Newsletter # 20 - A small LLDB-Python script Mar 1 2020

Hello, and welcome to issue #20.

I'm back! Between work and learning, I haven't had much time to write a proper blog post for the last few weeks. I also don't want only to post because it's the weekend. I like to write something that it's useful and not just to tick a box.

So this week there's no post either, but I'm working on some security-related posts that I'll share with you when they are ready.

In the meantime, I wanted to share a couple of links that I've found interesting.

Do you ever wonder why some "constants" came to be? For example, why do we use 365 days (366 on leap years like 2020) to represent a year?

There are many values like this. Another example, 24 hours each day? Why? Well, some of them are hard to explain, but there are some we do have an explanation for.

If you've worked on networks you might know that the MTU (Maximum Transmission Unit) on Ethernet is 1500 bytes, but why? It ends up being an interesting case of "because that's how we did it in the past", and "it's hard to change how things are done". If you are interested, you can read the story here.

https://blog.benjojo.co.uk/post/why-is-ethernet-mtu-1500

And because I know you are observant, and I know I'll get a message saying "Hey! I remember that you used an MTU of 65536 on your blog post on BSD Sockets".

Well, you are right! That is not the Ethernet MTU. It's because I'm using the IP MTU which is different (you can check it here on RFC 791 - Page 13). But because I know that you might not go to the RFC and read it all, you might not notice that the actual MTU is 65535 not 65536 as I used on my code. Yea, I made a mistake there, off by one! But I'll leave it like that, we all make mistakes :) and also, I'll leave it there and see if someone ever mentions it.

Another history recommendation for you. The recommendation is one of the latest episodes of The History of Computing Podcast. Remember I shared with you the story of OpenVMS (42 years old Operating System) on the last Newsletter? Well, I reached out to  @cedge318 (The creator of the podcast) and asked if maybe he could, at some point, make a podcast on VMS. And guess what? He did you can find it here or here(Overcast link) wait for the shout-out at the end ;).

Alright, that's me for the week. I haven't written a post for you this week, but that doesn't mean I don't have something to share with you.

I've been in the weeds looking at the Mach-O file format and learning a lot using LLDB. I wrote a small LLDB-Python script to obtain Data Directories from your application bundle while debugging an app. This function is very handy when you are doing a security analysis of an iOS app. If you want to have a look, here is the link:

https://github.com/rderik/LLDB/blob/master/lldb_commands/ddp.py - DDP (Data Directory Path)

Ok, Thanks for reading. I hope you have a nice Sunday and a good start of the week.

Until next time, Derik

Tip of the week

Have you ever got your terminal window messed up by doing cat to some binary file? Or maybe a UTF8 character that your terminal can't display. Whatever the case it might be, I've seen many people resort to closing the Terminal and opening a new one.

You won't be one of them. If you ever get the display of your terminal messed up, you can fix it by restarting it! using the command:

1

$ reset

And everything will be back to normal.


** If you want to check what else I'm currently doing, be sure to follow me on twitter @rderik or subscribe to the newsletter. If you want to send me a direct message, you can send it to derik@rderik.com.