Citrix SSL Trust Error 61 on Linux

Trying to log into the Citrix Xenapp Storefront at work today, it looks like they’ve got a new certificate. This is a pretty easy fix, search for the certificate name and download it, then put it in the right place. For me, on my Debian machine, it’s /opt/Citrix/ICAClient/keystore/cacerts. I didn’t have to do anything else, it just worked at that point - start the client again and back to work. [Read More]

VMware Horizon/View on Ubuntu and Firefox

I’ve been running Linux on my main laptop for a while now, first Debian (Kali) and now Ubuntu 18.04.1. Since Firefox updated to their “Quantum” rebuild, I haven’t been able to use my work’s VMWare View environment, which is a bit annoying. There was an issue I reported here on the VMWare forums with handling the vmware-view:// URI for some reason. Since a workmate had recently replaced his Mac with a Ubuntu laptop, I offered him lunch to try his hand at working it out. [Read More]

Leadership Mode Activate

A great article from Allen Pike on newly becoming a leader and considering your ability to be “on the tools” Okay wait, you may say. That’s cool, but I like Doing the Thing. I’m pretty good at it, and if I’m leading a team, will I still get to do it? Will I still get to perform the work that got me to where I am today? The short answer is: Yes, you can! [Read More]

Forged and Filed

This is pure hand-tooled metalwork porn. More of his work at SethGould.com. [Read More]

Opsec, Who Needs It?

This article from Sophos’ Naked Security shows some incredible failures of opsec “because it just kept getting used.” Unfortunately for the US and its agents, it didn’t take long to find the moles. That’s due in large part to what one former official called an “elementary system” of internet-based communications – one that was never meant to stand up to sophisticated counterintelligence efforts such as those of China or Iran, let alone one that should have been entrusted with the extremely sensitive communications between the CIA and its sources. [Read More]

Speeding Up BeautifulSoup With Large XML Files

A while back I built a small web app to parse one of our system configuration files because the application’s interface doesn’t have a search function (yeah, it’s that bad…). It worked OK, but over time slowed down as the XML file grew to 2.5MB and ~10k lines. The slow part was definitely BeautifulSoup’s parsing step, but it took a little poking to work out why. At this stage it was taking over 20 seconds to handle the file. [Read More]

Iceland, Day 3

The first planned stop for the day was Seljalandsfoss. It was fun to scramble over the rocks and we only got a little wet. It was annoying to get a shot of these steps without some soggy tourist ass in the way, but here’s me doing my best. They were surprisingly grippy, given they were worn smooth and not flat in the slightest. Standing behind the falls was truly spectacular. The amount of water coming over them even at this time of year when there’s no snow melt is incredible, and it was impossibly fresh tasting out of the air. [Read More]

Huawei Config Files

Huawei configuration file decryption turns out to be quite easy. It’s just XML in AES-CBC Setting Value Key 3E4F5612EF64305955D543B0AE350880 IV 8049E91025A6B54876C3B4868090D3FC Mode CBC CyberChef is super easy for this Dump the file in, get XML back out! To encrypt ready for usage, just reverse the step. Or if you’re stupidly lazy, click here Tested on B593s-22 References https://www. [Read More]

Eurotrip, the beginning

A long time in planning, it’s finally here - EuroTrip 2018! The rough explanation is 37 days away, nearly two weeks in Iceland, then the rest doing a lap of Eastern Europe. Being from Australia, we can’t just do a merry jaunt to Europe, hence the extended plans. The flights were… as to be expected. Brisbane to London via Singapore, with a six hour stopover. I sleep on my stomach typically, so I just don’t sleep on flights. [Read More]

Getting HEAD

Crass, I know, but it’s part of my charm. We run load balancers for our proxies and we need to monitor they’re working, so we make requests through them out to the internet. I was doing some checking one day on “top utilization by user” and found that the monitoring account had been… rather hungry. Turns out, we were doing a full GET request to two news sites, for every time a proxy appeared in a load balancing pool, from each of the load balancers. [Read More]