biringa.comBaringa an award winning international management

Blog Projects About CV Privacy » Blog Contact information Email etienne at perot dot me Public key : 974E E250 Project repositories GitHub Bitbucket Find me on LinkedIn Infinifactory: The Big Blowout By <etienne (at) perot (dot) me> on 2017-12-14 . This is an image-heavy post. I love Zachtronics . One of their games is Infinifactory ( Trailer ), a 3D puzzle game where you assemble blocks to form a certain product. One of the later levels of the game is called "The Big Blowout" (Resistance Campaign → The Heist → The Big Blowout) in which you assemble a bomb-like device that looks like a hollow cube. It's quite difficult to assemble. I had stopped playing the game a while ago, but someone in my Steam friend list recently asked to see my solution for this puzzle, so I recorded some GIFs using the game's built-in GIF recording feature. This made me re-discover the solution and I thought it was pretty cool so I'm posting it as a blog post. Solution stats: 327 cycles, 309 footprint, 386 blocks. This is not the best. Here's someone smarter than me doing it in 276 cycles . (Read more...) | No comments The web doesn't need HTTPS everywhere, but it does need HTTPS Everywhere By <etienne (at) perot (dot) me> on 2013-06-30 . Mozilla has recently announced that Firefox will block mixed "active" content by default in Firefox 23 , after Chromium and even Internet Explorer implemented similar measures. "Mixed content" refers to content being served over HTTP (i.e. plaintext) from within an HTTPS (i.e. HTTP-over- TLS ) webpage. "Active" content refers to content which can modify the DOM of a webpage, i.e. any resource which, once loaded, modifies the way the page it is included in is rendered. Blocking mixed content is an attempt to solve multiple problems: Web developers implementing HTTPS incorrectly or half-assedly. Avoiding non-HTTPS-only cookies , referer headers , user-agent , and other sensitive data from leaking more than they need to. Encouraging HTTPS to be more widespread – certainly a good thing despite HTTPS's shortcomings. The purpose of this post is to explain why browsers are moving in this direction, why it is a good thing, and why HTTPS Everywhere goes further in that direction. (Read more...) | 3 comments Is Ubuntu still a Linux distribution*? By <etienne (at) perot (dot) me> on 2013-03-07 . With the recent announcement that Ubuntu would be switching to Canonical's new Mir display server , Ubuntu is increasingly distancing itself from other Linux distributions on various levels. In order to approach the subject, we first need to define what a Linux distribution really is. Most people agree that Android is not a Linux distribution. Sure, it may run the Linux kernel, but that is only secondary to the overall Android system. Most of its applications run in a Java virtual machine, and the system does a lot of things differently than most Linux distributions do (e.g. its graphics stack, input management, power management, software management, etc.). Most of these subsystems have drifted far apart from most Linux distributions, as a result of Android being targeted at mobile devices (low-power, touch-centric, etc). There is nothing inherently wrong with this approach, but it means that said subsystems cannot easily be incorporated back into regular Linux distributions, for various reasons. Some systems may not make sense in a non-Android environment (e.g. the Google Play Store), some of them make assumptions that a general-purpose distribution cannot ("there will be a touch screen"), some of them depend on other Android-specific code, etc. However, those systems can be used (and are being used) in Android distributions such as CyanogenMod or ParanoidAndroid . Therefore, divergence of core software creates a new ecosystem , rather than contributing to the one it originated from . This distinction is important in order to give credence to the following definition of "Linux distribution": *A Linux distribution is an operating system along with a set of software contributions which benefit the overall Linux software ecosystem. By this definition, does Ubuntu still qualify as a Linux distribution? Let's find out. (Read more...) | 8 comments MAC spoofing: What, why, how, and something about coffee By <etienne (at) perot (dot) me> on 2013-01-22 . MAC addresses are a unique identifier associated to every network interface, wired or wireless. They are used to identify devices on a physical network. Usually, a network interface comes with a fixed MAC address called the burned-in address . This address cannot be changed, as it is stored in the interface's hardware itself. Because of their fixed nature, they make it pretty easy to use for tracking purposes. This has some some pretty useful applications, such as being used as the matching criterion for a DHCP server to give a static IP address to a given device, or in order to target a "dormant" interface as required for Wake-on-LAN . MAC spoofing is the technique to effectively change the MAC address that your network interface appears to have. It doesn't change the burned-in address, it merely changes what other devices think your interface's MAC address is. It can be used for some legitimate and not-always-legitimate purposes: Appearing as a legitimate device on a network which employs MAC address whitelisting (useful when your last network interface dies, and for certain types of network attacks ) Avoiding tracking: Different MAC addresses means no device on the network can tell if it has already seen this device on this network before, or on another network. For example, Starbucks may wish to maintain a list of all MAC addresses accessing their WiFi access points and use this information to figure out someone's movements or simply to identify who their best customer is (or at least which one is that guy always hogging all the bandwidth). Think they would never do that? Think again . Appearing as a different device to a network you've previously been on. (Hey, remember those "time-limited" free WiFi access points at the airport?) Avoiding profiling: The first three bytes of the MAC address identify the manufacturer of the device. Thus, the burned-in address gives away which company made the chip. Sometimes that's not important, but perhaps a hardware exploit exists in all network interfaces manufactured by $MANUFACTURER, thus changing your MAC address gives you a bit of security by obscurity. Or, more mundanely, perhaps you don't want a thief to be able to see that you have a shiny, new, and very expensive iThingy at your house simply by standing outside and looking all the MAC addresses broadcasted by all your WiFi devices. Bypassing futile roadblocks , and unjustly getting prosecuted to death over it. Wireless access points use MAC spoofing in order to provide multiple wireless networks with a single wireless interface. Recent routers often have this "guest network" feature which, when turned on, makes your router show up twice in the list of available access points: The regular network, and the guest network. This is a good thing, as it gives you some network-level isolation between machines. This way, even if your guests don't practice healthy security practices on their computing devices, at least they won't spread any nasty stuff through your LAN. Interestingly, while MAC addresses have thus far been limited in terms of tracking potential due to being confined to one's local network, this is about to change with IPv6 . One of IPv6's addressing models, stateless address autoconfiguration , allows a device to acquire an address for itself by taking the 64-bit prefix of the network it is on, and using the 48-bit MAC address of its network interface to determine the value of the remaining 64 bits. The consequence of this scheme is that any website you connect to can figure out your MAC address from nothing but your IPv6 address. (More on that later.) As you can see, there are many reas...