This example shows how to use the forge package to encrypt and decrypt objects. It also shows how to define a number of useful prototypes and other utility functions.
Continue reading Javascript example that shows how to use the forge package to encrypt/decrypt objects
Category: Security
Bash script to fix the shellshock vulnerability on Mac OS X 10.9.5 (CVE-2014-6271)
This script will build and install a new version of bash and sh from source that will fix the bash shellshock vulnerability on Max OS X 10.9.5 until the official patch is released from Apple. It requires the XCode command line tools. If you do not have the XCode command line tools installed, I have made pre-built versions of bash and sh available for download.
Continue reading Bash script to fix the shellshock vulnerability on Mac OS X 10.9.5 (CVE-2014-6271)
lock_files.py – a python command line tool to encrypt or decrypt files using AES encryption and a common password
lock_files.py is a python command line tool to encrypt or decrypt files using AES encryption and a common password. You can use it lock files before they are uploaded to storage services like DropBox or Google Drive.
It is available from github: https://github.com/jlinoff/lock_files. You will find a more complete description of the tool including the command line options there.
How to support multiple self-contained production quality web sites based on django, postgres and nginx on a single server using mkwebsite
The mkwebsite package allows you to install multiple completely self contained production quality websites on a single server for development and debugging without root privileges. I have used it for web development on linux and Mac OS X. The sites generated can also be used in production.
I developed it because I wanted to be able to completely remove my development sites without leaving any system wide packages around that I didn’t need and because I wanted to compare security settings side by side for sites that were otherwise identical.
It is very easy to use, simply download the package, extract it and run the associated install script for each website that you want to create. It takes care of all the system administration details (like database and server configuration) so that you can concentrate on development.
Continue reading How to support multiple self-contained production quality web sites based on django, postgres and nginx on a single server using mkwebsite
Password Selection Strategies
Choosing secure passwords is a tricky business. This document describes some strategies for creating and selecting them to effectively protect your accounts. The key points are that you need long passwords that are hard to crack but easy to remember, that you should have different passwords for different accounts and that for critical accounts you should have different usernames as well.
Continue reading Password Selection Strategies