uses Cloudflare, and uses later date.

Read full entry »

strace’ing a Clojure process under lein

August 16th, 2016

Today I wanted to strace a JVM process to see if it was making network calls, and I discovered a minor roadblock: It was a Clojure program being run using the Leiningen build tool. lein run spawns a JVM subprocess and then exits, and I only wanted to trace that subprocess.

Read full entry »

Fast, manual, incremental updating of WordPress

February 6th, 2008

WordPress recently released 2.3.3 as an urgent security fix for 2.3.2. Rather than wiping all non-configured files from my development site, extracting the replacement files from the tarball, and re-uploading said files by FTP, I used the fast and precise approach: Only upload changed files.

Read full entry »

Duplicity + Amazon S3 = incremental encrypted remote backup

August 11th, 2007

Update: I haven't really been using this, since the bandwidth required is a bit... excessive. I think I'll stick to duplicity + external hard drive.

Duplicity is a backup program that only backs up the files (and parts of files) that have been modified since the last backup. Built on FLOSS (rsync, GnuPG, tar, and rdiff), it allows efficient, locally encrypted, remote backups.

Amazon S3 is a web service that provides cheap, distributed, redundant, web-accessible storage. S3 currently charges only $0.15 per GB-month storage and $0.10 per GB upload. The API is based on HTTP requests such as GET, POST, PUT, and DELETE.

The following is a description of how I made use of these to back up my laptop, which runs Ubuntu Feisty Fawn.

Read full entry »

Force Firefox extensions to work in the latest version

November 19th, 2006

When Firefox updates to a new version, some extensions are disabled. However, you can easily edit the extensions to make Firefox re-enable them -- no particular expertise required.

Read full entry »