5418
An Introduction to Qubes OS | Qubes OS
Qubes takes an approach called security by compartmentalization, which allows you to compartmentalize the various parts of your digital life into securely isolated compartments called qubes.

This approach allows you to keep the different things you do on your computer securely separated from each other in isolated qubes so that one qube getting compromised won’t affect the others. For example, you might have one qube for visiting untrusted websites and a different qube for doing online banking. This way, if your untrusted browsing qube gets compromised by a malware-laden website, your online banking activities won’t be at risk. Similarly, if you’re concerned about malicious email attachments, Qubes can make it so that every attachment gets opened in its own single-use disposable qube. In this way, Qubes allows you to do everything on the same physical computer without having to worry about a single successful cyberattack taking down your entire digital life in one fell swoop.

Moreover, all of these isolated qubes are integrated into a single, usable system. Programs are isolated in their own separate qubes, but all windows are displayed in a single, unified desktop environment with unforgeable colored window borders so that you can easily identify windows from different security levels. Common attack vectors like network cards and USB controllers are isolated in their own hardware qubes while their functionality is preserved through secure networking, firewalls, and USB device management. Integrated file and clipboard copy and paste operations make it easy to work across various qubes without compromising security. The innovative Template system separates software installation from software use, allowing qubes to share a root filesystem without sacrificing security (and saving disk space, to boot). Qubes even allows you to sanitize PDFs and images in a few clicks. Users concerned about privacy will appreciate the integration of Whonix with Qubes, which makes it easy to use Tor securely, while those concerned about physical hardware attacks will benefit from Anti Evil Maid.
security  privacy  linux  security_architecture  xen  virtualization  tool 
yesterday
jerkoch/SwipeCellKit: Swipeable UITableViewCell based on the stock Mail.app, implemented in Swift.
A swipeable UITableViewCell with support for:

• Left and right swipe actions
• Action buttons with: text only, text + image, image only
• Haptic Feedback
• Customizable transitions: Border, Drag, and Reveal
• Animated expansion when dragging past threshold
github_repo  lang:swift  uitableview  uitableviewcell  gestures 
yesterday
NextLevel/NextLevel: ⬆️ Rad Media Capture in Swift
Next Level is a media capture camera library for iOS written in Swift.

Next Level was a little weekend project that turned into something more useful. The software provides foundational components for advanced media recording, camera interface customization, and gestural interaction customization for iOS. The same capabilities can also be found in apps such as Snapchat, Instagram, and Vine.

The goal is to continue to provide a good foundation for quick integration (taking you to the next level) – allowing everyone to focus on the app functionality that matters most. My hope is the app functionality that matters most whether is be realtime image processing, computer vision methods, augmented reality, or even new cinematographic recording techniques benefit from how this library is structured.


Appears to be quite comprehensive, featureful, and extensible.
github_repo  lang:swift  ios  AVKit  AVFoundation  camera  photo  video 
yesterday
Certificate Transparency Monitoring - Facebook for Developers
This tool lets you search for certificates issued for a given domain. Subscribe to email updates to be alerted when new certificates are issued.
ct  tls  tool  sysadmin  ssl  security 
5 days ago
apollographql/apollo-ios: 📱 A strongly-typed, caching GraphQL client for iOS, written in Swift
Apollo iOS is a strongly-typed, caching GraphQL client for iOS, written in Swift.

It allows you to execute queries and mutations against a GraphQL server, and returns results as query-specific Swift types. This means you don’t have to deal with parsing JSON, or passing around dictionaries and making clients cast values to the right type manually. You also don't have to write model types yourself, because these are generated from the GraphQL definitions your UI uses.

As the generate...
ios  lang:swift  graphql  github_repo 
6 days ago
malcommac/Hydra: Promises & Async/Await - Write better async code in Swift
I haven't reviewed the code yet, but this looks to be a nice promises library for Swift, with the bonus of an `async` pseudo-keyword which is something I've wanted to try writing. Neat!
async  promises  lang:swift  github_repo  await  concurrency 
6 days ago
cezheng/Fuzi: A fast & lightweight XML & HTML parser in Swift with XPath & CSS support
Inherited from Ono

• Extremely performant document parsing and traversal, powered by libxml2
• Support for both XPath and CSS queries
• Automatic conversion of date and number values
• Correct, common-sense handling of XML namespaces for elements and attributes
• Ability to load HTML and XML documents from either String or NSData or [CChar]
• Comprehensive test suite
• Full documentation

Improved in Fuzi

• Simple, modern API following standard Swift conventions, no more return types like AnyObject! that cause unnecessary type casts
• Customizable date and number formatters
• Some bugs fixes
• More convenience methods for HTML Documents
• Access XML nodes of all types (Including text, comment, etc.)
• Support for more CSS selectors (yet to come)
html  xml  lang:swift  parser  github_repo  xpath  css  libxml2 
6 days ago
tid-kijyun/Kanna: Kanna(鉋) is an XML/HTML parser for Swift.
• XPath 1.0 support for document searching
• CSS3 selector support for document searching
• Support for namespaces
• Comprehensive test suite
html  xml  lang:swift  parser  github_repo  libxml2  xpath  css 
6 days ago
Bridging Swift Types to Objective-C · [Thinking inside a large box];
We decided to create separate types that would be responsible for bridging our Swift types to Objective-C (and vice versa). These types wrap around the Swift types and take care of translating language concepts where necessary.
swiftlang  objective-c  interop  bridging 
7 days ago
malcommac/Hydra: Promises & Await - Write better async code in Swift
At the outset (I haven't reviewed the code yet), appears to be a decent promises library for Swift. Includes an `await` function, which is something I've been meaning to try and write in Swift as a wrapper for a promise, so, neat!
Hydra is full-featured lightweight library which allows you to write better async code in Swift 3+. It's partially based on JavaScript A+ specs and also implements modern construct like await (as seen in Async/Await specification in ES8 (ECMAScript 2017) or C#) which allows you to write async code in sync manner. Hydra supports all sexiest operators like always, validate, timeout, retry, all, any, pass, recover, map, zip, defer and retry. Starts writing better async code with Hydra!
lang:swift  async  promises 
8 days ago
roberthein/TinyConstraints: Nothing but sugar.
yet another Swift AutoLayout API, with an emphasis on concision.
autolayout  lang:swift  github_repo 
8 days ago
Refactoring singleton usage in Swift · Jesse Squires
Good advice. I would only add:

• using protocols as the types you inject is a really good first step to making things better
• you can use a property lazily initialized to a singleton instance if you won't want to inject everything via initializers
refactoring  singleton  designpatterns  dependency-injection 
8 days ago
Using Swipe to Trigger Contextual Actions
discussion of the problems that arise when the swipe gesture is used to widely and inconsistently.

(the Times app is no exception.)
ux  design  gestures 
8 days ago
Prioritization · Jesse Squires
Everything will still be there tomorrow.
time  life  mental_health  priorities 
8 days ago
Don’t panic! Download “A First Look at Digital Security”
Say you know that you want to protect yourself online, but you don’t know where to start. Or maybe you’ve heard about a best practice or tactic to use, but you don’t know how to implement it. Well, you’re in luck! Check out A First Look at Digital Security.
security  privacy  bestpractices  threat_modeling  resources 
8 days ago
Getting Started with Digital Security - WITNESS Blog
Digital security can seem overwhelming at first. Many people believe that they need special technical expertise to understand and mitigate threats to their security. That’s an understandable misconception.

In fact, improving your digital security means figuring out what your own risks are and making a decision about what tools and techniques you’re willing to learn to use to protect yourself and those around you.

Security trainers call this process risk assessment or threat modeling. It sounds complicated, but there are many organizations that have created resources online to help you with assessing and addressing your digital security needs. This blog post lists some of these guides and what they can teach you.
security  privacy  activism  threat_modeling  resources 
8 days ago
x0rz/tweets_analyzer: Tweets metadata scraper & activity analyzer
The goal of this simple python script is to analyze a Twitter profile through its tweets by detecting:

• Average tweet activity, by hour and by day of the week
• Timezone and language set for the Twitter interface
• Sources used (mobile application, web browser, ...)
• Geolocations
• Most used hashtags, most retweeted users and most mentioned users
• Friends analysis based on most frequent timezones/languages
OSINT  intelligence  tool  twitter  metadata  socialmedia  github_repo 
10 days ago
trailofbits/algo: 1-click IPSEC VPN in the Cloud
Algo VPN is a set of Ansible scripts that simplifies the setup of a personal IPSEC VPN. It contains the most secure defaults available, works with common cloud providers, and does not require client software on most devices.
von  tool  github_repo  security  privacy 
10 days ago
adns - advanced, alternative, asynchronous resolver
Advanced, easy to use, asynchronous-capable DNS client library and utilities.
adns is a resolver library for C (and C++) programs, and a collection of useful DNS resolver utilities.
dns  lang:c 
10 days ago
rtreffer/minidns: DNS library for Android and Java SE
MiniDNS is a minimal DNS client client library for Android and Java SE. It can parse resource records (A, AAAA, NS, SRV, …) and is easy to use and extend. MiniDNS aims to be secure, modular, leightweight and as simple as possible. It also provides experimental support for DNSSEC and DANE, and is thus the ideal resolver if you want to bring DNSSEC close to your application.

It comes with a pluggable cache mechanism, a pre-configured cache and an easy to use high-level API (minidns-hla) for those who just want to perform a reliable lookup of a domain name.
java  javaSE  lang:java  dns  android  github_repo 
10 days ago
CFHost - Core Services | Apple Developer Documentation
The CFHost API allows you to create instances of the CFHost object that you can use to acquire host information, including names, addresses, and reachability information.
CFHost  ios  osx  dns  cocoa 
10 days ago
Be More Careful on Facebook | Incisive.nu
Here’s the short version of what I’m about to say: Immigrants and visitors to the US—along with anyone participating in protests or visible resistance to the current administration—are the targets of intrusive governmental surveillance, including surveillance of their social networks. Both immigrants and political dissidents are being vilified by the administration and targeted for draconian and unconstitutional attacks. If your “friends”—or friends of friends—network includes people vulnerable to these attacks, you should assume that your constitutionally protected political speech may be used in bad faith to characterize your contacts as terrorists or criminals, and act accordingly.
privacy  security  surveillance  facebook  socialmedia 
10 days ago
Jose Pagliery on Twitter: "Roses are red, Violets are blue ███████████ ████████ FOIA exemption (b)(7)(E)"
Roses are red,
Violets are blue
███████████
████████

FOIA exemption (b)(7)(E)
humor  is:tweet  foia 
10 days ago
Smarter Animated Row Deselection on iOS - RaizException - Raizlabs Developer BlogRaizException – Raizlabs Developer Blog
If you’re using UITableViewController, you get this behavior “for free”; that is, it will automatically deselect the selected row during a “back” navigation event. However, in some cases you won’t get automatic deselection, and even when you do, it doesn’t work correctly with the interactive, percent-driven animations that were introduced in iOS 7, including the one built into UINavigationController. Watch what happens when I interactively dismiss this screen by sliding my thumb from the left side of the screen, a common gesture among users of iPhone 6 and iPhone 6 Plus devices:

[gif: Default Deselection Interactive Looping]

The resulting behavior is at best suboptimal, and at worst downright broken. When I use an interactive gesture to pop the navigation stack, the row either waits until the animation is done to un-highlight, or it just gets stuck and never un-highlights. It would be better if the row faded out smoothly as a function of the transition progress.
uikit  uitableview  animation  ios 
10 days ago
alecmuffett/eotk: Enterprise Onion Toolkit
The goal of EOTK is to provide a tool for prototyping, and deploying at scale, HTTP and HTTPS onion sites to provide official presence for popular websites.

The results are essentially a "man in the middle" proxy; set them up only for your own sites or for sites which do not require login credentials of any kind.
tor  tool  privacy  github_repo 
10 days ago
Greg Parker on Twitter: "@wilshipley `dispatch_get_current_queue() == someQueue` is insufficient to avoid the deadlocks you describe."
@wilshipley `dispatch_get_current_queue() == someQueue` is insufficient to avoid the deadlocks you describe.
gcd  deadlock  concurrency  is:tweet 
12 days ago
Pimp My Code, Book 2: Grand Central Dispatch's Achilles Heel. | Call Me Fishmeal.
tl;dr: dispatch_sync will deadlock if you call it on the same thread you're currently running on.

Well… yeah.
concurrency  gcd  deadlock 
12 days ago
a15376 - The New Yorker
“We’d now like to open the floor to shorter speeches disguised as questions.”
cartoon  humor  talks 
13 days ago
Mendez Decision
New York Supreme Court Manuel Mendez order NYPD to release records of undercover surveillance of #BlackLivesMatter.
FOIA  BLM  NYPD  surveillance  privacy 
19 days ago
Herdict : Home
Herdict is a user-driven platform for identifying web blockages as they happen, including denial of service attacks, censorship, and other filtering. Reporting to Herdict when you can't access the content you want contributes to our aggregated data that helps us monitor the health of the Internet in real time.


Data does not appear to be particularly reliable.
censorship  security  tool 
19 days ago
core/securecoding.txt at master · dovecot/core
Alternatively, don't write C.

But, if you must, these are good standards to live by.
c  security  bestpractices  memorymanagement 
21 days ago
curtclifton.net - Finder and Terminal are Friends
As developers, we tend to spend a lot of time typing in Terminal windows. Even so, I often find it more helpful to browse directories and files in Finder. I have three little hacks that simplify moving between the two modes.
osx  finder  terminal 
21 days ago
Swift — memoize() walk through – Medium
This should be part of the Swift stdlib. Very nice walkthrough of a memoize implementation in Swift.
lang:swift  swiftlang  memoize  caching 
21 days ago
« earlier      
373proj a2council accessibility algorithms america android animation annarbor api apple applewatch appstore arc art associated_types async autolayout aviation bash bestpractices business c c++ charting ci clang cli clips clojure cocoa cocoa_touch cocoapods coffee color complexity concurrency coreanimation coredata corefoundation couchdb cryptography cs css css3 culture cycling d3 data debugging dependency-injection design designpatterns detroit development diversity diy dmx512 documentation education elecdiy election2016 electronics embedded encryption engineering error_handling extensions facebook filetype:pdf finance flying foia font food friends functionalprogramming game gcd generics gif git github github_gist github_repo golang graphics health html html5 http humor icons inspiration internet interop ios ios10 ios7 ios8 ios9 is:video java javascript jekyll journalism jquery json keyboard keychain kvo lang:swift layout life lighting linux management mapper markdown matlab media:document memorymanagement michigan mocking music mvvm networking newspapers nginx notifications nsa nsurlsession nyc nytimes nytnow objective-c oop option_type osx parser performance photog photography php politics privacy productivity programming protocol_extensions protocols python quote radio react reactivecocoa reactiveprogramming reactjs reactnative reference resources rest ruby rust_lang rx rxjava safety scala security shop sidenav simplicity software software_architecture solid sqlite srp ssl startups stm8 strings swift3 swiftlang sysadmin tdd testing tls tool tools travel turbojet tutorial twitter type_members types ui uicollectionview uiimage uiimageview uikit uitableview uiviewcontroller umich unicode unix ux via:andrewsardone via:androidweekly via:cdzombak via:iosdevweekly via:mattb visualization watchkit water weather web_dev windows wordpress work xcode xctest xpc

Copy this bookmark:



description:


tags: