22

Please help: 133 open tabs and counting

Update: Thank you. I wasn’t expecting so many comments, let alone so much excellent advice! I’m working out a better workflow and will reply to individual comments when I have the time.

It would seem that I have 133 tabs open in Firefox (Aurora), and that number was obtained after an intensive tab-closing session. There are no duplicates in the list, as I use Pentadactyl to switch tabs by searching titles.

I need your help.

The problem: Firefox is starting to slow, but I can’t just call a tabocalypse – most of the tabs contain unread information that I need now or will need in the next few days. Bookmarking has helped me avert similar crisises in the past, but it just isn’t fast enough. I have 2564 bookmarks in delicous and at least a hundred important bookmarks in org-mode, but tagging and sorting unread links takes way too long.

So: How do you deal with information overload? If you rely on Google to find all old information, is that sufficient? Are org-mode capture templates a fast solution? And, most importantly, are there Firefox extensions that transparently offload old tabs to disk, or do away altogether with the distinction between open tabs and recently visited sites?

Please help. Thanks, Natan.

4

Bypassing Little Snitch

“Little Snitch informs you whenever a program attempts to establish an outgoing Internet connection. You can then choose to allow or deny this connection, or define a rule how to handle similar, future connection attempts. This reliably prevents private data from being sent out without your knowledge. Little Snitch runs inconspicuously in the background and it can also detect network related activity of viruses, trojans and other malware.” — Little Snitch website

Foreword

Programs like Little Snitch instill users with a false sense of security. Mac owners often use Little Snitch to prevent pirated applications from dialing home and to ensure that cracked versions of software don’t contain spyware. Nothing could be more naive: If an attacker can run code in the right context, it’s game over. Apps like Little Snitch can’t possibly prevent that.

Keep in mind that this specific attack could have been prevented, but there are more insidious ways to bypass Little Snitch. The security model is broken by design.

How to bypass Little Snitch

Once a binary is allowed access to the internet, Little Snitch will continue to allow access even if the binary changes. On OS X, applications are usually installed by dragging them to the Applications folder. This means they are owned by the user who installed them. Firefox and Chrome take advantage of this to auto-update without the root password. We can use this to overwrite binaries.

We bypass Little Snitch by replacing a trusted binary with our own executable; it will execute with the network-permissions of the original app.

Example

We need a binary that connects to the internet and we can’t use an interpreted language. For your convenience, here is one such program.

Download it. Then compile as follows:

brew install curl && brew link curl
make

You can ensure that Little Snitch is working by running ./payload.

Lets backup Firefox and replace it.

mv /Applications/Firefox.app/Contents/MacOS/firefox{,.orig}
mv payload /Applications/Firefox.app/Contents/MacOS/firefox

That’s it. If you were writing a program that needed network access without permission,  you would do this programatically and execute Firefox. That’s not the case here, so launch Firefox manually and examine /little_snitch_example.txt

Lastly, you probably want to use Firefox again:

mv /Applications/Firefox.app/Contents/MacOS/firefox{.orig,}

Closing Notes

In real usage, you should examine ~/Library/Application Support/Little Snitch/rules.usr.xpl to pick the right binary.

Lastly, all testing was done on Snow Leopard. You may need to tweak this for Lion or the App Store.

5

evil

Evil is the ultimate vim experience in Emacs. It is the steroidal, caffeinated, successor of vimpulse and vim-mode. It will make you kiss strangers on the street. It will inspire odes to the wonderful hjkl.

With evil, the days of longing for a better vim are over. Using vi over ssh, you will crave your emacs dotfiles.

vim users: You can start by explaining why surround.vim is twice the length of evil’s surround.el  (which itself is half documentation). If you are the type of person who understands (or writes!) vimscript, kindly forgive my ignorance. You can actually read that stuff?

Cheers.

1

Use of void in C prototypes

A giant died this morning. My condolences go to Dennis Ritchie’s family and friends.

In memory of Dennis, here is a short history lesson about C prototypes. Have you ever wondered why the following is legal?

#include <stdio.h>;

void foo () {
    printf("Goodbye, World!\n");
}

int main (int argc, char **argv) {
    foo(1); /* Call foo with a non-existent parameter */
    return 0;
}

---------------
$ gcc test.c -Wall -Werror
$ ./a.out
Goodbye, World!

This is legal for historical reasons. In pre-ANSI C function prototypes didn’t include parameters. C89 introduced parameters in prototypes, but it continued to recognize the old syntax for backwards compatibility.

If you want to declare a function foo that really takes no parameters, use void:

void foo (void);
3

Till death take us all away

The world spun when I heard Steve Jobs died. Steve Jobs was you and me. He was an inventor, an investor and a visionary, but above all else he was human.

Steve was an orphan and a dropout. He was a cancer victim and survivor. He was the entrepreneur who failed and succeeded. He was the bitter young business man who fell from grace and out of sight. But then he came back and rose higher than ever. Who doesn’t use his products today? Who doesn’t know his name?

There was a little bit of all of us in Steve Jobs and we saw Steve Jobs in ourselves too. He was always there, he always fought on, and he seemed invincible. But today the illusion has been shattered. There is all too much in common between Steve Jobs and ourselves. Steve the survivor is dead. There is no hiding from death today.

Remembering that I’ll be dead soon is the most important tool I’ve ever encountered to help me make the big choices in life. Because almost everything — all external expectations, all pride, all fear of embarrassment or failure – these things just fall away in the face of death, leaving only what is truly important. Remembering that you are going to die is the best way I know to avoid the trap of thinking you have something to lose. You are already naked. There is no reason not to follow your heart.

- Steve P. Jobs, Stanford, 2005

Pages ... 1 2 3 4 5 6 7 8 9 10 11 12 13