The recent SSLv3 POODLE vulnerability is a tricky one, because there’s no patch and you actually have to do the hardwork yourself. Luckily it’s not hard. Here are a few resources I found useful: Disabling SSLv3 For POODLE, on Linode’s documentation. Disabling SSLv3 Support on Servers, by the ZMap folks. POODLE Attack and SSLv3 Deployment, also by the ZMap folks. How do I patch/workaround SSLv3 POODLE vulnerability (CVE-2014-3566)?, on Ask Ubuntu. »
If you heard of the “heartbleed” vulnerability and are interested in testing your servers, here are a few websites that may come in handy: Heartbleed test - Simple and works. LastPass Heartbleed checker - also simple but I found that it was giving me some false positives. Qualys SSL Labs SSL Server Test - this is serious shit, deep analysis of much more than just the heartbleed vulnerability. Good stuff! OpenSSL TLS Heartbeat Extension - Memory Disclosure - the actual exploit that you can use yourself to test if your servers are vulnerable. »
Recently I had to add a new MySQL slave server to an existing master -> slave setup, without causing any downtime. Having done that only a couple of times in the past and never having played the central role in the process, I wanted to make sure I was getting everything right, so I did a lot of research but couldn’t find all the best (or what I consider the best) bits and pieces in one single place, so I am documenting everything here for future reference and hopefully they will also help others. »
Today I came across Mark Litwintschik’s post titled Abandoning PHP for Python. What Mark says resonates with me in almost every paragraph but what led me to write this post was what I read in some of the comments there. It’s a shame that some PHP fans insist on not understanding that when these comparisons are made and people say “X is better than PHP” (X being some framework like Rails or Django), they’re not really comparing PHP (the language) to that framework. »
On the 29th of July, 2013, I discovered a privacy breach in RunKeeper. I immediately contacted them but their response was very disappointing - they ignored me and did nothing regarding the problem I brought to their attention. Since this implicated the privacy of everyone using the service, I felt obligated to put it out there so people knew what to expect. This was the first support ticket I sent them: »
Update in May 2020: I don’t think I hate PHP this much nowadays. I have barely touched it for the past 6 or 7 years but it seems to have fixed a lot of its bigger problems. Good for you PHP! Despite that, I think I’ll still stick with other languages for the time being. The trauma is just too great… :) I hate PHP. Even though it’s the programming language I use the most to earn my keep, I can no longer keep this inside me. »
When I discovered Google is going to shutdown Google Reader, I felt sad. Not because I am one of those hardcore users that had half of his social life in Google Reader’s social features (which have been kicked out some time ago), but because I didn’t know any decent alternatives. Well, I decided to look and apparently there’s a lot to try. I’m not going to pick one as my favourite, because it’s going to take time for me to play with them and see which one I like the most, but at least I can list them here so others can find them, and also for my future reference. »
A minha namorada comprou um Sony Vaio em segunda mão, o qual tem estado a funcionar perfeitamente bem com o Ubuntu, excepto por não ter o scroll com dois dedos e ao suspendê-lo ele resolve reiniciar. Procurámos um pouco e encontrámos a solução para o problema do scroll. É bastante simples, bastou-nos criar um script que é executado no arranque: #!/bin/bash synclient HorizTwoFingerScroll=1 synclient VertTwoFingerScroll=1 synclient EmulateTwoFingerMinW=0 synclient EmulateTwoFingerMinZ=90 Se ele fizer scroll quando querem que o cursor se mexa, aumentem o valor do MinZ. »
My girlfriend has found a cheap second-hand Sony Vaio laptop, which has been working great with Ubuntu, except for not having two-finger scrolling and suspending it causing it to reboot. We dug a little bit and ended up finding out how to enable the two-finger scrolling. It’s pretty simple, so we just created a script that gets executed on startup: #!/bin/bash synclient HorizTwoFingerScroll=1 synclient VertTwoFingerScroll=1 synclient EmulateTwoFingerMinW=0 synclient EmulateTwoFingerMinZ=90 If it scrolls when you want the cursor to move, increase the MinZ value. »
Recentemente, numa aplicação que estou a desenvolver com Django, precisei de obter o domínio da aplicação para um email que é enviado pela aplicação django-registration. A django-registration gera um código único para activar uma conta de utilizador. Sabem, aquele processo típico de nos registarmos num website, receber um email de confirmação, carregar num link para activar a conta, feito. Como a django-registration depende de nós para criar o URL completo com o código e apenas nos dá uma variável site variable, que é uma instância da classe django. »