Testing Python log output

Imagine you have a module and want to make sure everything’s working, so you test. For functions the idea is usually pretty simple: Provide some inputs, see if the output looks as expected. But what the function is also supposed to write some log messages and you want to check if they look the wayContinue reading “Testing Python log output”

Fun with Javascript, or: Setting document.referrer

It’s a bit of an odd thing for me to say, but yesterday I had some fun playing with Javascript. I maintain a little Firefox add-on called “Referer Modifier” to modify the HTTP Referer header, an since Web Extensions became the standard for browser extension Javascript is simply the language of choice for that. InContinue reading “Fun with Javascript, or: Setting document.referrer”

So, about THAT GnuTLS session ticket bug (CVE-2020-13777)

It’s been almost two weeks ago now that I discovered the bug in GnuTLS now known as CVE-2020-13777. The report is issue #1011 on the GnuTLS bug tracker. Here I want to talk a bit about how I discovered the bug and some thoughts on its impact. Session resumption for mod_gnutls I was working onContinue reading “So, about THAT GnuTLS session ticket bug (CVE-2020-13777)”

NSA Admins and Privacy

While reading through an Intercept article on the NSA’s XKEYSCORE program (simply put: a search engine for data captured by the NSA), I came across this gem: When systems administrators log into XKEYSCORE servers to configure them, they appear to use a shared account, under the name “oper.” Adams notes, “That means that changes madeContinue reading “NSA Admins and Privacy”

New in Java 8: Catching Integer Overflows

I’ve recently discovered a nice new feature in Java 8: methods to properly handle integer overflows. Consider the following example: When you compile and run it, this is the result: Quite obviously, this can’t be mathematically right. The problem occurs because an int has a limited size of 4 byte. When this size is tooContinue reading “New in Java 8: Catching Integer Overflows”

Peculiar Ethernet Timings

Have you ever tried sending one Ethernet packet every 78 microseconds? If not, what would you expect to happen? Actually, I did that kind of experiment (and many others) last year in my graduation thesis “Development of a Scalable and Distributed System for Precise Performance Analysis of Communication Networks“, which is now published. For the thesis I developed a system called the Lightweight Universal Network Analyzer (LUNA), which can generate packets at precise times and record their arrival times, among other things. When I tested it on different hardware, I got some surprising results.

Quick Update on Kyūbunhama

Sorry to jump from sightseeing in Ise to a serious topic so suddenly, but I’m in Sendai right now, just got back from dinner with friends from the time I spent here as an exchange student, and one of them is the coordinator of the volunteer work I participated in after the tsunami in 2011.Continue reading “Quick Update on Kyūbunhama”