32-bit AS numbers introduce a new BGP flaw.

              · · · · ·

Last Friday, Andy Davidson, Jonathan Oddy, and I pushed out some research that has some quite worrying repercussions. Whilst I’ve heard from a lot of people privately about this matter, there’s a big flaw here, and as Andy posted on his blog (which is much more informative than mine, I think!), this is a big problem. The reason, I think, that we’re getting limited public discussion of this exploit (I hesitate to call it an exploit, it’s a flaw really, because it’s actually a result of the RFC that the problem exists), is because the implementations of 4-byte AS support that are out there already are generally not standards compliant.

More Di2 Stuff

              · ·

Following getting my roadbike back out for the first time in a while (been really busy since moving to Ealing!) I figured I’d look at if there’s anything more about Di2 floating around. It seems the more I see of this system, the more I want it. Perhaps Orca with Di2 is something for 2009? I’ve also started tracking my rides (mostly fixed, mostly to and from work at the moment) on this site, if there’s any interest, I was pondering publishing the code/a webapp to upload other people’s rides.

Handy vim tip


I’ve been working on a number of bits of code recently, and have found that it’s not entirely practical to check into RCS or SVN for every change that I’ve made. I really like to work by committing when I’ve finished adding a feature to a script, or a project. Hence, I’ve been using the vim “set backup” option. However, this has some limitations, and hence I decided to have a look at what .


              · · ·

Since I’ve got a few moments, and I’ve decided to actually write down some rants rather than deciding that I can’t be bothered to - I’m going to use some space to single the praises of Django. I’ve been using Django for a couple of years now - since around the autumn of 2005, and as such, feel that I’ve got a pretty good grasp of how the framework works. I haven’t really hacked around that much with the innards of Django (although I did propose a patch), however, what I really like about this framework isn’t particularly the internals, but just the whole philosophy that there seems to be in terms of building a web application.

crontab hacks


30 23 28-31 * * [ "`date +%m`" != "`date +%m --date=tomorrow`" ] && /Users/rjs/bin/monthEnd.py 2>&1 >/dev/null Pretty handy for running on the last day of the month - and should work on Linux.

RFID Presentation

              · · ·

For anyone interested, the slides for my RFID presentation are here.

RFID Basics!

              · · ·

So, at the moment, I’m writing a presentation about the operation and the security implications of RFID. During the course of the random searches around the internet, I’ve found that there’s a lot of really, really cool work going with respect to RFID. Even more great than the output on the subject is who is studying it. Lots of really cool observations are coming out of the open source friendly community - some of the best presentations on the subject are from presentations at CCC.

Asterisk on OS X


Last time I tried to run Asterisk on OS X it was on Panther (10.3), and it really failed to work. It seems since I last looked, things have come a long way. When rearranging how my personal VoIP was configured, I was looking for a simple SIP proxy - however, the only one I could find immediately was Java based, and lacking on a few features that I wanted. Hence, I decided to check out if there were any better Asterisk packages available.

iPhone SDK

              · ·

I finally got myself an iPhone - and am loving it. It’s great how I can now sync my calendars, and address book to my phone without having to worry at all about having six clones of each event on my calendar (which of course, makes it rather difficult to tell what I’m actually meant to be doing that day). However, a topic that has come up a couple of times in discussion with a few friends is that of the iPhone SDK.