today's howtos
-
Producing HTML using string templates has always been the wrong solution
There have been attempts to overcome these shortcomings of string templating systems via adding features like autoescaping. However, these features have the shortcoming that often the kind of escaping needed is context-dependent. For example, the escaping required in an HTML attribute value is different from the escaping required in an HTML element body, which is in itself different from the escaping required for a query string parameter value inside an URL inside an HTML attribute value. Thus, all autoescaping systems are forced to choose between two possible approaches: [...]
-
Passwords in deployment or development scripts?
Before laying out my question, let me put it into context. It seems that lately attackers are more successful by targeting administrators or developers than attacking the actual deployments and servers. Meanwhile some attacks social engineer employees into credential theft or reset, other attacks go after operational credentials that are used in semi-automated operations or development scripts.
To be clear, I don't want to focus on the issue of secure online credential management (I hope we all use some form of password manager), or the security of online authentication protocols (even OAuth seems to be lacking), or the security of MFAs, not even the security of cloud API keys that are actively used by unattended running services (if the attacker has compromised the actual server he most likely already has access to all the sensitive data he wants).
What I want to focus on is those credentials that are used mainly for semi-automated operational or development scripts. Like for example AWS secret keys used to deploy or to gain access to the underlying buckets or backups; or passwords used to access the SQL database for maintenance; or other such secrets that are used outside the browser or specialized applications like SSH.
Also, let's assume we are speaking in the context of a small company with at most 10 employees. Large companies probably have 10 people on the security team tasked only with this topic, thus perhaps this problem is solved in more complex ways.
-
Installing Slackware Linux from SSH
Using a french keyboard, it can be complicated having to type in US layout through the VNC connections of Cloud VM providers or a virtualisation software console.
Here’re a couple of shell commands that permit installing Slackware Linux using the SSH daemon that ships on the installer image.
-
Recover from an unsuccessful git rebase with the git reflog command
The git rebase command allows you to adjust the history of your Git repository. It's a useful feature, but of course, mistakes can be made. As is usually the case with Git, you can repair your error and restore your repository to a former state. To recover from an unsuccessful rebase, use the git reflog command.
-
How to use the open source MQTT plug-in in JMeter
In a previous article, I described how JMeter has built-in support for HTTP, HTTPS, TCP, and other common protocols and has a plug-in extension mechanism.
Through plug-ins, you can support much more than just what's built-in, including MQTT.
MQTT is a mainstream protocol in the IoT world. Although it is not a protocol type that comes with JMeter, it is extremely common in IoT testing scenarios. In order to support the load testing of the MQTT protocol, EMQ developed a JMeter-based open source testing plug-in for the MQTT protocol.
This article introduces how to use the MQTT plug-in in JMeter.
-
How to quickly send a text from Ubuntu to Android using a three-line Bash script
Transferring text from Ubuntu to Android using a Bash script is a powerful and efficient way to automate the process of transferring text between devices. Bash scripts are a powerful tool that can be used to automate repetitive tasks, and can be used to create simple and complex programs.
-
5 tips for using oc to work faster in Kubernetes | Enable Sysadmin
Swap the kubectl command for OpenShift's oc tool to speed up daily tasks and testing in Kubernetes.
-
How to prevent computer overload with remote kind clusters | Red Hat Developer
Is your computer is getting tired from running multiple kind clusters? Learn how to run remote clusters as if they were local.
-
How to Install NVIDIA Drivers on Rocky Linux EL9 or EL8 - LinuxCapable
Nvidia graphics drivers allow Linux users to enjoy an unparalleled experience running graphical applications and games on their systems. For instance, they provide a stable environment for Nvidia GPUs and keep up with the necessary changes by including support for the newest releases of OpenGL and CUDA. To ensure Linux users can take full advantage of what’s available, this guide walks you through installing such drivers on Rocky Linux 9 or Rocky Linux 8. Whether you’re a gamer who needs better frame rates or a professional designer who relies on computing power, having up-to-date Nvidia drivers will always give you the best experience.
-
How to Install Linux Kernel Headers on Rocky Linux EL9 or EL8 - LinuxCapable
If you’re working on a Rocky Linux system, you may need to install missing Linux kernel headers to build and install specific software. This guide demonstrates installing the missing kernel headers on Rocky Linux 9 and Rocky Linux 8 distributions.
-
Check Historical and Statistical Uptime of Linux
As a system administrator, you may want to look for various information on your workstation or server system, such as how long the system has been running.
This way, you can keep track of the system resources and optimize based on your usage. Unfortunately, the uptime command used to get this information only returns information for the current session.
Surprisingly, you have an external tuptime command-line tool that can offer you historical and statistical uptime information for your Linux system.