Sometimes, you want to stop scripts running only on specific domains. The best way to do that, I think, is with uBlock Origin - a free and fast ad-blocker. On the desktop version, it's simple to block scripts. Click the plugin icon, then click the disable scripts button. But on mobile it's a little more complicated. Here's how to do it on the Android version of Firefox. Install Firefox. Then open it and install the uBlock Origin extension for Android. In Firefox, press the ⋮ button and p…
Continue reading →
There's a law in the USA called the DMCA - Digital Millennium Copyright Act. Amongst its myriad provisions is the ability for copyright holders to send takedown notices to service providers. If someone has ripped off your content, you can send them a legal letter saying "take that down". People often send DMCA requests to Google saying "this site has stolen my copyrighted content - please remove that page from Google." Google, to their credit, let me know that they'd recently received a…
Continue reading →
If you explore this blog's archives, you'll see that I've been blogging continuously every day since the start of 2020. Before that, I was blogging every month since mid-2008. Today, I am very hungover. Although I usually write a bunch of posts a few days and weeks in advance, I find myself looking at my publishing calendar and seeing it blissfully empty. Part of the reason I blog is that I truly want to learn something new every day - and I want to share that knowledge. Whether it's a cool…
Continue reading →
Imagine, just for a moment, you and your friends decide to travel in time. In order to make sure you can authenticate your communications with each other, you set up a shared Time-based One Time Password (TOTP). The TOTP algorithm uses a Hash-based Message Authentication Code (HMAC). The hash is calculated from a shared key and a time-based component. The key is a short string of characters. The time-based component is calculated as the number of seconds between now and the Unix Epoch. When…
Continue reading →
This is a retropost. It was written in July 2021, but published after I had left the Civil Service. An MP has written to the Chancellor of the Duchy of Lancaster asking about some work our department is doing. This is all rather usual for Government business. In the letter, the MP mentions me. By name. This is decidedly unusual! Civil Servants at my level are anonymous, interchangeable cogs in a vast machine. Those in charge of the machine want information - they don't usually care who…
Continue reading →
I'm pretty sure that the 2FA codes generated by my bank's TOTP app have a bias towards the number 8 - because eight is an auspicious number. But is that just my stupid meaty brain noticing patterns where none exist? The TOTP algorithm uses HMAC, which in turn uses SHA-1. My aforementioned brain is not clever enough to understand how that works. Although bigger, meatier brains have assured me it is fine. What happens if I sample, say, the next 10 TOTP codes and plot how often digits appear? …
Continue reading →
Recently, WordPress got in contact with me to say they suspect that my password was exposed in some sort of data breach. Well, it's a day ending with a "y" - so of course some scumbag has pilfered my digital identity. WordPress mandated that I change my password. But was that really necessary? Firstly, the password was uniquely generated by my password manager. It isn't re-used anywhere else. So there is no chance of hackers breaking in to my email, bank, or OnlyFans account. Secondly, and…
Continue reading →
