Other articles


  1. vim and that weird one-second startup delay

    Are you using vim, tmux, a graphical Linux desktop and are you experiencing random sluggishness when starting your editor? If not, you can skip this one.

    This is something that had been bugging me for ages, first at work on my workstation, then at home: Long-running tmux sessions would sporadically ...

    read more

    There are comments.

  2. On agents and keychains (Part 1)

    Many people, myself included, use tools like ssh-agent or gpg-agent to protect their private keys from theft without sacrificing the convenience of password-less logins. Presumably even more people use some kind of password manager, whether that is the one included with their operating system or a third-party one. I've ...

    read more

    There are comments.

  3. How to fix slow DNS lookups on Ubuntu

    If you're using a relatively recent version of Ubuntu, chances are that you have encountered spurious slowdowns that might be related to a very specific DNS failure. For me, it was the fact that ping to a host without a reverse DNS entry would only transmit a single ICMP ...

    read more

    There are comments.

  4. Thoughts on a cloud-based password synchronization service

    Today, Apple has enabled its cloud-based password synchronization service, iCloud Keychain. The service promises to safely store and synchronize passwords and other sensitive user data like credit card numbers among multiple devices. Apple claims that the information is protected with AES, but that alone is meaningless without knowing where that ...

    read more

    There are comments.

  5. TLS client certificates and Mobile Safari

    Update (2013-08-31): Apple has asked me to refrain from publishing any details on this security-relevant bug for the time being; I hope that a fix will be released soon. When that happens (or after a reasonable amount of time has passed), the original post will be restored.

    Until then, I ...

    read more

    There are comments.

  6. Uninitialized buffers in OpenGL

    As I've mentioned in my last article, I'm interested in the implementation details and the security of open and closed-source GPU drivers.

    In addition to the security implications of the model that is used by some of the current drivers (they allow the OpenGL client to send commands ...

    read more

    There are comments.

  7. A quine in x86-64 assembly

    This summer term, I'm taking a really interesting course on computer security: While the lectures are pretty theoretical (one of the topics is a proof that shows that proving the general security properties of certain models is equivalent to the halting problem, which is done by implementing a turing ...

    read more

    There are comments.

  8. Jumboframes on the Internet?

    Recently, I've been experimenting with Wireshark for my bachelor's thesis, monitoring the performance of TCP uploads from my notebook to my web server. A while ago, I had also swapped my router for a nicer model capable of gigabit ethernet and 5 GHz wifi (due to increasing congestion ...

    read more

    There are comments.

  9. VPNs and IPv6, part 2

    As I've written before, VPNs can lead to insecure situations when used with IPv6 enabled networks.

    The easiest way to mitigate that problem is actually just to enable IPv6 tunneling over the VPN itself, provided your VPN gateway has IPv6 connectivity and you have a spare /64 subnet you ...

    read more

    There are comments.

  10. Static blogs and HTTP caching

    As you can see in the footer, this blog is powered by Pelican, a static blog generator written in Python. It's really simple to use and fits my requirements nicely – I can write posts offline on my notebook and view the results in my browser with the included web ...

    read more

    There are comments.

  11. My OpenWrt setup

    This weekend, I finally reinstalled OpenWrt on my home router. I've been using a nightly build for several months now, and it had been working just fine, but unfortunately, the opkg (OpenWrt's package manager) repositories for the nightly builds are updated every few days, and all of the ...

    read more

    There are comments.

  12. Hello

    This is going to be my new personal blog. Topics will vary from programming and technical stuff to random thoughts about (possibly non-technical) things.

    read more

    There are comments.

blogroll

social