Entries in 'misc'
— Next Page »
Quoting from http://www.phreedom.org/research/rogue-ca/
“As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.”
I wrote a program to look through the trusted certs that came with Firefox 3.0.4 for any CAs with MD5 signature algorithms.
[snip]
UPDATE: the list was not relevant because of a feature of the attack (thanks Thomas). Apparently “only RapidSSL and FreeSSL are practically vulnerable”
UPDATE 2: VeriSign responds, no longer possible with RapidSSL. And they’ve been phasing MD5 out across the board.
;-)
Quoting from http://gist.github.com/7263
#!/usr/bin/env ruby
# gcalc / 26aug2008 chneukirchen / public domain
require ‘open-uri’
q = ARGV.join(” “).gsub(/./m) { “%%%02X” % $&[0] }
html = open(”http://www.google.com/search?q=#{q}”).read
puts (html[%r{(.*?)}, 1] || ‘not a calculation’).
gsub(%r{240| }, “”).gsub(”×”, “x”).
gsub(%r{(.*?)}, ‘^\1 ‘)
(tip via HubbuH)
I arrived in Las Palmas de Gran Canaria yesterday. Here to give a presentation of the pilot paper at Euro-Par and represent Nimbus on a panel at VHPC.
I was jetlagged, so I tried to read a little bit, learning about some of the deeper corners of the fantastic Spring framework:
Here you can see the northern end of this beautiful city.
I’ve been told several times that they “don’t see Americans too much in this part of the city” so I think I’ve landed in a good spot.
Chris Samuel posted this job opportunity for a job with VPAC in Australia.
If you know anyone that may be interested in the job, please pass this announcement along. It seems like people reading here would have a good probability of knowing someone that may be interested and who also has the experience they are looking for.
Thanks
From http://www.csamuel.org/2008/07/28/vpac-job-grid-systems-administator-programmer
VPAC is looking for someone to join the systems team here to work on grid computing, including things like Shibboleth, SSL certificates, Globus and the like.
The Victorian Partnership for Advanced Computing Limited (VPAC) has a unique opportunity for a person to assist with the operation of a National Distributed Computing and Data Project. VPAC operates a range of large Linux HPC Systems primarily used for scientific research and is part of ARCS, the Australian Research Collaboration Service, building research infrastructure across Australia.
Reporting to the VPAC Operations Manager, you will be working primarily on Linux systems in a distributed computing environment. Specifically, you will be involved in a National Project to provide authentication and authorisation services, and separately, data services across Australia and be a part of the international grid effort. The ability to work with and support our end users (typically scientific researchers and software developers) is very important in this role. Some national and international travel may be involved.
You will gain experience in a range of cutting edge distributed computing technologies.
To be successful in this role you will need Linux (or Unix) experience. A degree in Computer Science or a closely related field would be highly advantageous but hands on Linux experience is essential. Experience in authentication, authorisation and distributed data is highly desirable.
Key Selection Criteria
- A good knowledge of UNIX or LINUX at a systems level.
- Some skills in programming or scripting Python, Perl, Java or similar.
- Good communication skills and an ability to deliver quality services to end users.
Gain bonus points with:
- Experience with authentication, authorisation, Shibboleth and/or distributed data.
- Experience with grid or distributed computing, Globus.
- Experience in building and packaging custom Linux systems.
- Experience in XEN, OpenSSL, X509 certificates, Web Services or similar.
Applicants with specific skills related to the above are strongly advised to mention their experience level with each (e.g, experienced, competent, interested beginner) in their application.
VPAC is an equal opportunity employer and offers an exciting opportunity in a modern work environment with excellent employment conditions and career progression opportunities.
Please send resumes, along with a cover letter and academic transcripts to recruitment@vpac.org. Applications close COB 11th AUGUST 2008.
I like the end of the recent S3 downtime explanation:
“Though we’re proud of our operational performance in operating Amazon S3 for almost 2.5 years, we know that any downtime is unacceptable and we won’t be satisfied until performance is statistically indistinguishable from perfect.”
Is the cloud computing fog getting a little hazy? No stranger to the cloudscape, Typhoon Software is pleased to release its new flagship product Thunderbolt!, a lightning-fast new technology sure to put your datacenter on Cloud Nine.
Our Umbrella system ensures your application’s always running. But that’s just the basics. Datacenter loses connectivity or power entirely?? Nothing could possibly happen now with our sophisticated Biosphere protection system, guaranteed to sync your state to a new datacenter in the ms before going offline.
Every cloud’s got to have a silver lining: the Demistifier administrator portal has the critics calling everyone else’s products “vaporware.” And research experts are even hailing Thunderbolt!, the only scheduler on the market that can differentiate between the Cumulonimbus incus backfill and the tricky Cumulonimbus with mammatus.
It’s a breeze!
Get out of the plumbing business: try Thunderbolt! out today. Watch those support calls go up in smoke, watch your downtime evaporate, and best of all watch your profits hit the stratosphere!!!
Found myself with some rare free time, queuing up some small posts. Here’s a bash function I’ve been using for about a year now to name terminal windows. This is helpful to organize the 10-20 terminals I might have open at any given time across many virtual desktops. Unlike some tricks, I actually use it all the time so I figure that’s one person that finds it useful… so here it is in case someone else might also find it useful.
From .bashrc, it is very simple:
function n() {
if [ "X" = "X$1" ]; then
echo "give at least one parameter for window name"
return 1
fi
NAME="$*"
PROMPT_COMMAND=’echo -ne “\033]0;$NAME\007″‘
export PROMPT_COMMAND
return 0
}
Here is the ASCII version for copy/paste to avoid unicode issues etc.
Nothing to it… just names the current terminal window.
$ n CLUSTER 3
$ ssh tfreeman@cluster3...
I like CAPS usually and I set my title bar font all big:
This overrides the default setting which was to print the current directory. Here’s how to do that…
PROMPT_COMMAND='echo -ne "\033]0;${PWD/$HOME/~}\007"'
“Announcement: All online conference proceedings are now freely available to everyone.”
http://www.usenix.org/publications/library/proceedings/
Emerging Filesystems is a LinuxWorld article that Chris Samuel just put online (see his blog entry about the article).
It has a lot of great overview information, benchmarks, and interesting insight into ChunkFS, NILFS, btrfs, ext4, Reiser4, and ZFS.
I’ve been interested in how people are tackling the fsck problem which is one of the things he discusses. In my mind, it is already pain enough regardless of where it’s heading. The problem is also relevant to virtualization and grid computing. If you’re persisting and reusing VMs (not using the copy+throwaway model), the filesystems inside the VM are going to fsck eventually. Perhaps you have some timeout code in the meta-client layer that will only tolerate a certain wait for the VM to boot and report on its status somehow (perhaps using workspace contextualization technology). Because of the possible fsck delay you wouldn’t want to set this timeout very low (where it’s useful) unless you disabled filesystem checking which is not a great idea. A fsck friendly filesystem might become a popular VM choice? I’ll surely use a stable one for my local VMs and laptop.
The Ceph Distributed Network File System is an interesting, new project announced on the lkml
“Ceph is a distributed network file system designed to provide excellent performance, reliability, and scalability with POSIX semantics.”
(Note the comments at the kerneltrap link, there is an update on the GPFS part of the announcement)
The Apache Synapse team is pleased to announce the project is releasing 1.1 of the Open Source Enterprise Service Bus (ESB).
Apache Synapse offers a wide range of connectivity, including HTTP/S, JMS, (S)FTP, SOAP, WS-ReliableMessaging and WS-Security. The project has been designed to allow administrators to support advanced functionality such as load-balancing, throttling, and failover without writing code.
The new Apache Synapse 1.1 release includes many enhancements based on feedback from users, including
- Apache VFS based file transport - supports File System, FTP, SFTP, JAR, ZIP, TAR, GZIP, Mime
- Scheduled Task support makes it simple to run repetitive tasks
- XQuery mediator - simplifies XML transformation with the XQuery standard
- POJO Command mediator - allows the creation of message-independent mediation logic
- DB Report and DB Lookup mediators - support message augmentation and database logging
- Cache and Throttle mediators/enhancements - improve performance and manage load on existing services
- Split/Clone/Aggregate mediators - support batch processing of large messages
- Improved logging and tracing support
With asynchronous support for HTTP and HTTPS, Apache Synapse has very high scalability under load, supporting thousands of concurrent connections even with limited threads. Combined with streaming XML support, Apache Synapse has class-leading performance results.
The Apache Synapse code and binaries are available from the website at http://ws.apache.org/synapse
Thanks
The Apache Synapse Team
— Next Page »
