After quite some time I’ve managed to get my server back online. The issue was that running it on a raspberry pi 3 alongside other things pretty much ensured the OOM killer would kick in and start killing things off. I got one of those HP elitedesk PCs for only £40 off eBay to host this and it’s superb! This is now running in a docker container on a low powered 8gb system.

This site is now hosted on my raspberry pi zero w - incredible! Hosting costs are now on a real shoestring budget. I’ll be tinkering with it to get the site to perform a bit better (microssd is not fast..) This was part fun experiment, part cost saving exercise.

This handy snippet is useful for seeing what merged PRs there are between two branches - eg master/release or whatever you’re using. I find it v.handy: git log --merges --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr)%Creset' --abbrev-commit --date=relative origin/production..origin/master

Stick this in your .bash_profile or .bashrc file: function diffopen() { git diff --name-only "$1" | xargs -d '\n' pstorm; } Then in your project folder, say you want to open all files that differ from your master branch: diffopen master Note, on OSX you’ll need the GNU version of xargs for this to work, as I discovered the hard way..

This post is mostly for my own reference. I’m still in the very early stages of understanding and using docker. # The docker cli client app brew install docker # Tool for installing a docker machine (VM and or docker layer for holding containers (the whale)) brew install docker-machine # Create a local docker machine using virtualbox as the VM, call it 'dev' # Assuming this is where it gets clever as we can create docker machines for reference locally way off in the cloud docker-machine create --driver virtualbox dev # Nothing worked properly until I did this, not sure what it actually does, probably sets the active docker environment eval "$(docker-machine env dev)" # Pull down and register the whalesay container docker pull docker/whalesay # Run the cowsay command on the whalesay container with the argument 'boo' docker run docker/whalesay cowsay boo

I recently had to use hashcat to verify some user credentials. Here are the commands I used: # Salted md5 passwords (all the same salt in salt+password format): hashcat -o found-passwords.pot -e salt.txt -m 20 -a 0 input-passwords.txt hashkiller.dic Input file is just hashes from the database, one hash per line. I think you can put a :salt after each hash and omit the -e salt.txt from the command to use unique salts.

Recently, the instant messaging app “WhatsApp” announced that it is using end to end encryption. While this is generally seen as a good thing, what most people seem to have forgotten is that we have absolutely no reason to trust WhatsApp. Just because you’re told WhatsApp is using end to end encryption doesn’t really mean anything.. what algorithms are they using, how can we verify this. Most importantly, if the NSA (or someone else, perhaps with lots of money) asks WhatsApp to disable end to end encryption for a specific user - what’s to stop them?

Most of the time I don’t want a local install of composer, I want it installed system-wide. Here’s how to do it: curl -sS https://getcomposer.org/installer | php -d "allow_url_fopen = 1" -d "open_basedir =" -- --install-dir=/usr/local/bin --filename=composer

For some time now I have been keeping myself abreast of the Oculus Rift project - a brand new virtual reality kit which is due for release this year. Normally I wouldn’t be interested in things like this but I believe this new VR headset will change the face of not only gaming but many aspects of our lives, and not always for the better. Back in the 90’s I had a go with a VR headset in London and it really put me off the idea.

If you’re not already familiar with the heartbleed bug, have a look at this website: http://heartbleed.com/ - I don’t want to talk about what it is exactly as lots of people have done that.. just why you should be more worried than you are. If you were (or still are?!) running an affected version of openssl: You almost certainly have NO way of telling whether someone attacked your server You may have been attacked through any service using SSL.