CascadiaFest

I’m quite excited to be talking at CascadiaFest this summer about the work I’ve been doing on scanning the Internet. My talk proposal is archived here. The cool end-results are still getting ready for publication, but one of the code modules I’m pretty excited about that happened in the process is ip2country.

I’ve updated this domain to include the new HPKP mechanism and a stronger intermediate cert. HPKP supplements the previous HSTS mechanism to define a specific signing key that must be present on subsequent HTTPS interactions with the server, helping to mitigate one class of man in the middle attacks.

LinuxFest NW

I’ll be talking about what a civic hacking organization looks like at Linux Fest NorthWest in April. Code for Seattle is a brigade of civic-minded hackers. We’ll talk about how we’ve organized hackathons, a weekly meetup, and successfully navigated the government bureaucracy as a small group of volunteers.

Server

Finally got a new server up and running. It’s interesting to go through the setup process every once in a while to see what parts of it are still hardware. I also got to explore some new corners of the process, like dealing with the remote admin interface, and structuring DNS and NICs across multiple… Continue reading Server

Webrtc-Adapter

WebRTC continues to develop towards an evolving standard, requiring some additional leg work to use it in projects. In yet another attempt at bridging that gap, I’ve been working on maintaining an adapter lessening some of the deviation from standard in current browsers.

https://www.npmjs.org/package/webrtc-adapter

It currently fixes

  • Response of format of getStats in Chrome
  • Translation to ‘url’ from the standard ‘urls’ when configuration is passed to Firefox
  • Emission of the ‘negotiationneeded’ event when a data channel is created in Firefox

The main hope is that this will be easier to include in projects than previous attempts.

Public & Private

I have ended up spending more time than I was expecting over that last few months struggling to figure out where I stand on how much of ones life should be public versus private. I’ve found myself being more private over the last year, somewhat to my dismay, and yet have felt increasingly uncomfortable being… Continue reading Public & Private

I took the next step on recommended security practices by upgrading to https-only, and enabling spdy on the server. Still don’t have optimal cipher strengths, which will require some additional algorithm preference tweaking.