Skip to main content


Showing posts from 2020

Fun with VMware on a 64 GB Mac

I'm having a lot of fun with VMware on this 64 GB Mac: My main OS, obviously, is macOS running work-related stuff. Then, I have Ubuntu Linux for development. I have Kali Linux for doing security work. I have Windows 10 for practicing exploit development. And, finally, I have macOS running in a VM for my personal stuff. I could probably get Android and iOS running for completeness sake (using different emulators), but I don't actually need those right now ;) I've been running multiple VMs for a month or two. Things are working in general, and I'm happy with this setup. My only complaints are: It took a while to set everything up. My battery life sucks :-P The macOS VM lacks GPU acceleration; hence I had to disable GPU acceleration in Chrome. Similarly, for personal use, I'd prefer to use Netflix, YouTube, and Zoom in my personal macOS VM. However, the video is too laggy. Hence, I have to do those things on the main OS, using a

Application Security: Hashing, Encryption, Encoding, Compression, Oh My!

In this blog post, I’m going to be talking about hashing, encryption, encoding, compression, etc. All of these things are related, but they serve different purposes. Sometimes, developers confuse these things which can lead to tragic results. My goal is to provide a high-level overview without getting into the weeds. If you’re interested in the details, Wikipedia is a great place to start. In fact, any part of this blog post that sounds even remotely intelligent was probably taken straight from Wikipedia. Encoding Let’s start with code : In communications and information processing, code is a system of rules to convert information—such as a letter, word, sound, image, or gesture—into another form, sometimes shortened or secret, for communication through a communication channel or storage in a storage medium. An early example is the invention of language, which enabled a person, through speech, to communicate what they saw, heard, thought, or felt to others. But speech li

Ubuntu 20.04 on a 2015 15" MacBook Pro

I decided to give Ubuntu 20.04 a try on my 2015 15" MacBook Pro. I didn't actually install it; I just live booted from a USB thumb drive which was enough to try out everything I wanted. In summary, it's not perfect, and issues with my camera would prevent me from switching, but given the right hardware, I think it's a really viable option. The first thing I wanted to try was what would happen if I plugged in a non-HiDPI screen given that my laptop has a HiDPI screen. Without sub-pixel scaling, whatever scale rate I picked for one screen would apply to the other. However, once I turned on sub-pixel scaling, I was able to pick different scale rates for the internal and external displays. That looked ok. I tried plugging in and unplugging multiple times, and it didn't crash. I doubt it'd work with my Thunderbolt display at work, but it worked fine for my HDMI displays at home. I even plugged it into my TV, and it stuck to the 100% scaling I picked for the othe

Creating Windows 10 Boot Media for a Lenovo Thinkpad T410 Using Only a Mac and a Linux Machine

TL;DR: Giovanni and I struggled trying to get Windows 10 installed on the Lenovo Thinkpad T410. We struggled a lot trying to create the installation media because we only had a Mac and a Linux machine to work with. Everytime we tried to boot the USB thumb drive, it just showed us a blinking cursor. At the end, we finally realized that Windows 10 wasn't supported on this laptop :-/ I've heard that it took Thomas Edison 100 tries to figure out the right material to use as a lightbulb filament. Well, I'm no Thomas Edison, but I thought it might be noteworthy to document our attempts at getting it to boot off a USB thumb drive: Download the ISO. Attempt 1: Use Etcher. Etcher says it doesn't work for Windows. Attempt 2: Use Boot Camp Assistant. It doesn't have that feature anymore. Attempt 3: Use Disk Utility on a Mac. Erase a USB thumb drive: Format: ExFAT Scheme: GUID Partition Map Mount the ISO. Copy everything from

Security: BSidesSF 2020

I went to BSidesSF (@BSidesSF), which is a friendly security conference organized by volunteers. These are my notes. BTW, shout out to my buddy, Josh Bonnett, for introducing me to the conference. Here's the schedule . Here's a link to their Capture the Flag . This was their 10th anniversary. "There are no attendees. Everyone is a participant." They said, "If you're going to take a picture, make sure you have the permission of everyone in the shot. Crowd shots (those facing the crowd) are strongly discouraged." They donate to "The Sisters of Perpetual Indulgence". [Keynote] Give Away Security's Legos: Dumping Traditional Security Teams The keynote was given by Fredrick "Flee" Lee (@fredrickl), the CSO at Gusto. Legos are very accessible, and you can build amazing things. Lego is the world's most recognized brand. Lego's motto is "the best is not too good." It's bad that most companies treat thei