The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4,262 other subscribers

Archive for August 6th, 2020

How to rename git local & remote branches, and local & remote tags

Posted by jpluimers on 2020/08/06

Since I keep forgetting the difference and order between renaming branches and tags.

Note you need to repeat the origin steps for each remote!

[WayBack] How to rename git local and remote branches:

git branch -m old_branch new_branch # Rename branch locally
git push origin :old_branch # Delete the old branch
git push --set-upstream origin new_branch # Push the new branch, set local branch to track the new remote

Like tags below, be aware of the implications when renaming branches: if you pushed before other users already can have the old branch and have acted upon it.

[WayBack] git tag – How do you rename a Git tag? – Stack Overflow:

old^{}
git tag -d old
git push origin :refs/tags/old
git push origin refs/tags/new

Be aware, of the [WayBackimplications that a Git Tag change has to consumers of a package!

Note the first step is not just a plain git tag new old

The reason is that this will create a tag new pointing to the tag old, failing to point to the actual commit behind old. A more detailed explanation, including how to better handle renames, is at [WayBackgit tag – Why isn’t my tag listed when I checkout with Git GUI? – Stack Overflow

–jeroen

Posted in Development, DVCS - Distributed Version Control, git, Software Development, Source Code Management | Leave a Comment »

Great tool: the Toptal Colorblind Web Page Filter

Posted by jpluimers on 2020/08/06

Colorblind Web Page Filter

Colorblind Web Page Filter

A great tool I found out about a while ago [Archive.is] Toptal Color Blind Filter.

It shows the original web page and the rendering for various types of color blindness:

  • protan -> Protanopia: red/green color blindness; anomalous red cones
  • deutan -> Deutanopia: red/green color blindness; anomalous green cones
  • tritan -> Tritanopia: blue/yellow color blindness; anomalous blue cones
  • grey -> Greyscale/achromatopsia: quick check for all forms of colorblindness

Because of a comment at [WayBack] Forums… https://embarcaderomonitoring.wiert.me/ – JWP – Google+, I used Toptal to notify Uptime robot that their status pages are hard for color blind people: [WayBackJeroen Pluimers on Twitter: “Some color blind people indicated to me that @uptimerobot status pages are hard for them to read. Examples are for @EmbarcaderoTech as they have subdomains being offline often: …”, so lets look at how people with various types of color blindness see embarcaderomonitoring.wiert.me :

Read the rest of this entry »

Posted in *nix, Color (science), Color (software development), Development, Monitoring, Power User, science, Software Development, Uptimerobot, Usability, User Experience (ux), Web Development | Leave a Comment »

Android passwords: store as transient as possible using arrays in stead of strings

Posted by jpluimers on 2020/08/06

Sometimes you cannot avoid handling passwords in your application. When you do,

  • keep them around as short as possible
  • store them in data types that are not garbage collected
  • wipe the storage as soon as you are done

In practice, this usually comes down to storing them as arrays (character or byte arrays), not strings.

This holds for many other platforms outside Java as well: strings are usually managed in one way or the other, so they cannot be wiped

References:

For actual storage of passwords, you always have the risk of retrieval: when a “bad guy” gets physical access to a device, it is basically hosed.

A KeyStore can only do so much against it: if your APK can be downloaded, it can be reverse-engineered revealing the exact steps how the store is accessed, reproducing the steps needed to hack into the underlying protected data/functionality.

The keystore can be forgetful…

You’ve just moved in to a new house and have been given the master key for the front door. You only have one of these so you know you need to keep it safe. Your really paranoid so you hire an armed guard, whose sole job is to protect this key, in fact, this is all he has been trained to do and has a catchy slogan of “need to protect a key, its what I was born to do!”. You install an extra lock on your front door as you feel the bodyguard isn’t enough, this is a rough area anyway and who’s going to make sure no-ones about to break in and steal all your crap. You return to your key guard only to be informed he has thrown the key away. You shout and scream at him but he just blankly says “I don’t have it anymore, I didn’t think it was important”. You can’t contain your anger “What the hell, your a jerk! You had one thing to do and you failed, this causes me a lot of problems, why didn’t you tell me you might do this?! What do I do now?!”

[WayBack] Android Security: The Forgetful Keystore – SystemDotRun – Dorian Cussen’s Super Blog

–jeroen

Posted in Android, Development, Java, Java Platform, Mobile Development, Power User, Security, Software Development | Leave a Comment »