Attention SPAMMERS: Don't advertise your services on my blog. If you do then you will have implicitly given me permission to disable any service you advertise via my blog by any means necessary.
If you have a web project that has both JavaScript and Go, then you may need to create a pre-commit hook to validate both .js and .go source files.
Here's one way to do it using two script files and a git pre-commit hook.
Create pre commit scripts for JS and Go
js-pre-commit-git-hook
files=$(git diff --cached --name-only --diff-filter=ACM | grep ".js$")
if [ "$files" = "" ]; then
exit 0
fi
LINTER=jshint
pass=true
echo "\nValidating JavaScript:\n"
for file in ${files}; do
result=$($LINTER ${file})
if [ "$?" == "0" ]; then
echo "\t\033[32m$LINTER Passed: ${file}\033[0m"
else
echo "\t\033[31m$LINTER Failed: ${file}\033[0m"
pass=false
fi
done
echo "\nJavaScript validation complete\n"
if ! $pass; then
echo "\033[41mCOMMIT FAILED:\033[0m Your commit contains files that should pass $LINTER but do not. Please fix the $LINTER errors and try again.\n"
exit 1
else
echo "\033[42mCOMMIT SUCCEEDED\033[0m\n"
fi
go-pre-commit-git-hook
#!/bin/sh
# Copyright 2012 The Go Authors. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
# git gofmt pre-commit hook
#
# To use, store as .git/hooks/pre-commit inside your repository and make sure
# it has execute permissions.
#
# This script does not handle file names that contain spaces.
gofiles=$(git diff --cached --name-only --diff-filter=ACM | grep '.go$')
[ -z "$gofiles" ] && exit 0
unformatted=$(gofmt -l $gofiles)
[ -z "$unformatted" ] && exit 0
# Some files are not gofmt'd. Print message and fail.
echo >&2 "Go files must be formatted with gofmt. Please run:"
for fn in $unformatted; do
echo >&2 " gofmt -w $PWD/$fn"
done
exit 1
.git/hooks/pre-commit
js-pre-commit-git-hook && go-pre-commit-git-hook
Notes
Put the scripts in your $PATH and make them executable.
Create a .jshintrc file with your desired jshint configuration settings.
Format a file (or directory)
In case you've already com=mited files before setting up this git hook, you can gofmt individual files (or directories) like this:
When Sony Pictures employees got into the office on Monday, November 24, they discovered that their corporate network had been hacked.
The attackers took terabytes of private data, deleted the original copies from Sony computers, and left messages threatening to release the information if Sony didn't comply with the attackers' demands.
My First Guess
When I first heard that Sony got hacked, my first thought was, "I bet those guys run Windows."
That suspicion has been confirmed.
Possible Attack Vector
The attackers researched Sony's IT infrastructure and knew their victim's vulnerabilities.
Cyber Attack
The attackers could have used email system or Microsoft IE browser vulnerabilities to initially gain access to a regular employees workstation.
Gain Admin Access
Knowing that Sony ran Microsoft Windows, the attackers could have used a known Microsoft Implemented Kerberos solution vulnerability to forge a Privilege Attribute Certificate, that the Kerberos Key Distribution Center validates, to elevate their privileges to that of any other account on the domain.
Destructive Malware
Once attackers gets administrative keys to a Microsoft-based network with unencrypted file systems, they were able to extract that information and expose corporate secrets *** and follow up with destroying the files using destructive BKDR_WIPALL Malware.
*** Corporate Secrets Exposed
Men are paid more than women. Sony's 17 biggest-earning executives are predominantly white men. According to a spreadsheet called "Comp Roster by Supervisory Organization 2014-10-21," Amy Pascal, the co-chair of Sony Pictures Entertainment is the only woman earning $1 million or more at the studio.
A series of emails between Pascal and movie producer Scott Rudin showed an ugly side to the beautiful business of Hollywood. Rudin called Angelina Jolie a "minimally talented spoiled brat" in an email exchange with Pascal. Pascal and Rudin also made racially charged jokes about President Obama's taste in movies. As you would expect, Pascal and Rudin apologized, saying they are so sorry for what they said.
Sony's Employee Workstations and Network Run on Microsoft Windows
Private data was not encrypted
Woefully Inadequate Network Security Monitoring
Law Suit Filed
Two former employees of Sony Pictures filed a lawsuit against Sony alleging it didn't do enough to safeguard their personal information and prevent its loss in that cyberattack.
The lawsuit was filed Monday, December 15th 2014, in U.S. District Court for the Central District of California, asks the court to award monetary damages and also class-action status. Thousands of Sony employees past and present could join the suit.
The lawsuit alleges, "Sony failed to secure its computer system, servers and databases, despite weaknesses that it has known about for years, because Sony made a business decision to accept the risk of losses associated with being hacked."
How can Sony defend itself against solid claims of negligence?
IT Security Laws for Corporations
Sarbanes-Oxley
Sarbanes-Oxley, or 'Sarbox' as it is sometimes called, was enacted in 2002 to help prevent future Enron-like episodes from happening again. It requires companies to be accountable for identifying and mitigating risks to their financial stability and this includes information security.
Sarbanes-Oxley details a "chain of accountability" where senior executives and board members must sign off on the accuracy of financial reporting, then the managers that report to them must be darned sure that their information is accurate. That applies to the managers who report to them and the people who report to them and so on. While the average employee of a public company will most likely not go to jail over a Sarbanes-Oxley violation (C-level executives are not so fortunate) each employee does have an important role in maintaining the security and integrity of corporate data.
When Sarbanes-Oxley mentions "controls" it it talking about policies, procedures and guidelines that protect information in your company with a direct implication of adequate IT security enforcement.
HIPAA Security Rule
This massive cyberattack constitutes unauthorized access or acquisition of personal information subject to most state and federal data breach notification requirements, including the HIPAA Data Breach Notification Rule. The HIPAA Security Rule contains a number of provisions that require covered entities and business associates to maintain procedures to monitor system activity for potential security incidents and investigate any such potential security incidents.
The HIPAA Security Rule requires covered entities and business associates to “regularly review records of information system activity, such as audit logs, access records, and security incident tracking reports.” 45 C.F.R. § 164.306(a)(1)(ii)(D). HHS guidance materials further state that this specification “should also promote continual awareness of any information system activity that could suggest a security incident.”
See CMS, HIPAA Security Series Vol. 2 Security Standards: Administrative Safeguards
The HIPAA Security Rule requires covered entities and business associates to create and maintain appropriate records of system activity. See 45 C.F.R. 164.312(b). However, covered entities and business associates have significant discretion to create and maintain activity records based upon the formal assessment of their security risks.
Breach Notification
Breach notice laws typically define, “personal information” as, "A user name or email address, in combination with a password or security question and answer that would permit access to an online account."
Implications
IT security should be taken seriously
As a C-level executive, you should know the laws pertaining to safeguarding your company and employees' data.
As a C-level executive, you are liable for lax IT security enforcement at your company.
Lessons Learned
If you are a C-level executive and your company runs Windows, change that or get another job.
Hire a professional to thoroughly evaluate your current security policies.
Don't ask for trouble, but if you do don't run Windows.
SANS Instituted Cyber Attack Response Plan
For many organizations today, the question is no longer if they will fall victim to a targeted attack, but when. In such an event, how an organization responds will determine whether it becomes a serious event or if it stays a mere annoyance.
This requires something of a change of mindset for information security professionals. Previous techniques and many best practices are under the premise that an attacker can be kept out.
However, that’s no longer the case today. The malware used in targeted attacks is frequently not detected (because it’s been custom-made for specific organizations). A well-crafted social engineering attack can look like a normal business email or engaging click bait.
In short, an attacker with sufficient resources will be able to find their way inside their target, regardless of what the defender does. The defender can raise the price of getting in, but not prevent it entirely.
The SANS Institute provides some guidelines to organizations on how they should react to incidents. Broadly speaking, however, the response can be divided into four steps:
Prepare
This involves responding to a targeted attack even before the attack actually takes place. Security professionals need to plan for a response to a targeted attack on their network. System administrators will routinely have plans, for example, for downtime-related events such as a data center going offline.
Similarly, it’s important to be aware of the normal, day-to-day threats that an organization faces. Information security professionals must not only deal with these attacks as they happen, but should understand what their “normal” problems are so that abnormal threats like targeted attacks can be quickly spotted. Threat intelligence and analysis is valuable in this step, in order to guide security professionals into understanding what the current situation is.
Security professionals must also plan to acquire the right skills to effectively deal with targeted attacks. One of the most important skills to learn is digital forensic techniques, which allow for the proper acquisition and analysis of information from compromise devices.
Many of these techniques are quite foreign to normal IT day-to-day work, but learning these techniques will help organizations gain information and be better prepared to deal with any attack in progress.
Respond
Upon identifying targeted attack in progress, the next step is to respond decisively. Responding to a targeted attacks has several components: containing the threat, removing it, and determining the scope of damage. The first step is to immediately isolate or contain the scope of any threat. Steps that can be performed here include isolating infected machines or taking compromised services offline. Ultimately, the goal is to prevent an attack from gaining further ground.
To determine any threats in place, working hand in hand with a security vendor that has knowledge of commonly used targeted attack tools and grayware is useful in order to locate the threats within an organization. Similarly, continuous monitoring of existing network activity can help determine the scale and scope of any existing attack.
Restore
Just as important as responding to an attack is restoring an organization to normal operations. While some disruption is a necessary part of responding to a targeted attack, in the long run an organization has to “return to normal” and go back to normal operations.
“Restoring” an organization to normal is not only about technical considerations. If necessary, an organization needs to reach out to partners, stakeholders, and customers to clearly communicate the scope of a targeted attack’s damage, and any steps being taken to reduce the damage. In many cases, goodwill and trust are big casualties of a targeted attack, and these must be addressed as well.
Learn
Once an attack is over, organizations need to figure out what can be learned from it. Every attack offers lessons for defenders – what worked? What could we have done better? It may turn out that the some of the assumptions and information that went into planning for security incidents was not correct or incomplete.
However, it is also important to not overreact to any single incident. Overreacting can be just as bad as under-reaction: it can impose burdens on the organization that have marginal gains in security, if any. Decisions must be made bas
In today’s world of frequent targeted attacks – when breaches are a matter of when and not if - a carefully crafted strategy to respond to targeted attacks must be part and parcel of the larger defense strategy. This can be the difference between a minor nuisance and a major breach that could spell the demise of an organization.
For original reference to this section see: http://blog.trendmicro.com/trendlabs-security-intelligence/four-steps-to-an-effective-targeted-attack-response/
The schedule's tight on the cluster tonight. So I parallelized my code. All those threads and continuations. My head's going to explode. And all that boilerplate. That FactoryBuilderAdapterDelegateImpl Seems unjustified Give me something simple Don't write in Scheme Don't write in C No more pointers that I forgot to free() Java's verbose Python's too slow It's time you know Write in Go Write in Go No inheritance anymore Write in Go Write in Go There's no do or while,just for I don't care what your linters say I've got tools for that The code never bothered me anyway dodododo diudiudiu... It's funny how some features Make every change seem small And the errors that once slowed me Don't get me down at all It's time to see what Go can do Cause it seems too good to be true No long compile times for me I'm free Write in Go Write in Go Kiss your pointer math goodbye Write in Go Write in Go Time to give GC a try I don't care if my structures stay on the heap or stack donononododono... My program spawns its goroutines without a sound Control is spiraling through buffered channels all around I don't remember why I ever once subclassed I'm never going back My tests all build and pass Write in Go Write in Go You won't use Eclipse anymore Write in Go Write in Go Who cares what Boost is for? I don't care what the tech leads say oo wow oo... I'll rewrite it all nonononono... Writing code never bothered me ,anyway Sung by ScaleAbility, an acapella group at Google.
All the default languages are stored in TextMate.app/Contents/SharedSupport/Bundles in the Syntaxes folder of the bundle.
This is in the binary plist format, so you'll need to convert it
first to readable form. Let's say we want HTML to be the new default
language, we would do (from terminal):
Here “DDEEA3ED-6B1C-11D9-8B10-000D93589AF6” is the UUID for Bash Shell Script. Now we need to tell TM to use that as default by altering its defaults database.
Conditional expressions are used by the [[ compound command and the test and [ builtin commands.
Expressions may be unary or binary. Unary expressions are often used to examine the status of a file. There are string operators and numeric comparison operators as well. If the file argument to one of the primaries is of the form /dev/fd/N, then file descriptor N is checked. If the file argument to one of the primaries is one of /dev/stdin, /dev/stdout, or /dev/stderr, file descriptor 0, 1, or 2, respectively, is checked.
When used with ‘[[’, the ‘<’ and ‘>’ operators sort lexicographically using the current locale. The test command uses ASCII ordering.
Unless otherwise specified, primaries that operate on files follow symbolic links and operate on the target of the link, rather than the link itself.
Bash Conditional Expressions
-a file
True if file exists.
-b file
True if file exists and is a block special file.
-c file
True if file exists and is a character special file.
-d file
True if file exists and is a directory.
-e file
True if file exists.
-f file
True if file exists and is a regular file.
-g file
True if file exists and its set-group-id bit is set.
-h file
True if file exists and is a symbolic link.
-k file
True if file exists and its "sticky" bit is set.
-p file
True if file exists and is a named pipe (FIFO).
-r file
True if file exists and is readable.
-s file
True if file exists and has a size greater than zero.
-t fd
True if file descriptor fd is open and refers to a terminal.
-u file
True if file exists and its set-user-id bit is set.
-w file
True if file exists and is writable.
-x file
True if file exists and is executable.
-G file
True if file exists and is owned by the effective group id.
-L file
True if file exists and is a symbolic link.
-N file
True if file exists and has been modified since it was last read.
-O file
True if file exists and is owned by the effective user id.
-S file
True if file exists and is a socket.
file1 -ef file2
True if file1 and file2 refer to the same device and inode numbers.
file1 -nt file2
True if file1 is newer (according to modification date) than file2, or if file1 exists and file2 does not.
file1 -ot file2
True if file1 is older than file2, or if file2 exists and file1 does not.
-o optname
True if the shell option optname is enabled. The list of options appears in the description of the -o option to the set
builtin (see The Set Builtin).
-v varname
True if the shell variable varname is set (has been assigned a value).
-z string
True if the length of string is zero.
-n string
True if the length of string is non-zero.
string1 == string2
True if the strings are equal. ‘=’ should be used with the test command for POSIX conformance.
string1 != string2
True if the strings are not equal.
string1 < string2
True if string1 sorts before string2 lexicographically.
string1 > string2
True if string1 sorts after string2 lexicographically.
arg1 OP arg2
OP is one of ‘-eq’, ‘-ne’, ‘-lt’, ‘-le’, ‘-gt’, or ‘-ge’. These arithmetic binary operators return true if arg1 is equal to, not equal to, less than, less than or equal to, greater than, or greater than or equal to arg2, respectively. Arg1 and arg2 may be positive or negative integers.
Examples
FNAME='/etc/hosts'
if [ -e "$FNAME" ]; then
echo "$FNAME exists."
else
echo "$FNAME does not exist."
fi