Sunday, January 22, 2012

Adding GCC, Git, and friends to Path after Installing XCode 4.3

My hard drive died this week, so I decided to purchase an SSD. Best decision ever—my little old macbook is a bazillion times faster. It's always a great feeling to start fresh; I love reinstalling all my apps and getting organized. It's a very empowering feeling to reintroduce order to one's life.

Since I was starting fresh I decided I didn't want to install the old XCode, and so would just skip straight to the new XCode 4.3 Preview, which requires no installers and just comes completely self contained.

However, many of us like to develop outside of XCode from time to time, and woud like to have our compilers, debuggers, and Git available to us. I knew XCode 4.3 was providing these things, because I was able to compile my projects, but they were not showing up when I tried to run them from the terminal.

After a little digging, I finally found the bin folder with all our friends in the package contents of the XCode app. To use GCC, GDB, Git, and other various utilities from the command line, just add this to your path:

/Applications/Xcode.app/Contents/Developer/usr/bin


Enjoy.

Wednesday, March 30, 2011

Filtering Doesn't Work. Education Might.

Internet filtering will not keep your children safe. Your children probably know more about computers than you; they will find or make holes in your software. Even if you whitelist, ban chat and p2p programs, block Google image search, and block every video and image hosting website, you'll never come close to blocking everything. If that's your strategy, you might as well just call up your ISP and cancel. Even then, you cannot monitor your children at their friend's house, at the library, or when they grow up. Filtering can prevent you from stumbling into undesired materials, but it cannot stop someone from breaking out. Teach your children how to use the internet safely. Teach them to be good. Then trust them to make the right decisions. I call it parenting.

Monday, March 28, 2011

Warfare 2.0

Last year Stuxnet attacked rare hardware controllers used by Iran's nuclear program. This year Fukushima faces a nuclear crisis. The crisis was caused by an earthquake, but it's not hard to imagine what a well funded attacker could do. No amount of static defense will make networks secure. The best defense is a good offense, especially in cyber warfare. State funded attackers, criminals, and terrorists need to be hit before they hit our networks. Counter-attacks should be adapted to the target; criminal organizations or terrorists cells get less impunity than states like China or Russia. At least publicly. Anyone with a computer can play war now. But having an army of hackers isn't enough to keep you safe either—the countries of the world need to work together. We need international law to step up to the plate. If it doesn't, you can be sure things will get messy.


Inside Cyber Warfare is a good book.

Thursday, March 24, 2011

Teaching Hacking in School

Here is a video I made to show why Computer Security must be taught in school.

Monday, March 21, 2011

Smart DRM—Starcraft 2

People should be paid for their work. Technology has fundamentally changed the way we use media, yet unimaginative, manipulative executives believe that monolithic copyright laws and ineffective DRM technologies will keep their antiquated business models alive. Video games are among the most pirated software: the key verification algorithm can be reverse engineered, and key generators can be developed. Blizzard's Starcraft 2 has a better approach to this problem. You can take your Starcraft II disk and install it on any machine you want. However, in order to play you must log in with your battle.net account, which you have associated with the Starcraft II licence you purchased. The key verification algorithm is safe(r) on Blizzard's server, and you can play from wherever you'd like without having to worry about keeping track of your key; everyone wins. The key is adapting business models and copyright laws to the technology—not the other way around.

Wednesday, March 16, 2011

You Go, Girl!

It warms my heart to see women in computer science, like this hacker who was programming in x86 and C by age 14. It is baffling that there are so few women in computer science: its flexibility makes it a great profession whether you are career driven, a traditional stay-at-home mom, or anywhere in between. I don't know whether it's the misconception that computer science is for nerdy guys, or some biological difference in women's brains; all I know is a lot of women are missing out on computer science, and computer science is missing out on a lot of women.

Wednesday, March 9, 2011

Mac Hacker Interview

Today, thanks to Technocrat, I read an awesome interview with two of my hacking idols: Charlie Miller and Dino Dai Zovi. Read it.


Things I liked/found interesting:

  • Mac security is far from perfect
  • Google Chrome is good
  • Education is good—the good guys need to know. Bad guys tend to already know.
  • Apple needs to treat researchers better
  • Apple's security (like everyone else's) depends on how much it will protect their wallet.
  • "As for whether I have an exploit in my pocket, a gentleman doesn't discuss such things, but I'm not a gentleman, so yes." - Charlie
  • These guys are smart