‘an interesting approach to a common problem, that of securely passing secrets around an infrastructure. It uses GPG signed files under the hood and nicely integrates with both version control systems and S3.’ I like this as an approach to securely distributing secrets across a stack of services during deployment. Check in the file of keys, gpg keygen on the server, and add it to the keyfile’s ACL during deployment. To simplify, shared or pre-generated GPG keys could also be used. (via the Devops Weekly newsletter)
(tags: gpg encryption crypto secrets key-distribution pki devops deployment)
java – Why not use Double or Float to represent currency?
A good canonical URL for this piece of coding guidance.
For example, suppose you have $1.03 and you spend 42c. How much money do you have left? System.out.println(1.03 – .42); => prints out 0.6100000000000001.
(tags: coding tips floating-point float java money currency bugs)
“I’m Sorry for what I said when I was Hungry” tee-shirt
I can relate to this
(tags: tee-shirts apparel etsy hangry)
‘One case involved Julian Assange’s current home at the Ecuadorian Embassy in London, where visitors were surprised to receive welcome messages from a Ugandan telephone company. It turned out the messages were coming from a foreign base station device installed on the roof, masquerading as a cell tower for surveillance purposes. Appelbaum suspects the GCHQ simply forgot to reformat the device from an earlier Ugandan operation.’via T.J. McIntyre.
(tags: surveillance nsa privacy imsi-catchers gchq london uganda mobile-phones julian-assange ecuador embassies)
The Spyware That Enables Mobile-Phone Snooping – Bloomberg
More background on IMSI catchers — looking likely to have been the “government-level technology” used to snoop on the Garda Ombudsman’s offices, particularly given the ‘detection of an unexpected UK 3G network near the GSOC offices’:
The technology involved is called cellular interception. The active variety of this, the “IMSI catcher,” is a portable device that masquerades as a mobile phone tower. Any phone within range (a mile for a low-grade IMSI catcher; as much as 100 miles for a passive interception device with a very large antenna, such as those used in India) automatically checks to see if the device is a tower operated by its carrier, and the false “tower” indicates that it is. It then logs the phone’s International Mobile Subscriber Identity number — and begins listening in on its calls, texts and data communications. No assistance from any wireless carrier is needed; the phone has been tricked. […] “network extender” devices — personal mobile-phone towers — sold by the carriers themselves, often called femtocells, can be turned into IMSI catchers.Via T.J. McIntyre
(tags: via:tjmcintyre imsi-catchers surveillance privacy gsocgate mobile-phones spying imsi)