book and code

Tag Archives

6 Articles

DEF CON 29 Takeaways (and missing out on a CVE)

by Jamey 0 Comments
DEF CON 29 Takeaways (and missing out on a CVE)

I started attending DEF CON in Las Vegas a few years ago in 2018, so I guess I could be considered a newb in the eyes of The Con, but because I work in the field of cybersecurity, my work would reimburse all expenses, so it was a sweet deal. I instantly fell in love with everything there, and I met some new friends, who I would later discover to be brothers. I was inducted into The Illuminati Party at DEF CON 26, and upon entering the IP Suite the next year at DEF CON 27, when I was met by the big booming voice of, “Welcome Home,” it truly did feel like home.

Last year, because of the pandemic, DEF CON was actually cancelled, and instead we had the first ever DEF CON Safe Mode, which took place entirely online. I missed being around all my hacker friends in person, but it was still a great year. This year, DEF CON 29 was a hybrid of both on-prem and online events, so it was a bit scattered. My workplace is still on a business travel lockdown, and I wasn’t going to make things difficult, so I opted to stay at home and enjoy the virtual side of things, and The Illuminati Party did the same — conducting all of their private talks and events on a private Discord server.

In this post, I will go over some of the high points (and bittersweet points) of DC29.

7 views

Adding a Lock Screen to Signal Desktop

by Jamey 0 Comments
Adding a Lock Screen to Signal Desktop

In this post, I will describe improvement steps that I have tried to make by contributing to the open source Signal Desktop project on GitHub, as well as creating my own application patch for Linux and MacOS.

I have recently been in full CON mode for DEF CON 28 SAFE MODE, which just ended yesterday. This year, all of the festivities took place on Discord and Twitch, and they pulled it off perfectly without a hitch. However, many of us reminisced about years past and the fun had in Las Vegas, which was the only thing missing this year. One of the upsides of this was not having to worry about your laptop or phone traffic being sniffed or getting hacked, as in years past, every precaution was taken — from bringing clean laptops with fresh and disposable Kali installations, to bringing burner phones — and all important communication between friends took place on Signal — the go-to app for private comms.

49 views

Optimizing Python Code Using Cython: A Beginner’s Introduction

by Jamey 0 Comments
Optimizing Python Code Using Cython: A Beginner’s Introduction

There are much better resources than this blog that will lead you down the rabbit hole of Cythonizing your Python code, but this is just a very easy introduction, outlining my own personal experiments as a Cython beginner, myself. In this tutorial, we will use my dictionary creation tool, brutalist, as a really bad example of how to Cythonize some Python code.

10 views

HSTS – The Missing Summary

by Jamey 0 Comments
HSTS – The Missing Summary

HSTS (HTTP Strict Transport Security) is a feature supported by all major browsers, and it’s a method for websites to declare that they should ONLY be accessed securely over HTTPS and never over an unencrypted HTTP connection. If a site has an HSTS policy, browsers will refuse all insecure connections to that site AND prevent users from accepting insecure SSL certificates. This, however, can come with certain risks to availability if not implemented correctly, as you will read later…

18 views

HTTP/2 – The Missing Summary

by Jamey 0 Comments
HTTP/2 – The Missing Summary

We know our browsers support it, and we know AWS, Akamai, and other big players support it within their infrastructure already…but do your applications and/or on-prem infrastructure have what it takes to leverage the awesomeness that is HTTP/2?

Think about it. We went from HTTP/0.9, to HTTP/1.0, to HTTP/1.1…to a full version upgrade of HTTP/2. That alone should tell you that there are some very interesting features lurking underneath the hood. This is the missing in-depth summary that you have been missing while being overloaded with too much information reading official specs and getting lost in sensory-overload-causing diagrams. Welcome to HTTP/2 – the missing summary.

10 views