This tool calculates the SHA256 checksum of a file and writes that and the mtime to extended attributes (xattrs). Subsequent runs validate if the mtime hasn’t changed, or update if it has. This detects silent data corruption on filesystems that don’t support it natively (e.g. ext2/3/4 and hfs/hfs+/apfs).
Would be good to run from cron.
httrack is a corny little command line tool that helps mirror websites in a more user-friendly and featureful way than wget.
I added it to my default install list of homebrew tools on OSX.
repl.it is a browser-based IDE, sort of like jsfiddle, but for many languages. It’s free and super cool.
Dashlane now supports TOTP 2FA, but can only add it via the mobile app, not via the desktop app. (The mobile app’s QR code detection/deskew code leaves a lot to be desired compared to Authy or Google Authenticator, but it does work.)
It turns out that the latest ChromeOS from the dev channel finally enables use of the power button as a hardware U2F token! This is great, but Twitter still only allows for a single hardware token to be registered on my account (to say nothing of the services that don’t support U2F yet). The support is still a bit buggy (U2F enrollment works better on sites like GitHub and Gitlab than on google.com, for some reason) but it seems to get the job done. One less thing to have poking out of my Pixelbook (at least until they add better USB support for the Linux container VM and I can use the PGP smartcard features of the Yubikey 4 on ChromeOS).
Jeffrey Paul is a hacker and security researcher living in Berlin and the founder of EEQJ, a consulting and research organization.