Hacks

csFlickr

Today one of our ISPs, Expedient(Warning: Opens annoying talking flash-based woman talking over your music), sent me a potato clock. I think it was to mark the 10 month anniversary of a new circuit we haven't quite been able to turn live yet (fault of another 3rd party vendor, long story) :-)

You'll notice the sticker on top is not centered, and that made it rest on this like 1/32" lip around the right "potato cup". That was going to drive me mental, so I was able to re-center it, now my inner Monk is happy.

Aside from that, it works great. It took me 10x as long to set the clock as it did to get it powered by potato, but it's pretty much staying right on time after 30 minutes anyway.

This is not the first such strange vendor swag they've sent me. The last thing I can remember was an Expedient branded USB hub, that had a keyboard controller in it. The Keyboard controller was so that whenever you plugged it in, it could send "http://www.expedient.com" to your default browser and open their homepage when you attach it. It also had a button on the top that would send you to their site, which is why it needed to be a "keyboard". I can't put my hand on that thing at the moment, but if I ever do, I'll definitely update this entry. It may not have survived my move from my last cubicle.

Photos:

Today I got a customer satisfaction survey from EMC. It was specifically about RSA and how we like their products and the company in general. Cynically, I have to believe that it's not entirely a coincidence that they did this survey during BlackHat & DefCon because, well jeez maybe because half of the people receiving this aren't even in their home fucking state? There was a comment field to one of these asking "why do you feel this way".

I have a bash script on my work Mac which creates an ssh tunnel to my home machine, then runs the Mac ScreenSharing.app VNC client so I can VNC home without opening VNC externally. All this works great with key based auth and stuff for the ssh session, so I just get a login prompt for the VNC session and I'm on my way.

At the end, I try to have it clean up after itself, I've tried using waits and then killing the PIDs associated with things like the tunnel, so when Screen Sharing closes, it tears down the SSH tunnel.

OpenLDAP has a nice "feature" that allows for group members to continue to exist, even if the user does not exist any more. Really handy! Problem is, if you, say, have a user in the "Domain Admins" group, and you delete that account, and then some normal user comes along with the same username, they will end up with unexpected elevated privileges.

So I created a script that I run weekly that finds group members that no longer exist, and sends me a report. It also tells me which groups are empty.

This relies on my toolbox... Find it here.

Ok... Now that we have our toolbox Let's do something with it. Today we'll look at a simple solution to an everyday problem. Resetting a password.