Researchers produce first SHA-1 hash collision

Google security blog announced that they have been able to produce the first SHA-1 collision. That is, two different PDF-files with the same checksum. Finding the collision required nine quintillion (9,223,372,036,854,775,808) SHA-1 computations in total.

This may sound like a ridiculous amount but the research shows that, given the right resources, it is possible to break this hash algorithm. It is also noteworthy that this was not a brute-force attack which would still be impractical. In fact it was 100,000 times faster.

Now it is a good time to start using stronger hash algorithms such as SHA-256.

Improved git CLI with git-completion and git-prompt

Git-completion and git-prompt are scripts that provide versatile completion support as well as visualization of current branch and status when working from the command line. Even though I work with git daily I hadn’t bumped into these scripts until quite recently. They have proven to be very useful, so I decided to share this tip. Continue reading “Improved git CLI with git-completion and git-prompt”

C++ tips for easier unit testing

A while back I read the Working Effectively with Legacy Code by Michael C. Feathers. The book focuses on strategies and approaches to get existing untested legacy code covered by unit tests.

The book also includes more than twenty dependency-breaking techniques that can be used for new code as well to make it easily testable in the first place. Here I have picked three of the techniques that I have personally found most useful.

  • Interfaces to abstract implementation
  • Extract and override call
  • Expose static method

Continue reading “C++ tips for easier unit testing”

How to use TPM for encryptions

Trusted platform module (TPM) is a secure element that can be used to securely generate and store keys. It has many possible uses, one of which is encryption of sensitive data. This article describes how to use TPM and tpm-tools package on Linux environment to encrypt different types of data, how to encrypt filesystem partitions and how to bind the encryption with device state.

Continue reading “How to use TPM for encryptions”

Free books for Linux kernel enthusiasts

In the true open-source spirit, the authors of some great Linux kernel books have decided to make these books freely available for everyone. They are good material for anyone interested in the Linux kernel, and also a good reference for professionals working with the kernel. At least I have personally found these books very useful.

Continue reading “Free books for Linux kernel enthusiasts”

The missing rootwait

Rootwait is a Linux kernel command line parameter that makes the kernel wait (indefinitely) for a root device to show up. This can be useful for devices that are detected asynchronously such as USB or MMC medias. This post, however, is not really about rootwait. Instead, it is about something that every programmer have and will encounter.
Continue reading “The missing rootwait”

How to create master boot record (MBR) file on Linux

Usually when working with USB thumb drives, memory cards and hard drives, the partitioning can be easily done just by plugging them to a Linux (or Windows) PC and using a partitioning application such as fdisk. However, with embedded devices it is sometimes more practical to write the partition table to a file instead of directly writing it to the memory device. This can be the case with embedded MMC (eMMC) memories which are soldered directly to the device and cannot be connected to a PC for partitioning.

Continue reading “How to create master boot record (MBR) file on Linux”