How to check for the gem replacement vulnerability

Recent news about the gem replacement vulnerability made want to check all installed gems on my systems. The news states that gems that have not been updated since 8 February 2015 could possible be maninpulated. Keep in mind that this is a theoretical attack vector. As far as I understand no attack making use of this approach has occured.

As there is no onboard way to check which currently used gems have not been updated since Feb 8th, 2015 you need a small script for checking. I found one called check_gems.rb from David Cuadrado. It checks all gems installed on the system. Continue reading

The sad truth behind disruptive innovation

Everything in our modern western society is software based. What seemed impossible only 20 years ago is currently a part of our everyday lives. Software has taken over taxi services, classifieds, news consumption, movie and tv consumption, book delivery, cars, energy distribution, warfare, and many more.

A new term has emerged in software-based innovation that has transformed our western life style significantly: disruptive innovation. Disruptive innovation refers to situations where established businesses have been hit hard or completely destroyed by a new software driven solution. Common examples include Uber, Craigslist or Netflix.

Continue reading

The misconception that software has become simpler

Software becoming simpler is just an illusion. The opposite is true: software itself has become even more complicated over the past 20 years. Software nowadays consists of layer upon layer of software applications. Some of those layers are located in other geographical locations; and in those locations even more layers of the software exists. The main reason why most people think software has become simpler is because they only see the final layer on the top of all of the other layers. It is the shiny layer that has been created by skilled artists and polished by countless tests and interviews with target audiences. What people see when they start an app on their phone or tablet is just a tiny fraction of what this software actually consists of.
Continue reading

Use SD card as download path for Synology DS Audio Android app

Ever since Android 4.4 changed the security policies for storage no Android app can make use of SD card storage outside its app owned folder. There is a simple workaround that works like charm for the DS audio app: We move parts of the DS audio app onto the SD card. With this done an app owned folder was created on the SD card that can then be used (or misused) as download directory. Continue reading

Create a RSA key pair on Linux

The default save location of the key pair (public and private key) will be shown. It should always be ~/.ssh (/home/yourusername/.ssh).

After you confirmed the location the key pair is stored you are asked to enter a passphrase. That is your password for every system your public key of the pair is stored.

At the time of writing the default length of the key is 2048 bit.

Source: How To Set Up SSH Keys


InfraRecorder does not start on Windows 10

After installing InfraRecorder on Windows 10 it will only start once. After that the InfraRecorder UI will not show up. When you take a look at the task manager you will see that an instance of InfraRecorder is running but no UI is present; killing the process and starting InfraRecorder anew will not solve the problem.

Quick Fix

This is a known bug (#729) and at the moment the only workaround is manually deleting the settings.xml file. This file can be in one of the follwing locations:
C:\Users\YourUserName\AppData\Roaming\InfraRecorder\ or InfraRecorder application directory when using the portable apps version of InfraRecorder.

Permanent solution

The above mentioned fix will only work once. You should use this one shot to permanently solve the problem. Just deactivate the “Remember the last active folder” checkbox in the InfraRecorder configuration.

InfraRcorder choose configuration

InfraRecorder - Checkbox remember last active folder

After you deactivated this checkbox InfraRecorder will work just fine.

Remove last character with cut

As cut can only remove the characters from the beginning of the string we have to pipe the string through rev first to reverse the order of the characters. Then we remove the first character with cut and reverse the string to its prior order.