#!/bin/sh | |
prog_name=${0##*/} | |
version=1.0 | |
version_text="Boilerplate for new scripts v$version" | |
options="h o: q v V" | |
help_text="Usage: $prog_name [-o <text>] [-hqvV] [<file>]... | |
Boilerplate for new scripts |
Exploitable vulnerabilities in client-side software update mechanisms that could have been mitigated by secure transport (TLS).
Contributions welcome. All text taken from the vulnerability descriptions themselves, with additional emphasis mine.
- I consider exploitation or privilege escalation of the package tool/system itself (that would have been mitigated by secure transport) to be in scope.
- Issues only described as being triggered by malicious mirrors are assumed to also be vulnerable to MITM.
- Failure to verify the software update at all is currently provisionally in scope if it could have been mitigated by secure transport, but I'm waffling about it. Most of these are actual signature verification failures, and my original purpose was to highlight cases where claims of "It's OK to be HTTP because verification!" seem to me to be specious.
- Software components regularly used to verify integrity in other software pipelines a
Dear Sir/Madam: | |
I am writing to you in your capacity as data protection officer for your | |
company. In light of recent spam received on this email address, | |
I am making this request for access to personal data | |
pursuant to Article 15 of the General Data Protection Regulation. | |
I am concerned that your company’s information practices may be putting my | |
personal information at undue risk of exposure or in fact has breached its | |
obligation to safeguard my personal information. |
This concept is very much like .jar
or .war
archives in Java.
NOTE: The built
.pyz
zipapp can run on both Python 2 & 3 but you can only build.pyz
zipapps with Python 3.5 or later.
This is a quick tldr; there are many other situations and options you could consider. | |
FIO man page | |
IOP/s = Input or Output operations per second | |
Throughput = How many MB/s can you read/write continuously | |
Variables worth tuning based on your situation: | |
--iodepth | |
The iodepth is very dependant on your hardware. |
-
namespaces - overview of Linux namespaces http://man7.org/linux/man-pages/man7/namespaces.7.html
-
mount_namespaces - overview of Linux mount namespaces
A curated list of AWS resources to prepare for the AWS Certifications
A curated list of awesome AWS resources you need to prepare for the all 5 AWS Certifications. This gist will include: open source repos, blogs & blogposts, ebooks, PDF, whitepapers, video courses, free lecture, slides, sample test and many other resources.
#!/bin/sh | |
[ $# -lt 1 ] && echo "usage: $0 <path>" && exit 1 | |
bpath=$1 | |
# you might want to change these to suit your setup | |
bs=32k | |
count=30000 |