http://golangnews.com Jobs, Code, Videos and News for Go hackers - everything about the go programming language Sat, 02 Sep 2017 10:26:00 +0000 <div class="Tweet-header u-cf"><div class="TweetAuthor " data-scribe="component:author"> <p><span class="TweetAuthor-avatar Identity-avatar"><span class="TweetAuthor-name Identity-name customisable-highlight" title="Filippo Valsorda" data-scribe="element:name">by <font><a class="TweetAuthor-link Identity u-linkBlend" data-scribe="element:user_link" href="https://twitter.com/FiloSottile" aria-label="Filippo Valsorda (screen name: FiloSottile)" style="color: rgb(59, 148, 217); outline: 0px; line-height: 1.2; display: inline-block;">Filippo Valsorda</a></font>&nbsp; </font><span class="TweetAuthor-verifiedBadge" data-scribe="element:verified_badge"><span class="TweetAuthor-screenName Identity-screenName" title="@FiloSottile" data-scribe="element:screen_name" dir="ltr"><a class="TweetAuthor-link Identity u-linkBlend" data-scribe="element:user_link" href="https://twitter.com/FiloSottile" aria-label="Filippo Valsorda (screen name: FiloSottile)" style="font-size: 15.6px; color: rgb(59, 148, 217); outline: 0px; line-height: 1.2; display: inline-block;">@FiloSottile</a>&nbsp;on twitter</p></div></div><div class="Tweet-body e-entry-content" data-scribe="component:tweet"></div> <p>I had a quick look at the AES256-Poly1305-AES encryption scheme and code of "restic" before using it for my backups. </p> 8 points posted by kenny https://blog.filippo.io/restic-cryptography 2598 Thu, 31 Aug 2017 09:20:00 +0000 <p>To scratch this itch I decided to make my own captive portal browser based on Chrome, such that it can be secure and configured as I please.</p> <p>The main challenge is reaching the DHCP-provided captive portal DNS resolver without changing system settings. Chrome lacks the ability to configure DNS upstreams, but <a href="https://www.chromium.org/developers/design-documents/network-stack/socks-proxy" style="background-image: initial; background-position: initial; background-size: initial; background-repeat: initial; background-attachment: initial; background-origin: initial; background-clip: initial; color: rgb(74, 74, 74); transition: color 0.3s ease;">supports SOCKS5</a>&nbsp;which proxies name resolution.</p><div><br></div> 6 points posted by kenny https://blog.filippo.io/captive-browser 2691 Sat, 23 Sep 2017 08:26:00 +0000 6 points posted by kenny https://blog.filippo.io/reproducing-go-binaries-byte-by-byte 2119 Mon, 24 Apr 2017 07:31:00 +0000 tl;dr: with Go 1.5 you can build .so objects and import them as Python modules, running Go code (instead of C) directly from Python. Here's the code. 5 points posted by lolly https://blog.filippo.io/building-python-modules-with-go-1-5 1702 Fri, 10 Feb 2017 10:11:00 +0000 4 points posted by lolly https://blog.filippo.io/a-literate-go-implementation-of-poly1305 3890 Wed, 03 Apr 2019 07:04:00 +0000 4 points posted by lolly https://blog.filippo.io/playing-with-kernel-tls-in-linux-4-13-and-go 2632 Wed, 06 Sep 2017 20:19:00 +0000 Ticketbleed (CVE-2016-9244) is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, as in Heartbleed. If you suspect you might be affected by this vulnerability, you can find details and mitigation instructions at https://ticketbleed.com (including an online test) or in the F5 K05121675 article. 4 points posted by kenny https://blog.filippo.io/finding-ticketbleed 1711 Fri, 10 Feb 2017 16:36:00 +0000