čtvrtek 26. února 2015

.. on a trip to the C world again

Testing lua embedding and mongoose http server.
Lua is great to implement business logic in the C based app.
It lets you bee less woried about memory leaks, stack overruns, invalid pointer etc.

úterý 24. února 2015

online collaboration in realtime

Some projects for online collaboration:
http://etherpad.org/ - realtime colaboration for text editing
http://socket.io/  - bidirectional realtime communication platform
http://XMPP.org - realtime presence & message protocol

středa 18. února 2015

Tune SSL on Apache 2.4/Windows

Today I spent some time to tune Apache SSL settings to be Grade A at https://www.ssllabs.com/ssltest/.
Finding the equilibrium point between compatibility and transport security took some time. To save yours, I'm sharing the final configuration here.

Some notes at first. I favored security over backward compatibility and so some older (very old in fact) browsers will fail to establish connection. I tried to cope with all failed tests, but not succseeded. There stil are some Failed tests. Those tests are not affecting the main purpose of the server.

  1. Download and install the latest Apache 2.4 binaries to overcome known CVE
  2. I'm using http://www.startssl.com/ as the server certification authority.
  3. Tune SSL Protocol and Ciphersuites and some others at a server level (httpd.conf)
    1. SSLProtocol all -SSLv2 -SSLv3
    2. SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
    3. SSLHonorCipherOrder on
    4. SSLUseStapling On
    5. SSLStaplingCache shmcb:logs/ssl_stapling(32768)
  4. Add HTTP Strict Transport Security
    1. Enable headers module: 
      1. LoadModule headers_module modules/mod_headers.so
         
    2. Set header to require HSTS at the VirtualHost level
      1. Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
And you are done.


pátek 13. února 2015

... DIY electronics

From time to time I learn about new DIY electronic project. Here I will sumarize all of them in a short notice:

littleBits

Creations are constructed by placing bits&pieces together glued by magnetic force and connected by contacts. Cloud enabled.
SmartHome Kit - $249 per 14 modules -  $17/module.

SAM

Standalone bits equiped with bluetooth low energy connectivity connected by SW configuration. Battery in a module lasts from 3 weeks of operation (button) to 1 hour (motor). MicroUSB charger.
Cloud enabled.
SAM Pro  - GBP 349 per 11 modules -  GBP31/module