Switched to Pelican

I used to host this blog on a Squarespace paid account, but since I don’t blog that much, I thought on using that money on smth else and host it on AWS S3.

And so the change to Pelican. Pelican is a python static site generator which uses jinja2 as it’s template engine.

Played with it all morning, read it’s source code and even sent a pull request to fix a bug I found when generating period archives with a {category} url param.

New blog theme too but it is temporary. Will try to get some help designing a new one soon :)

Count Lines Of Code

CLOC is a little fun utility. It counts the lines of code grouped by language on a specific folder recursively.

Right now I’m using it just for fun but I hope in the future it will help me estimate projects more accurate.

If you are on a mac and have homebrew installed:

brew install cloc
cd /to/project/folder
cloc .

Here are the results of a project I’m currently working on:


Share your results on the comment section!

How Snapchat got hacked

Just finished reading Gibson security’s page on Snapchat’s security hole and it really made me think for a couple of minutes how I would fix it if tasked to it.

The issue resides on the "find friends" feature where your friend’s numbers are sent to snapchat’s API which will respond with a username in case the number exists. A simple incremental loop could start building a number/username database.

This are some quick ideas I have:

  • "Find friends" feature must be changed to something like "invite your friends". If your friend accepts your invite, then the username is revealed and accounts are linked.
  • Build a "find friends" request log and then try to find a pattern: strange sequential number requests should ban user.
  • User registration should be limited by IP address and time.
  • Improve how API calls are signed.

I believe that security, implementation and feature spec should work together and not one should follow the other.

What would you suggest as a fix?

Instagram python lib

Some while ago I needed to work with Instagram’s API in order to display some pics. Took a look at current instagram python lib and found that it was not as cool as I would like nor that it was not updated to support video types.

So I started building my own but haven’t had enough time to finish it as I would like so I’m open sourcing it to see if I could get some help.

Currently it only implements endpoint reads. Checkout README for basic usage.

You could find it here: https://github.com/funciton/instagram/

If you have ideas or would like to help plz fork!

Update Route53’s record with dynamic IP address

Switched internet provider to one that doesn’t provide a static IP address.

There are several scripts to do this but wanted to code my own.

Quick script to update a route53’s record for servers running on dynamic IP address.

Too small to ask to fork but Star if you liked it :)