Posts Tagged Security

Lock Screen For Your Mac

For OS X.

In the dorms I used to have my mac lock itself as soon as it entered screensaver mode but now that I don’t have the constant mischievous pranks looming around the corner I don’t bother with that. So what I’m looking for is a way to lock my mac without having to ALWAYS enable it when in screensaver. The solution is in Keychain Access (Applications > Utilities). Launch the program and under Keychain Access:Preferences in the General tab, select “Show Status in Menu Bar”. Now a lock icon appears in your tray and the first option in the menu is “Lock Screen”. Sweet!

Note: you can move these icons around by holding down the apple key and dragging.

, , , , , ,


ACM General Meeting #3 – Yahoo Presents: PHP Inventor, Rasmus Lerdorf


Overall an exciting tech talk by Rasmus Lerdorf, the inventor of PHP, who discussed how PHP came about, and a general discussion of how to take advantage of the Yahoo API, optimization techniques and how broken and insecure the web is.

He runs a website which displays statistics collected from the Nike + Apple running contraption.  see

Lerdof does not like generalized frameworks.   One of them being RoR which his main critisizm is that the framework is not scalabe.  When developing with PHP and other tools, you can have multiple points of entry.  RoR you’re limited to one point of entry to a framework which must be aware of all the different services avaliable.  He claims this makes it very difficult (if not impossible) to scale your applications.

Yahoo has a useful tool called yslow for optimizing your webpages.  It is an extension for a firefox extension called firebug which is mainly used to debug javascript on webpages.  see

Cool little way to allow browsers to cache files such as CSS (and yet use your latest versions when you make changes to them) is simply appending version numbers at the end of your filenames.  That way when you make a major change the chaced version does not matter because you’re looking at a new filename now.

Siege is a neat tool to measure the efficiency of your web services.  see

APC is a PHP package which allows the server to cache opcode optimizing your PHP app.  (essentially skips the compile step)

valgrind is a tool to help optimize at the c-level.  Presented visually in kcachegrind.

xdebug is valgrind at the PHP level.  Generates output similar to valgrind which can be interpreted by kcachegrind.

Major exploits of the internet include cross-site scripting.  This allows hackers to essentially hook on to your current session (say in bofa) and perform “clicks” on your behalf.  Which is why you should NEVER have an online banking page (or anything of significant importance –with personal information, etc) open in the same browser you use for general browsing.

URL Handlers are a security risk as well.  Given that mailto had a buffer-overflow (written by a trusted developer)… many less-well-written applications present a major security risk.  “mailto:%0%0…” exploit.

References to XSS about how to hook on to a browser. — firewall-like protection for PHP against stuff like sql-injection – where exploits get posted.

, , , , , , , , , , ,

No Comments