Main Topic – Regular Expressions
Taming the Terminal Part 17 of n – Regular Expressions: http://www.bartbusschots.ie/blog/?p=3542
- OpenBSD fork OpenSSL to create a new stripped-down version called LibreSSL – the aim, to have a smaller and easier to maintain, and hence hopefully more secure, open source implementation of SSL (don’t jump in too quick though,
refactoring code could easily introduce new bugs, so this will take time to mature) – http://nakedsecurity.sophos.com/2014/04/23/libressl-aims-to-prevent-the-next-heartbleed/
- Linux Foundation invests in OpenSSL (and other important technologies) by setting up the Core Infrastructure Initiative (will be about more than OpenSSL) – http://nakedsecurity.sophos.com/2014/04/25/more-post-heartbleed-lovecash-for-openssl/
- Heartbleed claimed it’s first high-profile victims – UK parenting site Mumsnet & the Canadian Revenue Agency – http://nakedsecurity.sophos.com/2014/04/15/heartbleed-jabs-its-first-victims-uk-parents-site-mumsnet-canadian-tax-agency
- Also claimed it;s first arrest, with a 19 year old Canadian being arrested in relation to the Canadian Revenue Agency hack – http://nakedsecurity.sophos.com/2014/04/17/heartbleed-sees-first-arrest-in-wake-of-canada-revenue-agency-breach/
Important Security Updates:
- Apple released Security Update 2014-002 for OS X (10.7 Lion, 10.8 Mountain Lion & 10.9 Mavericks). The update includes fixes to Secure Transport, Apple’s implementation of SSL/TLS (unrelated to HeartBleed) – http://support.apple.com/kb/HT6207
- Apple released iOS 7.1.1 including important security updates – http://support.apple.com/kb/HT6208
- Apple released Apple TV 6.1.1 including important security updates – http://support.apple.com/kb/HT6209
- Apple released AirPort Base Station Firmware Update 7.7.3 (a HeartBleed fix for new AC routers) – http://support.apple.com/kb/HT6203
- Adobe released and out-of-band patch for the mobile version of Adobe Reader (for Android) to fix a remote code execution bug – http://helpx.adobe.com/security/products/reader-mobile/apsb14-12.html
- Oracle released their latest quarterly Java update, patching 37 security vulnerabilities (reminder – avoid having Java enabled in your browser if at all possible) – http://krebsonsecurity.com/2014/04/critical-java-update-plugs-37-security-holes/
Important Security News:
- Followup – last time we reported on the fake Android AV app Virus Shield being the top paid app on the Google Play store and thousands of people being defrauded. Allison asked if Google had refunded the defrauded customers. Bart didn’t know one way or the other. It turns out they hadn’t then, but they have now – http://nakedsecurity.sophos.com/2014/04/22/google-refunds-android-users-who-bought-fake-virus-shield-app/
- University of New Haven researchers have found a flaw in how WhatsApp sends location data (uses HTTP instead of HTTPS) – http://nakedsecurity.sophos.com/2014/04/19/dont-share-your-location-with-your-friends-on-whatsapp/
- University of New Haven researchers also found serious security and privacy problems with Viber – data sent un-encrypted, and left completely open on servers – http://nakedsecurity.sophos.com/2014/04/24/here-we-go-again-viber-mobile-messenger-app-leaves-user-data-unencrypted/
- At the start of the year we discussed a back-door found in a bunch of Cisco, Linksys, NetGear and other routers (http://nakedsecurity.sophos.com/2014/01/03/gaping-admin-access-holes-found-in-soho-routers-from-linksys-netgear-and-others/). The problem was in firmware provided by an OEM manufacturer (SerComm). An incomplete list of known affected and unaffected products was published on GITHub by the security researcher who found the bug (https://github.com/elvanderb/TCP-32764). Sercomm claimed to have fixed the back-door, but the security researcher wondered how well they had closed the door, so he started poking at the new firmware. The problem Sercomm chose to fix was not that there was a backdoor, but that people knew about it! Their solution, to try put the genie back in the bottle and create a better back door that researchers wouldn’t find – they failed! – http://nakedsecurity.sophos.com/2014/04/23/the-soho-router-backdoor-that-was-fixed-by-hiding-it-behind-another-backdoor/
- Google patched Android to fix a mistake in their security permissions that enabled apps to alter the effect of app icons on the launcher, redirecting people to spam/phishing sites. Google were told of the problem in October, but only released the patch to OEMs in February – as usual with Android, goodness knows when users will get the patch, and many never will – http://www.computerworld.com/s/article/9247674/Google_issues_patch_for_Android_icon_permissions_attack
- Michaels (and subsidiary Aaron Brothers) lose 3 million credit and debit cards – http://krebsonsecurity.com/2014/04/3-million-customer-credit-debit-cards-stolen-in-michaels-aaron-brothers-breaches/
- LaCie warns customers of year-long credit card breach – http://krebsonsecurity.com/2014/04/hardware-giant-lacie-acknowledges-year-long-credit-card-breach/
- Controversial centralised cloud-based US student database inBloom closes after parents groups successfully campaigned against the system – http://nakedsecurity.sophos.com/2014/04/24/parents-win-against-cloud-storage-of-us-students-private-information/
- The Smart Phone Kill-Switch Saga Continues:
- The US DOJ want the right to warrantless searching of smartphones before people have a chance to wipe them –http://nakedsecurity.sophos.com/2014/04/25/feds-argue-for-warrantless-phone-search-to-avoid-suspects-kill-switching-evidence/
Photographic Sorbet (Time Permitting)
There is no one right way to compose a shot, but, a simple tip that can be very effective for landscape-style shots is to find a shadow and get into it – by shooting from within a shadow you can use the shadow to add foreground interest and depth to your shot. It can be a big shadow or a little shadow. As a bonus, if the sun is low, getting into a bigger shadow is also a great approach for keeping your own shadow out of your shots.
Bart’s other shows:
Let’s Talk Photography
Let’s Talk Apple
Both at http://lets-talk.ie
3 thoughts on “CCATP – Taming the Terminal Part 17 of n with Bart Busschots”
[…] Big changes to podfeet.com – breaking the giant blog post of doom into little chunks throughout the week. I got to be a guest screencaster for Don McAllister’s Screencasts Online doing a show about iThoughtsX for the Mac and iThoughtsHD for the iPad. Should be available soon in the next episode of the SCO Magazine too for iPad. Why Dave Hamilton of the Mac Geek Gab rocks. In Dumb Question Corner David Bogdan asks how to get Safari to stop offering us push notifications (Clarify tutorial here). Wil Wheaton answers an 11 year old girl’s question about being a nerd (Video on Youtube.). Store and Secure Your MagSafe 2 Adapter with MagCozy. Tiny Portable Tripods for Your Smartphone or Tablet from Square Jellyfish. Discover New iOS Apps with TAPPD. Let Your iPhone Tell You the Value of a Resistor with ResistorVision – interview by Kirschen Seah of freerangecoder.com. In Chit Chat Across the Pond Bart takes us through Taming the Terminal Part 17 of n – Regular Expressions. […]
Great tutorial on Regular Expressions! I admit this is a concept that even throws experienced programmers like me for a loop (heh, a little programmer humor there 😉 )
If you want to play around with regular expressions outside of the terminal, RegexPal is a great site for that.
It is a great interactive site that has a text box where you can type in a regular expression, and another text box where you can paste in any sample text. The site will highlight parts of that text that match your regular expression.
Another pretty good regular expression tutorial can be found here:
This is an article that I found on a great site for iOS and Mac developers that I frequent. It teaches how to use regular expressions when writing iOS and Mac apps. But if you ignore the code-y bits, it also serves as an excellent tutorial on the syntax of regular expressions.
And finally, here is a great PDF cheat sheet of the regular expression syntax. I’ve put this in my Evernote in my “Important Reference Materials” notebook so I always have it handy.
“Spreeuw” is apparently a Dutch word, but it is apparently used to describe a species of bird (a starling I believe.) So yeah, I guess it can be considered a “valid” word in /usr/share/dict/words.