“We can safely say that in modern seismology, we’ve never seen such a long period of human quiet,” says Raphael De Plaen at the Universidad Nacional Autónoma de México in Querétaro, one of the paper’s 76 authors.

• ssh(1), ssh-keygen(1): support for FIDO keys that require a PIN for
  each use. These keys may be generated using ssh-keygen using a new
  "verify-required" option. When a PIN-required key is used, the user
  will be prompted for a PIN to complete the signature operation.

• sshd(8): authorized_keys now supports a new "verify-required"
  option to require FIDO signatures assert that the token verified
  that the user was present before making the signature. The FIDO
  protocol supports multiple methods for user-verification, but
  currently OpenSSH only supports PIN verification.

• sshd(8), ssh-keygen(1): add support for verifying FIDO webauthn
  signatures. Webauthn is a standard for using FIDO keys in web
  browsers. These signatures are a slightly different format to plain
  FIDO signatures and thus require explicit support.

• ssh(1): allow some keywords to expand shell-style ${ENV}
  environment variables. The supported keywords are CertificateFile,
  ControlPath, IdentityAgent and IdentityFile, plus LocalForward and
  RemoteForward when used for Unix domain socket paths. bz#3140

• ssh(1), ssh-agent(1): allow some additional control over the use of
  ssh-askpass via a new $SSH_ASKPASS_REQUIRE environment variable,
  including forcibly enabling and disabling its use. bz#69

• ssh(1): allow ssh_config(5)’s AddKeysToAgent keyword accept a time
  limit for keys in addition to its current flag options. Time-
  limited keys will automatically be removed from ssh-agent after
  their expiry time has passed.

Piloting an ocean exploration ship or Martian research shuttle is serious business. Let’s hope the control panel is up to scratch. Two studs wide and angled at 45°, the ubiquitous “2x2 decorated slope” is a LEGO minifigure’s interface to the world.

These iconic, low-resolution designs are the perfect tool to learn the basics of physical interface design. Armed with 52 different bricks, let’s see what they can teach us about the design, layout and organisation of complex interfaces.

kb is a text-oriented minimalist command line knowledge base manager. kb can be considered a quick note collection and access tool oriented toward software developers, penetration testers, hackers, students or whoever has to collect and organize notes in a clean way. Although kb is mainly targeted on text-based note collection, it supports non-text files as well (e.g., images, pdf, videos and others).

The project was born from the frustration of trying to find a good way to quickly access my notes, procedures, cheatsheets and lists (e.g., payloads) but at the same time, keeping them organized. This is particularly useful for any kind of student. I use it in the context of penetration testing to organize pentesting procedures, cheatsheets, payloads, guides and notes.

I found myself too frequently spending time trying to search for that particular payload list quickly, or spending too much time trying to find a specific guide/cheatsheet for a needed tool. kb tries to solve this problem by providing you a quick and intuitive way to access knowledge.

In few words kb allows a user to quickly and efficiently:

collect items containing notes,guides,procedures,cheatsheets into an organized knowledge base;
filter the knowledge base on different metadata: title, category, tags and others;
visualize items within the knowledge base with (or without) syntax highlighting;
grep through the knowledge base using regexes;
import/export an entire knowledge base;

Basically, kb provides a clean text-based way to organize your knowledge.

GitHub CLI brings GitHub to your terminal. It reduces context switching, helps you focus, and enables you to more easily script and create your own workflows. Earlier this year, we announced the beta of GitHub CLI. Since we released the beta, users have created over 250,000 pull requests, performed over 350,000 merges, and created over 20,000 issues with GitHub CLI. We’ve received so much thoughtful feedback, and today GitHub CLI is out of beta and available to download on Windows, macOS, and Linux.

With GitHub CLI 1.0, you can:

Run your entire GitHub workflow from the terminal, from issues through releases
Call the GitHub API to script nearly any action, and set a custom alias for any command
Connect to GitHub Enterprise Server in addition to GitHub.com

Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server.

Since the tarpit is in the banner before any cryptographic exchange occurs, this program doesn’t depend on any cryptographic libraries. It’s a simple, single-threaded, standalone C program. It uses poll() to trap multiple clients at a time.

query-json is a faster and simpler re-implementation of the jq language in Reason Native and compiled to binary thanks to the OCaml compiler. query-json, allows you to write small programs to operate on top of json files in a cute syntax:

I wrote a post over the weekend which said a lot about libraries letting people down, and other people becoming overly dependent on them. There was an aside of sorts in there which mentioned teaching people about all of the things to look out for when you’re writing to a file on a Unix-ish/POSIX-ish filesystem situation. A friend reached out asking if I had a post talking about that stuff, and near as I can tell, I do not.

That brings us to right now. I will attempt to lay down a few things that I keep in mind any time I’m creating files.

Linking-it-all-together asks: I came across this article about the benefits of static linking over dynamic linking. If dynamic linking is slower and doesn’t offer practical benefits then why do most distros still dynamic link? Is this a hold over from the past or is there a reason I’m missing that make distros still use dynamic linking?

DistroWatch answers: I read through the article provided and it does share some interesting statistics on dynamically linked programs versus statically linked programs. The author appears to be making a case against dynamic linking and in favour of static linking, or at least presenting facts which would support such a case. For the sake of this discussion I am going to assume the observations the article’s author makes are accurate and factually correct, at least for their own distribution.

The author addresses some interesting questions, such as how often are dynamically libraries used on the system, which indicates how many resources avoid duplication by sharing libraries. They also explore how quickly dynamic and static programs load and how much larger statically linked programs are compared to their dynamically linked counterparts. The author points out that many libraries on their distribution are not shared by many programs, that statically linked programs can load faster, and that not a lot of bandwidth is saved by using dynamically linked programs.

Reading through the page of observations the author shares, it’s understandable we might wonder why developers continue to favour dynamically linked applications in most situations. Let’s look at some of the specific arguments from the article.

There are quite a few things that set Zork and other Infocom games apart from the competition. For one, Infocom games had creative, addictive puzzles and mazes that drove players batty. Some gamers even wrote Infocom letters, asking for a hint to help them get past particularly tough brain teasers.