Hackerific

last update:

I’ve been using MyFitnessPal (MFP) to log exercise and food for a couple of weeks (before that I tried SparkPeople but the app was buggy and the food database wasn’t great), and I really like knowing exactly how many more calories I can eat, as well as keep track of exercise and weight. Now, it’s great to be able to log stuff using an app with a barcode scanner, and then view stats and info online, but I don’t like the idea of my data all being locked away and belonging to someone else, and what it I want to use a different service?

April Tunes

The last few weeks have seen a lot of exceptional new releases. Hardly a day goes by when Apple Music’s New page doesn’t have some juicy metal to digest. We’ve seen albums from Haken, Deftones, Desaster, Cult of Luna & Julie Christmas and Painted Wives. Some of these are excellent albums, but for this post I want to step slightly outside the world of mainstream metal and focus on some slightly difference releases.

There’s no doubt in my mind that journalling is a really useful thing to do, both for personal logging and keeping track of progress and decisions at work. I’ve spent a bit of time experimenting, and I’ve tried various logging and journalling apps, including Quiver, Ulysses, rolling my own using vim and one of the most popular Mac Journalling apps, Day One. All of these have pros and cons, and for various reasons I can never settle into sticking to just one methodology, so I’m currently using Day One for personal logging, helped along by Slogger (mentioned previously in my post on Mac Dev Tools).

Here’s a script which prints a sorted list of the files in a git repository, but sorted by when their last commit occurred, rather than the standard modification, creation or access times you’d see from ls. This will form the bases of another script in future, which will give me a list of files that haven’t been updated in git for a certain amount of time, but I think this might be useful as-is to some people.

Launchbar actions for browsing Pinboard are pretty much covered, but I couldn't find any actions to save them in the way I want, so set about writing my own. This post covers my mini AppleScript adventure using Launchbar 6's cool Action Editor.

My reading list

This isn’t strictly a reading list, because it’s about books I’ve already read, but it’s a list of reading! As part of my effort to more regularly blog this year I’ve found myself straying from purely techy topics into the realms of the more personal, and as part of that I’ve been covering one of my most favourite things in the world. Music. This was originally a back-burner topic, but then when I wrote my 2015 Roundup I enjoyed it, so I’ve decided to make it regular.

In February 2015 I discovered a cross-site scripting vulnerability in Ubiquiti’s EdgeRouter Administrative interface. These are powerful and cheap devices which are also pretty fun to use and configure, so I’d definitely recommend them even though I found this issue. After a couple of false-starts and emails getting lost I was invited to submit details of the vulnerability via HackerOne, and they fairly quickly decided to pay me a $500 US bounty.

Music in March

February was a quiet month in music, so I decided to skip it and bundle it with March, which has been much more noisy. This post has a few new releases from the last couple of months, and I’ve tried to include links to youtube videos and Apple Music where I can. This post contains some high quality metal, so read on for the details, and feel free to feed me suggestions!

Every now and then I run port scans of the VPS running this site to check there’s nothing untoward and that I can see everything I expect to see. Recently, one thing that gave me pause was the fact that when I do this from home there are extra open ports in nmap’s output. After convincing myself that my server hadn’t actually been owned, I decided to look into it. This post shows how I used nmap to to that.

fscking CentOS 7!

At work, we’ve recently had problems with one of our SANS, and as a result we ended up with some filesystem corruption and a little data loss. As part of our clean-up effort, we rebooted and checked each server, mainly by running the classic shutdown -F -r now, to force a reboot and fsck. On systems where there’s little or no damage, this does exactly what you’d expect, and you end up with the system coming back up happy, but on some CentOS 7 systems where there was corruption this is where the fun began.