The Blog of Tom Webster
Chronic Ranter, Reviewer, and Developer. I speak only for myself, opinions are my own.
Last night was the holiday meeting of Ohio InfoSec Forum, a group that puts on monthly security meetings for free in Kettering, Ohio. They discuss everything from high-level security (use strong passwords) to low-level complex security (here’s how you write a buffer overflow in C). It’s really a fantastic group. I’ve recently had the pleasure of being added to their Board of Directors. I help with web technology, marketing, acquiring speakers and sponsors. You know, normal stuff that happens in a charity organization.
Anyway, we just recently had our holiday meeting, which consisted of us playing “Who’s Slide is it Anyway?!”. The format consists of picking audience members to present on a randomly-chosen slide deck, of which they have no prior information about. The results tend to be mildly hilarious. With some people standing in front of the group, completely flabergasted, as they struggle to find the words to talk about chair and couch design. Other people flew through the random deck with grace, talking about the fantastic new PRISM program (heavy sarcasm, of course). All in all, it was a good time.
One of the non-joke decks I made up was a quick 3-5 minute talk about how to hash passwords securely with salt (in case you can’t use bcrypt or another made-for-password hashing algorithm). Check it out here. It’s not in-depth, it doesn’t cover all use cases, but it does give a decent first-look at what salt is and why it’s helpful.
While trying to record some lines for
inSecurity, I ran into a
fairly annoying bug with Audacity on my home system. I recorded some
sound, and it did record properly, but when I tried to play it back, all
I heard was garbled audio for a split second. After a long time Googling
for the answer, I stumbled upon this launchpad bug
report,
which details a
workaround
at the bottom. I took this information and made an alias entry in my
.bashrc file:
alias audacity='PULSE_LATENCY_MSEC=30; export PULSE_LATENCY_MSEC; /usr/bin/audacity'
I could hear the audio properly when I relaunched audacity, much to my happiness.
If you’ve ever needed to export a list of users from an Active Directory
group, you’ve probably discovered that it isn’t entirely straight
forward. The secret to generating and exporting a list are a few command
line tools, dsquery and dsget. Below, you’ll see an example of a
group export. The output is fixed-width, so use Excel to break up the
data into a managable format.
You’ll only need to change CN=Group Name,OU=Groups,DC=Example,DC=com to
fit your domain and group. If you’d like to control what fields are
exported from dsget, check out this list of
parameters for
dsget on technet.
dsquery group "CN=Group Name,OU=Groups,DC=Example,DC=com" | dsget group -members | dsget user -ln -fn -samid -email > C:\Users\username\Desktop\file.csv
I’m happy to announce that I’ve finished creating my talks page! Over there you can find various presentations that I’ve given at conferences and forums, along with podcast appearances (still building that out). My latest talk is Making Security Shiny, so go check that out.
If you’ve wanted to see your current branch in Bash, check out this easy
.bashrc addition from henrik. Just add the
code to the bottom of your .bashrc file and source ~/.bashrc to add
the changes.
# http://henrik.nyh.se/2008/12/git-dirty-prompt
# http://www.simplisticcomplexity.com/2008/03/13/show-your-git-branch-name-in-your-prompt/
# username@Machine ~/dev/dir[master]$ # clean working directory
# username@Machine ~/dev/dir[master*]$ # dirty working directory
function parse_git_dirty {
[[ $(git status 2> /dev/null | tail -n1) != "nothing to commit (working directory clean)" ]] && echo "*"
}
function parse_git_branch {
git branch --no-color 2> /dev/null | sed -e '/^[^*]/d' -e "s/* \(.*\)/[\1$(parse_git_dirty)]/"
}
export PS1='\u@\h \[\033[1;33m\]\w\[\033[0m\]$(parse_git_branch)$ '