Some stuff (30/08/2006)

I enjoyed reading this article on how an XSS attack works. I’ve always just done the alert(“Game over!”) XSS which isn’t really an attack at all, just a proof that there’s a possibility for an attack. That trusted computing is bad for consumers is something I’ve known for a while, but apparently TC is bad …

Continue reading ‘Some stuff (30/08/2006)’ »



Erik, it just works for me. I have LUKS on a partition on a USB stick. When inserted I get a dialogue box asking for the LUKS password. I had to configure hal a little to give the desktop icon a good name: <device> <match key=”volume.uuid” string=”d23647f8-22be-4a8c-86f8-8f59975e9e61″> <merge key=”volume.label” type=”string”>StickSecret</merge> </match> </device>


Rolling your own authentication in Django

For various reasons I wanted to see just what was required to roll my own basic authentication using Django. I am aware there’s a built-in authentication module, django.contrib.auth, but it’s overkill for my ultimate goal and it depends on the session module in ways that only further study can reveal. I heard rumours that the …

Continue reading ‘Rolling your own authentication in Django’ »


Recent comments on terrorism…

It seems we are all taking part in helping the terrorists achieve their goal. Bruce Schneier’s saying it, here’s a post from a while back saying the same thing. At the same time politicians seem to be involved in more security theatre (look here for an explanation of security theatre). The police is busy showing …

Continue reading ‘Recent comments on terrorism…’ »


Funny stuff (24/08/2006)

Luckily for Dr. Evil he asked for sharks, the poor US Navy will soon be carrying out test on “frickin’ goldfish with frickin’ lasers attached to their frickin’ heads”. This site contains quite a few facts about Chuck Norris. Here are some facts about our crypto-hero Bruce Schneier. (The last site also has a very …

Continue reading ‘Funny stuff (24/08/2006)’ »


Django on Debian

Brett Parker’s been packaging django for Debian and making it available to the world. The latest update was just 2 weeks ago. Unfortunately the packages seem to have been made before the very recent move to Python 2.4 in Debian Sid, so they aren’t installable without downgrading