Blog

Latest posts from our team. Stay up-to-day with news and new features, see if we can help with common problems and see how we solved our clients issues.

Blog

Packer, Ansible, CentOS and requiretty

November 11, 2016 by Paulina Budzoń

If you’ve tried running Packer with CentOS on AWS, you probably noticed this:

    sudo: sorry, you must have a tty to run sudo
Continue reading

Protecting against PHP shells

November 7, 2016 by Paweł Biernacki

The less known feature of PHP is the option to disable certain functions and classes. It may help securing your application and web server by blocking rarely used, from the perspective of pure web experience, functions.

Continue reading

How to deploy Wordpress in AWS

November 4, 2016 by Paulina Budzoń

I’m not talking about launching an EC2 instance, uploading the zip with WordPress and going through the installer. I’m talking about immutable infrastructure, scalable, self-healing setup of WordPress within AWS.

Continue reading

Capsicum and bhyve

October 31, 2016 by Paweł Biernacki

Ever wondered how to protect your host from malicious activity in vm guests? How to keep parts of the hypervisor running in userspace from being a source of access to underlying host? One of the layers can be sandboxing the hypervisor itself!

Continue reading

Hi Fitbit, congrats on learning how to use CSRF tokens (almost)!

October 28, 2016 by Paulina Budzoń

I got my first Fitbit tracker a couple of years ago and I’ve been a loyal Fitbit user since - I’m currently on my 3rd tracker and my family has them too. Very quickly I became interested in getting a bit more information out of my data, charting it across other health data I have available - so I went on to Fitbit’s website, as I was quite sure they must have an API, right? Yes, they do. And yes, I can use it for free. Because, as Fitibit says, “your data is yours”. Awesome. And then it turned out it’s not as much “my data” as “my totals”. Fitbit’s public API could only give me aggregated data for each day, total number of steps each day, averages, etc. I wanted to get a count of my steps for each 5-minute period, the same as I can see on Fitbit’s dashboard when I log in. It turned out that was not possible, unless I had a commercial application, submit a request to Fitbit, and they decide it’s worth it. Boo. (Please refer to the bottom of this post for a note of the state of the API today)

Continue reading