drinks Tequila Screwdriver I had some leftover orange juice from my Sunday morning mimosas and an almost empty bottle of tequila - so I made something that wasn't terrible. 2 oz tequila 2 oz orange juice
tls Key pinning in Golang Key pinning is a technique that can protect clients from rogue or compromised certificate authorities [1, 2, 3]. If you have control over the client and the server, you can bake the server's
github keybase and github commits Now that Github visualizes signed commit, I wanted to start using my keybase pgp key to sign commits. Unfortunately my keybase key had a single uid of tam7t@keybase.io which is not
security SSH keys on a yubikey There is something oddly satisfying about having my private ssh keys only on a hardware device where they cannot be directly accessed. For the past 6 months I've been using a yubikey for
tls MailChimp Information Disclosure Earlier this year I was working on a MailChimp integration for my "Real Job" and spent the evening poking around their application. I found a few small things that, when combined,
drinks Cucumber Mint Margarita The warm weather this weekend in New York City put me in the mood for margaritas. This, combined with the 5 hours of pre-Kentucky Derby coverage, inspired me to make a mint version
security Vimeo account takeover A while back I was playing around with the OAuth2 spec and discovered a flaw in how Vimeo associates Facebook accounts. Their Facebook connect callback URL was vulnerable to a Cross Site Request
golang Golang range and pointers I've encountered bugs using pointers inside a range loop twice in the past few weeks. It seems like an easy/common mistake that is worth sharing. an example In this example a producer
rails Rails autoload and eager load paths How rails finds and loads classes when using autoload_paths and eager_load_paths can be pretty confusing. This post is the best that I've read on the topic, but there are a
homebrew Keeping my brews up-to-date Here's how I ensure my homebrew packages are the latest and greatest! First I setup a crontab for my user: ~ $ crontab -e I then add this line to update the brew database every
Organizing My Day I started a new job in August and am using the following method to get things done. Each day I create a new text file on my computer with the following template: 1
ssl Securing ruby SSL connections By default, ruby uses OpenSSL settings that leave you open to insecure cipher combinations when making HTTPS requests. I wrote the following gist to document my attempt to secure HTTP requests from a
tls nginx self signed cert Create your self-signed certificate: openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 3650 -nodes Configure your nginx: server { listen 443 ssl; listen [::]:443 ssl ipv6only=on; # Diffie-Hellman parameter
ssl Heartbleeding an OpenVPN server Everyone has been atwitter lately over the heartbleed bug which motivated me to look into what lesser known implementations of OpenSSL might be vulnerable. My ddwrt home router seemed like a good choice