Newsletter # 29 - How to read passwords and sensitive data from the command-line using Swift Jul 26 2020
Hello, and welcome to issue #29!
I hope you are well where ever you are. These are weird times we live in, a lot of terrible news around the globe. But that doesn't mean that we can't make it better. Make sure you help improve your little part of the world, sometimes small gestures have a big impact on people's lives (including our own).
These last few weeks, I've been busy working on a few open-source projects, trying to give back to the world of open-source. And having a good time doing it. The following are some of the project's I've been contributing to. And a tool I've open-sourced for everyone to use:
- Venator - Contributed to this project by adding the capability to store the PF(firewall) rules for later analysis. Venator is a "tool used for gathering data for the purpose of proactive macOS detection", handy for forensics.
- Vim-markdown-toc - extended this plugin to add anchors to the table of contents. Vim-markdown-tock is a vim plugin to auto-generate a table of contents on your Markdown files. I wrote a small note here if you want to read more and use it for your markdown files.
- Octoprofile - Built this tool and made it open-source to help users add dynamically generated data to their GitHub profile. I use it on my profile with some GitHub Actions to make the process automatic.
If you are new to open-source and wish to contribute, there are a lot of projects out there. If you want something to dip your toes in, you should have a look at Octoprofile. I built a basic plugin-system that you can easily extend, so you can add more dynamic content and only focus on your plugin. The tool is simple, and that is the whole point of it, so anyone can take it and extend it. Give it a try. You might find it useful.
Also, I published an article on how to handle sensitive data on your command-line tools written in Swift. If you are interested here is the link:
How to read passwords and sensitive data from the command-line using Swift
As you can see, I've been busy having fun writing and coding. I've also been reading some interesting posts.
Interesting things I've come across
I wanted to share this short post on the difference between Enter and Return keys. I think you'll enjoy:
Daring Fireball: Return and Enter Are Two Different Keys
And also this post on Apple giving security researchers a device to analyse the OS and the applications.
Apple Security Research Device Program - Apple Developer
Depending on how Apple handles this, it might be helpful for security researchers. The problem I see is that once you get that device, you might be tied up to the agreement of only releasing information to Apple. But what happens if the security vulnerabilities are not patched in a timely manner? Will researchers be able to disclose security flaws after an appropriate wait time(90 days is usual)? We'll have to wait and see.
Ok, that is it for this newsletter. I hope you liked it.
Until next time,
Derik
Tip of the week
This week the tip of the week is not a technical one, but still useful.
I sometimes find myself avoiding doing the work I wanted to accomplish by getting busy doing some ancillary tasks. I saw this blogpost on "doing the real thing", and thought I should apply it, and it has been very rewarding. It amounts to don't trick yourself into thinking you are going to accomplish something by doing something else, do the real thing.
The tip of the week is to read the article and implement it with whatever you set yourself to do. I hope it is useful, here is the link:
Do the Real Thing | Scott H Young