One of the aspects of XP that also shows up in related styles of development, such as agile, is pair programming.

This is where you work as a team of two, at the same workstation. One of you is the pilot, operating the keyboard. The other is the co-pilot or navigator, and they sit off to the side, observing. Every so often, you switch roles.

Programmers working as a pair
Two programmers at work, pair programming. The pilot on the right, at the keyboard, with the navigator to the left. CC BY 2.0

Continue reading “Pair…configuring?”

Classified Classifieds (steganography for command & control)

Ars Technica just ran a story about a Russian hacking group making botnets, and how they control them covertly.

There’s two parts to a successful botnet- you need the zombie (infected) hosts not to be detected too quickly, as they’ll then be cured. But you also need to be able to communicate with the bots in such a way that they don’t betray their own presence, and don’t leave a trail back to what is known as the C&C (Command & Control).

That middle bit is still very tricky, since by definition, you want to have an effect- perhaps a DDOS on a target, spamming, or distribution of more malware. If a DDOS, by definition, that’s going to be very noticeable by all concerned. But going from that to alerting the owner of the specific computer (or perhaps router, or printer) is slow. ISPs aren’t known for rapid action.

Even when you do get a message to the zombie’s owner, that’s one machine.

To really knock out the botnet, you need to get at the C&C. So where is it?

Continue reading “Classified Classifieds (steganography for command & control)”

My favourite regexp

Do you have a favourite regular expression? That might be a tricky question for some- like the benighted masses who haven’t yet heard the gospel of regular expressions. Or maybe you have so many dear to your heart, a real Sophie’s Choice? For me, it is easy, the first non-trivial one I wrote, for a task management system called TOM. Take a look and see if you can sell what it does- to help you out (?) I have left it in the context of the line of Perl it came from.

$string =~ s/(?=.{79,})((.{0,77}[\-,;:\/!?.\ \t])|(.{78}))/$1\r\n/g;

Continue reading “My favourite regexp”

Homebrew Intervalometer

I wanted an intervalometer for my Canon DSLR, which at the time, rather miserly did not contain. An intervalometer is a device to take exposures at regular periods. It’s great for time-lapse work. Their own add-on was quite pricey. Even knock-offs were more than I thought was worth it. And besides, I wanted a project where I could make my own printed circuit board, or PCB.

Continue reading “Homebrew Intervalometer”

JavaScript user scripting


I was playing a browser-based game that required me to perform an action at 04:00. And I wanted to be asleep at 4am.

One thing I want all budding web developers to remember is this- your application front end is running on someone else’s computer. In what is effectively a debug environment. Developers need to ensure there is no trust between the client and the server (the other way around is fine, however).

Because the code is not compiled, it is even easier to dig into the code- the HTML and JavaScript -and make changes.

But I didn’t need to go that far.

Continue reading “JavaScript user scripting”

Virtualmin utility scripts

The college’s neongrit linux server uses Virtualmin/Usermin to handle the admin of users, and providing those users with a web interface to configure things like how apache works for their virtual host, creating new databases, etc.

It’s a very useful framework, and has most of the essentials we needed, but I wrote a few scripts in Perl to assist me with some frequent tasks, the way that fit me- which is perhaps more true of sysadmin scripts than any other sort of software, that they are built to scratch an itch. Here’s one to assist batch adding of users and creating them a virtual web host.

Continue reading “Virtualmin utility scripts”