Vilis Sviklis sviklvil

Arch Linux Full-Disk Encryption Installation Guide

This guide provides instructions for an Arch Linux installation featuring full-disk encryption via LVM on LUKS and an encrypted boot partition (GRUB) for UEFI systems.

Following the main installation are further instructions to harden against Evil Maid attacks via UEFI Secure Boot custom key enrollment and self-signed kernel and bootloader.

Preface

You will find most of this information pulled from the Arch Wiki and other resources linked thereof.

Note: The system was installed on an NVMe SSD, substitute /dev/nvme0nX with /dev/sdX or your device as needed.

Client-side software update verification failures

Exploitable vulnerabilities in client-side software update mechanisms that could have been mitigated by secure transport (TLS).

Contributions welcome. All text taken from the vulnerability descriptions themselves, with additional emphasis mine.

In scope:

I consider exploitation or privilege escalation of the package tool/system itself (that would have been mitigated by secure transport) to be in scope.
Issues only described as being triggered by malicious mirrors are assumed to also be vulnerable to MITM.
Failure to verify the software update at all is currently provisionally in scope if it could have been mitigated by secure transport, but I'm waffling about it. Most of these are actual signature verification failures, and my original purpose was to highlight cases where claims of "It's OK to be HTTP because verification!" seem to me to be specious.
Software components regularly used to verify integrity in other software pipelines a

How to think about Monads

UPDATE 2021: I wrote this long before I wrote my book Functional Programming Made Easier: A Step-by-step Guide. For a much more in depth discussion on Monads see Chapter 18.

Initially, Monads are the biggest, scariest thing about Functional Programming and especially Haskell. I've used monads for quite some time now, but I didn't have a very good model for what they really are. I read Philip Wadler's paper Monads for functional programming and I still didnt quite see the pattern.

It wasn't until I read the blog post You Could Have Invented Monads! (And Maybe You Already Have.) that I started to see things more clearly.

This is a distillation of those works and most likely an oversimplification in an attempt to make things easier to understand. Nuance can come later. What we need when first le

Rich Already Answered That!

A list of commonly asked questions, design decisions, reasons why Clojure is the way it is as they were answered directly by Rich (even when from many years ago, those answers are pretty much valid today!). Feel free to point friends and colleagues here next time they ask (again). Answers are pasted verbatim (I've made small adjustments for readibility, but never changed a sentence) from mailing lists, articles, chats.

How to use:

The link in the table of content jumps at the copy of the answer on this page.
The link on the answer itself points back at the original post.

Table of Content

OpenID Connect Session Management Demo

Spec

Supported :
http://openid.bitbucket.org/openid-connect-session-1_0.html
Not Supported yet :
discovery of OP iframe URL and logout URL

	# Sexy Solarized Bash Prompt, inspired by "Extravagant Zsh Prompt"
	# Customized for the Solarized color scheme by Sean O'Neil

	if [[ $COLORTERM = gnome-* && $TERM = xterm ]] && infocmp gnome-256color >/dev/null 2>&1; then TERM=gnome-256color; fi
	if tput setaf 1 &> /dev/null; then
	tput sgr0
	if [[ $(tput colors) -ge 256 ]] 2>/dev/null; then
	BASE03=$(tput setaf 234)
	BASE02=$(tput setaf 235)
	BASE01=$(tput setaf 240)