• Australia's COVIDSafe App: A Brief Tour of the Data Stored

    The Australian government released it’s own contact tracing app last weekend, and while it is claimed that they will release the source code, that has not happened yet. Plenty has already been written about how we are told it works, and there is some great work being done on the decompiled code by @GeoffreyHuntley and others to document how it does work. I’m not digging into the code much myself, but I did examine some of the data stored on my own device.

    Read more...
  • Configuring a Logitech Harmony Remote From Linux (Sort Of)

    I recently bought another Logitech Harmony universal remote (the 650 model). This post outlines the struggles of configuring this from Linux.

    Read more...
  • Abusing Version Control with SHA-1 Collisions

    Now that there is a public SHA-1 collision, we can supposedly mess with both SVN and git repositories by adding these specially crafted pdf files. But what actually happens when these files are added to a repository that uses SHA-1 for deduplication? To find out, let’s create git and SVN repositories, add these files to them, and see what happens.

    Read more...
  • Adventures in Reproducibility with Signal for Android

    Earlier this year, Open Whisper Systems announced that their Signal Private Messenger application now supports reproducible builds for their Android app, using a Docker image to provide a consistent build environment. In theory, this allows us to have confidence that the publicly available source code posted to github is, indeed, what is served out through the Google Play Store. Being security-minded (paranoid?), I thought I would verify this myself, but I encountered a few speed bumps along the way.

    Read more...
  • FreeNAS - Plugins to Jails and Back Again

    Some time ago the cheap USB flash drive that I ran the FreeNAS OS on died, requiring me to re-install (this time to 2, mirrored, flash drives) and re-import a backup of my settings. This mostly recovered everything, with the exception that all of the plugins I had previously installed were not recognised as plugins, just standard jails. For most services this didn’t matter, since they simply run from a git repository and update themselves accordingly, but for services like SABnzbd this left me with no easy “update plugin” method of upgrading to newer versions as they are released.

    Read more...
  • Ubuntu Network Issues After Hibernating

    I recently installed Ubuntu Gnome 16.10 onto my Dell XPS 13 (9350), and while most things are working fine out of the box, hibernating has caused some pain.

    Read more...
  • Vagrant NFS Speed Issues

    Web development with vagrant can be a joy, but sharing files between a Virtual Box VM and the host machine has it’s quirks. Some Googling would tell you that simply using NFS will solve all your speed issues, but on my Ubuntu host/Ubuntu guest setup I’m still seeing extremely slow file accesses. What’s going on here?

    Read more...
  • The Politics of Age

    This coming US election will prove historic for many reasons, not least of which being that whoever the next president is, they will be significantly older than Barack Obama. For me this has sprouted the idea that perhaps a correlation can be drawn between a president’s political party and their age. Namely, when voters oust one party in favour of the other, is there a trend towards older Republicans/younger Democrats?

    Read more...
  • On Beginning Titles With The Word "On"

    Hello world!

subscribe via RSS