Monthly Archives: January 2011

SourceForge Hacked

The SourceForge site was hacked last week, with the attackers going as far as putting a hacked SSH daemon in place.

Since hacking pushes one towards paranoia, let’s go there for a minute.

An attacker being able to change source-code in any SourceForge repository, bypassing change-logs and hacking files’ time-stamps, could introduce compromised source-code to a lot of open-source projects that touch on security. The commercial packages that rely on them multiplies that compromise up by who-knows-how-much.

Wow. Ugly.

Serial Port Monitor in 20 Lines of Code

Here’s a serial-port monitor in 20 lines of code, thanks to PySerial. It opens the default or first serial port, and works with USB dongles, too.

import serial	# http://pyserial.sf.net
import SerialPortScanWin32

pList = [x for x in SerialPortScanWin32.comports()]
port = pList[0][0] - 1 # single/first serial port
ser = serial.Serial(port, baudrate=1200, parity='E', timeout=0.2) # opens, too.
print "Monitoring serial port " + ser.name
data = []
while True:
	ch = ser.read(1)
	if len(ch) == 0:
		# rec'd nothing print all
		if len(data) > 0:
			s = ''
			for x in data:
				s += ' %02X' % ord(x)
			print '%s [len = %d]' % (s, len(data))
		data = []
	else:
		data.append(ch)

Python rocks!

PS: No, serial comm hasn’t gone the way of the dodo, particularly for many industries.

LinkedIn broken?

As of right now, a couple LinkedIn connection requests I made, that were accepted, still aren’t showing up in my connections list. I received the e-mail that we’re connected. So it’s half-working, half-broken, even after 30 hours or so. (Surely the electrons can travel from one end of LinkedIn to the other in that time.)

The mind boggles at the mess this could potentially be if they’re dealing with a breakage of something that fundamental. My heart goes out to them. I hope they have (or can create) the right view of their system to make it all good. I haven’t seen any announcement to that effect.