Not up to our usual standards

For a few years now, I’ve been working on and off on a set of libraries which collect cryptography- and security-related code I’ve written for other projects as well as functionality which is not already available under a permissive license, or where existing implementations do not meet my expectations of cleanliness, readability, portability and embeddability.

(Aside: the reasons why this has taken years, when I initially expected to publish the first release in the spring or summer of 2014, are too complex to explain here; I may write about them at a later date. Keywords are health, family and world events.)

Two of the major features of that collection are the OATH Authentication Methods (which includes the algorithm used by Google Authenticator and a number of commercial one-time code fobs) and the Common Platform Enumeration, part of the Security Content Automation Protocol. I implemented the former years ago for my employer, and it has languished in the OpenPAM repository since 2012. The latter, however, has proven particularly elusive and frustrating, to the point where it has existed for two years as merely a header file and a set of mostly empty functions, just to sketch out the API. I decided to have another go at it yesterday, and actually made quite a bit of progress, only to hit the wall again. And this morning, I realized why. Continue reading “Not up to our usual standards” »

How to solve every problem in the world

  1. Identify a complex problem in country A which is deeply rooted in that country’s demography / economy / culture / political system.
  2. Point out that country B, which has a completely different demography / economy / culture / political system, does not have that problem or has found a simple solution to it.
  3. Declare that the problem is trivial and that country A are idiots for having it in the first place.
  4. Job done, have a beer.

FreeBSD and CVE-2015-7547

As you have probably heard by now, a buffer overflow was recently discovered in GNU libc’s resolver code which can allow a malicious DNS server to inject code into a vulnerable client. This was announced yesterday as CVE-2015-7547. The best sources of information on the bug are currently Google’s Online Security Blog and Carlos O’Donnell’s in-depth analysis.

Naturally, people have started asking whether FreeBSD is affected. The FreeBSD Security Officer has not yet released an official statement, but in the meantime, here is a brief look at the issue as far as FreeBSD is concerned.

Continue reading “FreeBSD and CVE-2015-7547” »

Samples from my Inbox, pt 3

(part 1, part 2)

Bottom of the barrel here.

Take a look at good health products

checks backpack Lamotrigine, Rizatriptan, Diclofenac and Zopiclone (prescription), Paracetamol and Ibuprofen (over-the-counter) and three sets of single-use contact lenses. Oh, does WD-40 count?

Time for great nights with your female partner

Not bloody likely, what with my chronic insomnia.

Your girlfriend wants you to be the best

That’s the great thing about a healthy relationship, we both want each other to succeed and support each other’s endeavors.

Here you will find some photos

Hey, I’ve been looking for those! Thanks for finding that memory card.

The easiest way to gain more health

Look, I know I could stand to lose a few pounds, but I’m already eating relatively healthy and there’s nothing easy about working out regularly, especially with a busted knee. Now get off my case!

Samples from my Inbox, pt 2

(part 1)

Do you desire an extra fire in your bedroom life?

Oslo is experiencing a cold spell, and Karin has been complaining about being cold at night. We have a new heating system with thermostats in each room, but I haven’t yet programmed them all. In the meantime, we’ve set up a portable electric heater in the bedroom.

She will be impressed by your strength

I’m out of shape, but still pretty good at lifting and carrying and shit like that.

Enjoy your carnal pleasures

Last night’s chili con carne went down pretty well, even though I ran out of cumin.

Can you have satisfaction 3 times a night?

Some days, I like to come home, hack on FreeBSD for a bit, then cook up a storm and watch a couple of episodes of Doctor Who or Jessica Jones after dinner. Other days, I just want to heat up leftovers and crawl into bed with my Kindle.

Proven way to get rid of male problems

I wish it were that easy, but I don’t think there is a silver bullet for toxic masculinity and all its concomitant problems (such as the GamerGate and Red Pill movements and the rest of the so-called Manosphere).

Vape-shop N1 в России

I get it, you vape.