• The Author – Bart Busschots

  

  • About
  • On Flickr
  • On YouTube
  • On Mastodon
  • On Twitter

  
  

  

  

  

  

  

• Site Search

  
  

• Site Map

  • About Bart
  • Blog
    • My Development Toolkit
    • Programming by Stealth
    • Taming the Terminal
    • Photo of the Week
    • Observer’s Log
  • Photography
  • Publications
    • Podcasts
    • Presentations
    • Software
      • HSXKPasswd – A Secure Memorable Password Generator

• Blog Categories

  • 42 (Life the Universe & Everything)
  • Computers & Tech
    • Automation
    • Security
    • Software Development
    • System Administration
  • Cooking & Food
  • History & Geography
  • My Projects
  • Photography
  • Polemics & Politics
  • Science & Astronomy

• Featured Tags

  • presentation
  • review
  • software release
  • tutorial

• Creative Commons

  Unless otherwise stated, the content on this site is licensed under Creative Commons Attribution, Noncommercial, No Derivative Works 3.0 License

  

Back in 2011 I wrote a blog post explaining how to create an OS X Service for stripping keywords from image files. In this post we’ll use the same technique to create a Service for stripping geotags from JPEG images.

As with the keyword stripping service, there are two prerequisites for this action, one is required, one is optional. You absolutely MUST have install EXIFTool installed, and it would be good if you also had Growl installed, but it’s not essential.

Read more

Tagged with: tutorial • software release • Services • Automator • scripting • OS X

This is a minor bug-fix update for XKpasswd (my Perl random password generation module). It squashes two minor bugs which came to light while updating www.xkpasswd.net to use version 2 of the module.

1. When the custom_separator option was left blank, no separator was used, rather than the expected random separator.
2. When the custom_separator option was left blank or set to RANDOM, and the pad_char option to SEPARATOR, the results were un-expected, different random character was used for each, rather than the same random character.

For documentation and detailed release notes on version 2 of the module, see the release notes for version 2.0.

Tagged with: software release • HSXKPasswd • Perl

A few weeks ago on the Chit Chat Across the Pond segment of the Nosillacast, I mentioned that I had an OS X service set up to generate a random password using my XKpasswd Perl module and copy it to the clipboard. Listeners enquired as to how they would go about doing that, so as promised, here’s a quick tutorial.

Obviously this tutorial is for Mac OS X users only, because OS-wide Services and Automator are OS X features. The screenshots are taken on 10.8 Mountain Lion, but this same technique definitely also works on OSX 10.7 Lion, and probably even on 10.6 Snow Leopard. This tutorial also assumes that you have downloaded the XKpasswd module, and saved it somewhere on your computer, along with either the sample dictionary file included with the module or one of your own making, and that you know where on your computer those files have been saved. In other words, you need to have XKpasswd.pm and a text file with one word per line somewhere on your hard drive. In my sample code I’m going to assume you’ve installed the Perl module to the suggested location, /usr/local/xkpasswd/XKpasswd.pm, and that you have customised the sample dictionary a little (more secure that way), and saved it to /usr/local/xkpasswd/dict.txt.

Read more

Tagged with: HSXKPasswd • Automator • Perl • OS X • tutorial

I spent the weekend majorly re-factoring XKpasswd.pm, my Perl random password generation library. V0.1 was the last thing I wrote before reading Perl Best Practices, and looking back on that code really illustrated the value of that book when used in combination with the perlcritic code analyser.

The new version of the module provides all the functionality the old one did, and more. The refactoring has made the module simpler to use from within scripts, as well as easier to modify and extend. Some new features have also been added, including the ability to use the www.random.org web service as the source of randomness for the library. A full list of bug fixes and new features is included below.

I had hoped to distribute this version as both a ZIP file and a .PKG file, but XCode 4.4 is not being cooperative on the new Mountain Lion, so that will probably have to wait until version 0.3.

Update – 6 August 2012: The link below has been updated to point to version 0.2.1 of the code. Details of the bugs fixed in the release notes.

Read more

Tagged with: open source • software release • HSXKPasswd • Perl

Update – 13 April 2012: Apple have released another update to Java (via software update) which automatically disables Java in Safari, and removes Flashback if it has infected your system. Please use Apple’s update rather than relying on this script!

Update – 10 April 2012: I have edited the script to run the additional commands recommended by TidBITS. The Download button will now return version 0.2 of the script.

It’s finally happened, there has been a serious malware outbreak on the Mac. Over half a million Macs have been infected with the latest variants of the Flashback malware. Earlier versions of this malware relied on tricking users into running an installer, or approving a request for permission to execute, but that has all changed now. The malware moved from being a simple trojan that relied on tricking people into running it, to a fully automated attack requiring no user interaction. The reason for this transformation is that the malware started to use flaws in Java, first, old vulnerabilities that were patched ages ago, so only affecting people who don’t keep their computers up to date, but this week, attacking flaws that Apple had, at the time, not yet patched. This means that for a few days, even the most diligent Mac users could have been hit.

This infection has no noticeable symptoms, and did not require you do do anything “stupid” to get infected. Any Mac user, not matter how careful, could have been infected. So, you need to check to be sure you are not one of the half million plus victims! Read more

Tagged with: software release • malware • trojan • scripting • OS X

Steve Gibson really set the cat among the pigeons with his Password Haystacks site a few months ago, and XKCD’s ‘Correct Horse Battery Staple’ web comic brought that message home to many many nerds and geeks. The basic idea is that you’re better off making your passwords long and memorable than short and complex. In the simplified XKCD example the password is simply made up of 4 common words, but Steve Gibson suggests you should add some padding around those words to make the passwords much harder to guess.

This is a lovely theory, but I’m not imaginative, and I need to invent a lot of passwords every week, so I wrote a Perl module to do it for me, and called it xkpasswd.pm. The first thing I’m announcing today is that I’ve made this library available for free for both personal and commercial use (under the FreeBSD license), you can download it from www.bartb.ie/xkpasswd.

It’s great to have a library for nerds to play with, but what about everyone else? Well, that’s where my second announcement comes in, I’ve also created www.xkpasswd.net, a simple web front-end to the xkpasswd.pm module.

www.xkpasswd.net

In case anyone is wondering where the name comes from? It’s a mashing together of XKCD, and passwd, the Linux/Unix command for changing passwords. Because I used to use Solaris, and hence the yppasswd command, I liked the idea of keeping the prefix to just two letters, hence xkpasswd, rather than xkcdpasswd.

For any programmers interested in using the Perl module, it has no prerequisites other than base Perl, and all you need to get started is the module and a dictionary file to point it at. The download package contains the module, a sample dictionary, and a sample Perl script which invokes the module.

In the future I also plan to release a JavaScript-only version if the library so that others can embed xkpasswd-based password generators in their own sites without needing Perl CGI support on their servers. I’m also experimenting with creating an OS X Service to allow people to easily generate xkpasswd passwords from anywhere within OS X, and perhaps even a native OS X Application. So stay tuned!

Tagged with: web site • HSXKPasswd • Perl

Following on from my post yesterday with three examples of using Automator to create Services, and some good suggestions in the comments, I spent some time this afternoon making the script in the third of those examples a little more efficient, and a lot more robust.

The Service I optimised was the one to strip keywords from image files. This Service assumes that both Growl and EXIFTool are installed, and that you’re running OS X 10.6 Snow Leopard or later.

Read more

Tagged with: software release • tutorial • EXIFTool • Image Processing • Automator • scripting • Perl • OS X • Apple

Update (18 June 2012) – A more up-to-date version of these scripts can now be found here.

My Myers Briggs personality profile insists that I “prefer economy of effort”, you can probably translate that to “is a lazy sod”. Because of this I like automating repetitive tasks. It all started when I wanted a quick and easy way to prepare my images for posting to my website. I wanted them resized with my URL and the Creative Commons icon added in, and I wanted to be able to process a whole directory of images in one go. I started by playing around with the GD libs in PHP, but soon realised it would be quicker and easier to use Perl to shell out to the command line tools from Image Magick. At the time I wrote a post on my choice to do this which also contained the initial code. That code has been expanded and evolved since, and now includes functions for rendering nice (in my opinion) borders and titles on my better images. If you want to see examples checkout the Photo of the Week category on this blog..

[tags]Perl, Image Magick, script, programming, image processing[/tags]

Read more

Tagged with: Perl • WebifyIMG • tutorial • software release • open source • Image Processing • scripting

It’s funny how one thing will often lead to another. It’s not long since I joined the production team of the International Mac Podcast, and now I’ve been invited to join the pool of panellists for the Mac Round Table Podcast. The MRT is a very interesting idea. They have a large pool of Mac Podcasters and each week they host a round-table discussion with three to five members from this pool on some Mac related topic. Because it’s a big pool there’s a great variety of voices on the show and no two weeks are the same. If you’re tying to figure out which Mac podcasts to subscribe to, the MRT is a great place to start since you get to hear lots of Mac podcasters in one place. I’m exceptionally honoured to have been invited into the pool. I recorded my first show last night with Don McAllister, Joseph Nilo, Chuck Joiner & Dave Hamilton, so keep an eye out for it on the RSS feed.

Tagged with: podcasting

Some of you may or may not know that I’ve been a regular panellist on the International Mac Podcast Live shows for a good few weeks now. I’ve also been blogging on Mac-related security matters on the IMP Blog. As of today I’ve also joined the IMP production team, so expect to hear more of me on the young but expanding IMP network. Although I’ve been contributing to a number of podcasts regularly for well over a year, I’ve never really considered myself to be a podcaster, I guess I am now!

While I’m talking podcasts, I may as well mention my other two regular spots. I do a weekly segment on The NosillaCast called Chit-Chat Across the Pond (or CCATP for short) where myself and the host, Allison Sheridan, chat about some geeky topic for about half an hour. I also do a monthly series on the Typical Mac User Podcast called “Introduction to the Terminal” where I try to encourage people to play with the Unix underpinnings of OS X a little more.

[tags]podcasting, Mac, technology, Apple, IMP[/tags]

Tagged with: podcasting

« go back — keep looking »