-
I always feel like I’m missing something when I read an article that involves installing a CA on the victim’s phone/computer. If you have that kind of access, aren’t there a myriad of other things you could do? Can someone help me understand why things like this are notable if they require installing a CA like this?
-
Installing the certificate on his phone was just a way to fool Snapchat into validating his proxy that he setup. The “victim” here isn’t the owner of the phone, it’s the application itself.
It’s interesting to note that a user can essentially bypass SSL out from under an app; this might not be that exciting to MITM yourself for most apps, but for Snapchat it allows the user direct access to the data they’re trying to restrict from the user.
-
-
jroes
5 years ago
|
link
| on:
Deploy Rails apps straight from GitHub to Heroku in a single click! (Rails Rumble)
Another cool rumble app I saw like this is http://deploybutton.com
-
jroes
5 years ago
|
link
| on:
Show iOS devs: PSTCollectionView - API compatible replacement of UICollectionView (iOS6) for iOS4.3+
Dang, somehow I never even heard about Collection Views in the first place. They’re awesome!
-
They were under NDA until 6 came out :) Check out WWDC Video 219 from this year
-
-
Sounds cool. Curious how this compares to existing Rails de-facto standards like Devise and Clearance.
-
If you want bare bones authentication without having to write it yourself (and I mean it really toes the line) then AuthN should be the choice.
If you want someone else to do all of your authentication requirements, and I mean all of it, then Devise and Clearance is the clear winner.
-
-
This is great, now if only I could set up a private CI server that doesn’t involve more than half a day of my time!
-
Same here. Although it’s not perfect and it seems halfway abandoned, integrity is what I’ve been trying to get set up lately. If you can get your build environment right, you should be okay.
For what it’s worth, I have heard rumblings that the Travis CI folks will eventually offer private CI.
-
This has been a pretty sweet resource for me, especially now that Turntable.fm no longer helps me find new indie music.
Dartmouth’s station is always just playing top 40 though. Not sure where you’re seeing the effort there! Yale and Harvard have been the best streams for me personally so far.
Hey! Thanks for the positive feedback! I’m glad someone other than me thinks it’s cool. I just put up the Russell Group Radio Network at http://www.russellgroupradio.net. The Russell Group is the UK’s equivalent of the Ivy League. I also linked the sites together so you can jump back and forth between them if you like. I was going to wait to post the RGRN until I’d listened to the stations more and had built a small list of universities I could recommend, but since we’re off in a little corner here and no one else will probably find this I’ll share it with you now. I hope you like it!