In light of all of the hullabaloo about PRISM and other spying technology, I thought it'd be good to remind all of your dear readers that we've had the technology to ensure private communications on the Internet for 22 years in the form of Pretty Good Privacy (and the much-more-commonly-used implementation, GnuPG). Ars Technica had an okay article about e-mail encryption with PGP which I recommend reading, although you should keep in mind that most security professionals would consider infrastructural PKI like SSL and S/MIME to be compromised by nation-state-level adversaries (and all associated MIC contractors).
Anyhow, my GPG …read more
I used to post these on Facebook as Notes, but since the Timeline refactor, I frankly have no idea how to use Notes; so I guess I'll just post on my own blog. I use last.fm (me) to track my music-listening habits (and sometimes for other things). As of some time recently, I've passed 60,000 scrobbled plays since 2006. Yay!
Here's a graph I made (click for ps version; gnuplot continues to be the best thing ever):
Cheers, all.read more
I've been using Google Chrome's dev channel for the past year or so as my primary browser, but between some questionable aesthetic decisions and Chrome's tendency to segfault every hour or so for the last few dev releases, I decided that it's time to give up on the faster browser in exchange for the usable browser. Toward that end, I'm going back to Firefox. I hear that Firefox 4 is the next cool thing, so I set it up on my work machine (4.0b10pre, if you're interested). And, of course, since I am both a die-hard vim user and …read more
Hello interested parties. dnsextd (in my git repository) now supports
TCP. It was actually sort of an amusing bug. I guess the dnsextd code
must date back to PowerPC, because it had an extra
ntoh call which on
little-endian systems would cause TCP requests to fail. It's fixed in
the "tcp" branch of my git repository. In case you're curious as to how
to get that repository, you would use the following:
% git clone //files.roguelazer.com/projects/mDNSResponder-214.git % cd mDNSResponder-214 % git branch --track tcp origin/tcp % git checkout tcp
If you need more setup help, Dynamic DNS: Part …read more
This post is a follow-up to Dynamic DNS
When last I left you, we had basic updateable DNS running and could update it from OS X. I've been a bit busy since then, but thanks to some prodding from @Loredo, I got back in and started looking at. What follows is the exciting story of how I got things up and running -- by the end of this post, you'll have access to a working copy of dnsextd for linux, and a client application that updates SRV and IP (A/AAAA) leases. Woo.read more
It's nice to have DNS records for all of your computers. It's a giant pain in the ass to remember IP addresses, especially if you're on something like a cable connection, where the IP address is dynamic (but only changes every month or two). Now, you could go ahead and use DynDNS or No-IP or something. But those are lame. You have to use a subdomain of one of their domains, and you have to use their software to update. You might be wondering if there's a better way. Well, there is. Standard DNS supports updating, it turns out. In BIND, this is managed through the allow-update parameter. I had some free time this week after I finished finals, so I went ahead and set it up, along with the other trimmings required for Wide-Area Bonjour. It's cool, so I thought I'd post a bit.
The most important resource for all of this stuff is dns-sd.org.
Aside from a couple of minor errors that I corrected and an update for
OS X 10.5+, this Tip will be based off of the guides from that site. So
credit to them.