May 5, 2017 - 2 minute read - Development

Undocumented UJS changes when upgrading to Rails 5.1

I was pleased to see Rails 5.1 drop jQuery as a dependency. As a result the Unobtrusive JavaScript (UJS) driver has been rewritten to operate without jQuery. For most remote forms and links, this drop-in replacement might just work straight away. However, for those hooking into UJS more tightly, there are some gotchas. These aren’t difficult changes but they’re undocumented, and since UJS no longer comes as a separate gem (it is now built into Action View) they’re slightly harder to investigate.

Jan 24, 2017 - 5 minute read - ideas

Thoughts on fixing email forwarding

This article proposes a new internet mail feature. I haven’t worked on any details of design or implementation yet, but I wanted to publish my motivation and initial thoughts. The problem After hanging around the Internet for the better part of three decades I have more email addresses than I can remember. None of us want to have loads of mailboxes to check. Back in the day we could forward one mailbox to another, and that was all the implementation needed to simplify matters.

Oct 27, 2016 - 2 minute read - DevOps

IPv6 timeouts with OS X Server

Recently enabled IPv6 on your local switched network? Getting odd timeouts connecting to an OS X Server? Here’s (possibly) why: the out-of-the-box server configuration is firewalling link-local IPv6 traffic. To diagnose this in my network I used ssh, since it’s easy to use and has good verbose output. So turn on secure shell conncections if you haven’t already. Server -> Settings -> Remote access -> Secure shell connections. Now from a neighbouring device, first confirm that IPv4 ssh to the server is working e.

Feb 16, 2016 - 3 minute read - DevOps

Notes from a PostgreSQL RDS upgrade

So I recently received an RDS maintenance notification: From: Amazon Web Services, Inc. Subject: Upgrade now available for your Amazon RDS PostgreSQL database instances Dear Amazon RDS Customer, A system update is now available for any Amazon RDS PostgreSQL database instances you created before 13 October 2015. We recommend installing this update to take advantage of several performance improvements and security fixes. You may choose to install this update immediately, or during your next scheduled maintenance window.

Nov 7, 2015 - 1 minute read - Security

Apple ID password rant

The theatrical demand from OSX and iOS for constantly re-entering the Apple ID password is a substantial enemy of security. I just upgraded two laptops, a server, an iPhone, and restored an iPad. I think I had to enter the same passwords six times per device. In general use they’re no better, regularly nagging for a password for piddling tasks like updating an app or downloading a song. For me with separation-of-concern accounts and 20+ character generated passwords this is a major annoyance, especially on a tablet keyboard.

Sep 8, 2015 - 2 minute read - Development

Using URL helpers in Rails ActiveJob background jobs

I’ve just moved some of our code to run asynchronously and found that URL helpers aren’t available inside ActiveJob jobs; at least, not the way they are within Rails views, controllers and mailers. We can fix this; read on for how. I wanted to simply write: class NotificationJob < ActiveJob::Base def perform(object, message) NotificationService.send(url_for(object), message) end end … but invocation threw a NoMethodError because jobs don’t have url_for available.

Aug 24, 2015 - 3 minute read - Security

Privilege escalation

Back in the dim & distant past – late 1999, although no records capture the exact date – I was asked to compromise a server and gain root access. I said yes. This is the first and only time I have deliberately cracked a live, production server. This was not as questionable an undertaking as it sounds. I knew of the machine in question, and I knew its operator, and he still had a working secure shell login.