FileVault2 Hacks

Mac OS X 10.7 introduced a whole disk encryption service called FileVault2. This allows you to use AES 128 encryption to protect your data. This is a great feature but it has a few small drawbacks. It uses the password of your primary user account to unlock the system. I'm a fan of strong passwords but for encryption I'd prefer to use a longer pass phrase for increased entropy. Second the EFI-boot screen that is used to get the password to decrypt the disk shows the display name of all usersthat can unlock the system rather than blank fields for both username and password. This leaks information that I would really rather not leak. Fortunately I've found a little hack to work around both of these issues.

more ...

Yaml 1.1.1 PECL Module Released

I'm glad to announce that I finally got around to releasing the bug fix version of the YAML PECL module that I announced on 2013-04-23. Version 1.1.1 fixes several long standing bugs:

  • #61770 Crash on nonunicode character
  • #61923 Detect_scalar_type() is not aware of base 60 representation
  • #63086 Compiling PHP with YAML as static extension fails
  • #64019 Segmentation fault if yaml anchor ends with a colon
  • #64694 Segfault when array used as mapping key
more ...

Planning Work in a Sprint

We've been having some discussions at $DAYJOB about process and methodologies. The topic of late is scrum and how it may or may not be helpful for the particular group I work with. I've been providing some anecdotal input based my past experience with scrum and other methodologies/frameworks/practices and asking questions about what problems the group is hoping to find new solutions for.

I started to write a big wall o' textâ„¢ email about a particular topic and then decided that maybe a blog post would be a better way to work through my idea. So dear reader1, here are some of my highly opinionated and mostly unsubstantiated thoughts about a process that a group of people could use to plan a scrum sprint (or really any other iterative unit of work).

more ...


Managing my laptop with Boxen

Boxen is a framework and collection of libraries created by the fine folks at GitHub to make setting up and managing Mac OS X computers easy and repeatable. Rather than a simple set of shell scripts or other provisioning tools, Boxen uses Puppet to automate installing and configuring software. I don't have the time or space to explain how great Puppet is a configuration management is, so you'll have to trust me or go do your own research.

Anybody could take a stab at rolling their own collection of Puppet manifests to manage their laptop or their corporate install base. That's actually exactly what GitHub did to create Boxen. Having tried (and failed) at doing just that before I was pretty impressed when I gave Boxen a test drive. GitHub has not only provided a system that "works for them"; they have also managed to engineer a reasonably extensible solution for a very complex problem.

You can use your favorite search engine to find folks who can wax poetic about the magnitude of this accomplishment. Let's get on with a description of what I've been able to do with it.

more ...