Novo-say-what? Wed, 30 Jul 2008 15:22:10 -0400

So in a few day's I'll be traveling to Novosibirsk, Russia for a 10 day work trip. I'll me doing knowledge dumps on a bunch of developers taking over a project of mine. As I prepare to move on to other things.

Not really what more to say other than it's a LONG travel and I doubt I'll have much to say on the subject until after it's done. I am going into this without any real expectations.

  • Keywords:
0 comments. More...
My Take on the Kaminsky DNS Flaw Wed, 23 Jul 2008 11:10:21 -0400

Okay so everyone has by now heard about the Kaminsky DNS flaw that has been the buzz of the network security world for the past couple of weeks. Given that I have only read preliminary data and hear-say from comment posts from other people who 'say' they have privileged access to details.


NOTICE: As of yet I have not read any specific details about the Kaminsky DNS details so this is all speculation and might change completely once details arise


So the main patch appears to be to randomize the source port for which the DNS resolver uses to look up a domain against another DNS server. Now I will not go into the details of how the exploit works, but to my knowledge this is the patch. There is supposed to be a fundamental DNS flaw in this, I don't see how that is as I have written DNS servers from scratch and mine is not vulnerable. (Sorry not for public release and no it's not djbdns, tho I do use that dns server and yes it is awesome).

So here is a question I have about a possible _REAL_ fix to this. When the resolver does the look up and receives it's response, why does the DNS server not compare each answer (which is referenced to it's answer) against the question initially asked. This information can be stored on the DNS server to compare this to. I understand that CNAME records might exist, but obviously that can be compared. Is answer of type CNAME? If so then use the answer to the CNAME and compare thant against the rest of the answer. Instead of just copying the entire answer into the cache. That just doesn't seem to work in my opinion.

So again this idea of a fix might be flawed or not, but that will be determined later. With any hope there will be more information released today to give some light on this. As a hosting provider and hacker I am extremely interested in what this has in store.

  • Keywords:
0 comments. More...
I'm back Thu, 17 Jul 2008 21:07:41 -0400

Hey Everyone

Sorry about this but you may have noticed that the site has been down for the last week or so. I didn't have the money on hand to renew it so it expired. Lucky my best buddy Kris Bailey was able to fund our shared account and renew it for me. Thanks again Kris ;)

So lots has been going on, lots and lots of changes I've moved back and forth on a few projects. I have been using a lot of django and python (sorry PHP) and am now thinking about rewriting this site using the django framework. Sorry just like it _THAT_ much.

A few other new items I've been up to:

  1. Installed Ubuntu Hardy Heron on my laptop
    Dropped the Gentoo install that I had on it, I had originally installed that in 2002!!!! (that's 6 years!)
  2. Using emacs as my new default IDE
  3. Using irssi instead of xchat

I think what this is all coming back to is migrating to a more stress free method and faster development environment for me. It may not work for everyone, but that's OSS, freedom to choose.

  • Keywords:
0 comments. More...
Moving... Wed, 7 May 2008 21:58:39 -0400

Okay, So I just moved. I moved from the seedy underbelly of the inner city, into the trendy hipster neighborhood where I suddenly find myself leaving the door unlocked after I immediately enter the house. An odd sensation, but not a bad one. I still don't have blinks on my windows and all my stuff is right out there for everyone to see, yet I still do not find myself as concerned with it as I was carrying my groceries from Whole Foods in from the street at my prior residence. ... I mowed the yard the other day ... first time it wasn't such a chore.

Anyway ... I've begun development on a new top secret project. The main application is written in C for a massively distributed systems solution and a web interface to the system that I am using the Django Web Kit based in Python. This is my first stint into Python beyond using the Python interpretor for a fast calculator when on the CLI or a quick CLI client application for management consoles over local Unix Sockets. This is about all the experience I've had with Python up until now. I must say as a PHP developer this is a very different world. In the 1 day I've been messing with it I've already written most of the core framework including front-end html. I really love the ability to layout the database design and define the relations and in a single command have SQL built or a database synchronization to occur immediately. I love this application already!

Anyway this application will have some cool stuff involved with it including external API communications and export features. Which I'm sure Django will be able to handle in short order.

  • Keywords:
0 comments. More...
Earth Day Tue, 22 Apr 2008 11:57:51 -0400

Welcome to Earth Day

To bring it home, a friend of mine Mary Liz sent me an email today that outlined just how un-safe the average home is. To give you a little insight, I no longer eat processed foods, or conventional vegetables, fruits or meats. Sure it means I pay a hell of a lot more for my food, but it also has changed the way I feel and think about food.

---- Exctracted from Email ----

For Earth Day, I'm making a pledge to rid my home of cleaning
products that contain harmful chemicals.  I encourage you to
do the same:

Purchase a 100% Natural home cleaning kit here:  http://store.eco-me.com/echoclkit.html

Why?

* The average home contains as much as 25 pounds of toxic
cleaning products. 

* Companies are not required by law to list the contents of their
products and testing for long-term health effects are not
enforced. Toxins, even trace amounts, can be absorbed into
your body and organs within seconds of exposure.

*The air in our homes is 3 to 7 times more chemically polluted
than outdoor air, pollution and all.

  • Keywords:
0 comments. More...
  • Disclaimer
  • The ideas and opinions expressed here are mine.
  • I'm a Linux and BSD user, and lean heavily toward the use of OSS vs certain other commercial solutions.

View the Ninja's profile on LinkedIn

:= RSS =: