Regular blog here, 'microblog' there
Many of my traditional blog post live on this site, but a great majority of my social-style posts can be found on my much-busier microbloging site at updates.passthejoe.net. It's busier because my BlogPoster "microblogging" script generates short, Twitter-style posts from the Linux or Windows (or anywhere you can run Ruby with too many Gems) command line, uploads them to the web server and send them out on my Twitter and Mastodon feeds.
I used to post to this blog via scripts and Unix/Linux utilities (curl and Unison) that helped me mirror the files locally and on the server. Since this site recently moved hosts, none of that is set up. I'm just using SFTP and SSH to write posts and manage the site.
Disqus comments are not live just yet because I'm not sure about what I'm going to do for the domain on this site. I'll probably restore the old domain at first just to have some continuity, but for now I like using the "free" domain from this site's new host, NearlyFreeSpeech.net.
The LWN security updates posted today include the GnuTLS updates for Fedora and OpenSUSE. Debian and Ubuntu pushed out their patch a couple days earlier.
It's a pretty big bug that is being closed. Says Tomas Hoger in the bug report:
It was discovered that GnuTLS X.509 certificate verification code failed to properly handle certain errors that can occur during the certificate verification. When such errors are encountered, GnuTLS would report successful verification of the certificate, even though verification should end with failure. A specially-crafted certificate can be accepted by GnuTLS as valid even if it wasn't issued by any trusted Certificate Authority. This can be used to perform man-in-the-middle attacks against applications using GnuTLS.
This has been all over the Internet the last week or so.
Selena Larson of Readwrite.com writes:
A variety of Linux distributions are vulnerable to hacks because of a bug that allows people to bypass security protocols to intercept and disseminate encrypted information. A member of the Red Hat security team discovered a bug in the GnuTLS library that allows hackers to easily circumvent the Transport Layer Security (TLS) and secure sockets layer (SSL).
The vulnerability affects the certificate verification, meaning secure connections that are supposedly going through as secure, are not. Someone could compromise a secure connection by using a “man-in-the-middle” attack, acting as the server to intercept traffic, financial transactions or secure information.
Current time in UTC
Categories
Counter
There are 865 entries in this blog.
There are 294 images in the filesystem, 187 of which appear in actual posts.
Syntax highlighting
I am using Highlight.js for syntax highlighting.
Social updates
As I say at the top of this site, my social-style entries are posted to a separate Ode blog instance at updates.passthejoe.net. The Ruby script I use to do this is pretty ugly, but I released it on Github anyway. I started working on a version that is much more class-based (as in object-oriented), but that project stalled out a bit. I'm considering bringing this concept to Android, or doing it in Java with a JavaFX GUI, or doing it in Node.js for JavaScript practice.
Archive
The archive is not up to date due to the 2020 hosting migration. I plan to work on it.
Hello, world — this is my website
No databases were harmed in the making of this blog
You're seeing this blog, powered by Ode, through the magic of the Perl programming language and the Common Gateway Interface. Also involved: the Apache web server and Linux operating system.
Ode does not use a database to store content. Instead, every entry exists on the web server as a "flat" text file.
Comments are managed via Disqus, integrated through the work of Ode project leader Rob Reed.
Counter and categories: Thanks to Rob Reed for his help on the Counter addin, which provides the post-count and category features seen above. The show/hide feature is coded with inline JavaScript.
E-mail: stevenhrosenberg@gmail.com.
Who am I
and why am I here?
My name is Steven Rosenberg. Journalist. Programmer. Husband. Father. Fixer of the broken.
License
CC BY-NC-SA
Frugal technology, simple living and guerrilla large-appliance repair by Steven Rosenberg is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Archives
By year and month
Links
My sites
- RSS of this blog
- Microblog of short posts
- Steven Rosenberg (WordPress)
- Click
- Come on Feel the Nuys
- Steven Rosenberg on Twitter
Ode sites
I support the open web
Powered by
