Thursday, May 24, 2012

How to disable ASLR in Linux

Quick note to self on how to disable ASLR (address space layout randomization) in Ubuntu Linux:
$ sudo sh -c "echo 0 > /proc/sys/kernel/randomize_va_space"

Did you just email me back my own password?!

A while ago I wrote a blog post about what precautions to take handling password data on your website. plaintextoffenders.com is a website dedicated to this issue. It nicely points out why storing passwords in plaintext really is such a bad idea. The main part of the website is a pillory of submitted websites which obviously apply bad password practices. There's for awareness...