The NSA has a secret project that can redirect web browsers to sites containing more sophisticated exploits called QUANTUM INSERT. (Do I still need to say allegedly?) It works by injecting packets into the TCP stream, though overwriting the stream may be a more accurate description. Refer to Deep dive into QUANTUM INSERT for more details. At the end of that post, there’s links to some code that can help one detect QI attacks in the wild. As noted by Wired and Bruce Schneier, among dozens of others, now we can defend ourselves against this attack (well, at least detect it).

more...

The best part of running your own server is definitely reviewing the logs. There are a lot of silly people out there, and each and every one of them has written a program that would like to visit your server.

more...

OpenBSD is going through something of a minimalist phase right now, but that wasn’t always the case. There was definitely an era of aggressive importation as well. Times change, priorities change, projects change. I wasn’t involved with OpenBSD during the early years, but I think I can explain the shift in attitudes. This is part three of an apparently ongoing series that started with Pruning and Polishing and out with the old, in with the less.

more...

Three days of the doas.

more...

Among other developmental heresies, I’m also a believer in everybody working in the same branch. I’ve dropped hints from time to time, and of course OpenBSD practitioners are familiar with this ideology, but I’ve only tried explaining it in full to a few coworkers. Who sat through my talk alternating between being shocked and appalled. Good times.

more...

A reminder to leave the artisanal kerning to the professionals.

Who’s Wan?

Joining the ranks of bike share programs in other cities, Indego is Philadelphia’s version. The basic concept is the same and pretty simple. You check out a bicycle from one of many kiosks located about the city, ride around, then return it to an empty dock when done. The program is manufactured by B-cycle but owned by Philadelphia; it’s similar but not identical to programs in other cities, such as Austin or Denver.

more...

This wasn’t the post I intended to write today, but then I noticed that the certificate for www.tedunangst.com had expired, and repairing that became a prerequisite for getting anything else done. At the time, my first snarky thought upon discovering Firefox wouldn’t let me connect to my site anymore was “Oh, hurray, don’t I feel safe.” Then I went through the update nonsense and thought a bit more seriously about it.

more...

The first book in Lev Grossman’s magician trilogy, The Magicians, is one of my favorite books. Its two sequels, The Magician King and The Magician’s Land are not.

more...

Some people were hanging around Michael Lucas’s table at BSDCan, and the topic of conversation turned to Tarsnap. (Lucas has a book about it.) Each person went round the circle and said they were happy to pay Colin for his service, but when it was finally my turn I was forced to admit that while I would pay for Tarsnap, I found a bug and so, thanks to the bounty, it may be more accurate to say I get paid to use it.

more...