Yarnball: npm versions demystified

Most of the time, adding a library or package as a dependency to a JavaScript project using yarn (or its ancestor npm) is as simple as typing yarn add the-pkg-i-want to get the latest version. But this article is not about that. This article...

Digital Ocean adds Custom Image Support

Big news for those of us who like to go off-piste with our cloud hosted machines: until now “value” cloud provider Digital Ocean only allowed machines to be created from their curated set of OS images (although with some trickery and effort you could...

IoT Remote Radio Side Channel Attack Published

I noticed some amazing work published earlier this week by researches from EUROCOM, and to be presented at ACM CCS 2018. They were able to recover encryption keys from an IoT type SoC from noise leaked onto the chip’s Bluetooth radio’s RF output. This...

389DS LDAP Server Support and Consulting

Bozeman Pass engineers were heavily involved with the development of what was once known as Netscape Directory Server, aka iPlanet Directory, aka SunDS, aka Fedora DS, and officially known today as 389 Directory Server. To save some typing and confusion we’ll...

Cloudflare: The Story of a Processor Bug

One of those “war stories to tell your grandkids”. David Wragg details his investigation into seemingly random segmentation faults on the Cloudflare Blog. These amazingly enough turned out to be due to a microcode bug in a specific Intel CPU design....

utroz: Programmers Guide to Meltdown

Raphael S. Carvalho, a.k.a. utroz has written a nice article showing step by step with ‘C’ source code how an exploit for the Meltdown speculative execution vulnerability would work. has also written a Meltdown vulnerability checker works by attempting to...