We'll, I'm back on Pixel. Probably not going to explore iOS again for another few years

I really liked the Pi-Hole app I’m building for my wife on iOS but I’m an Android user myself, so I’m building it for me too! I’ll have a blog post detailing some of the features of the app soon but are there any Android users out there that would be willing to help me beta test it? The final Play Store version will be paid (probably $0.99 USD), but beta testers get it for free as far as I know and the app’s open source so if you can’t afford to or don’t want to support me, you won’t have to.

I’m in an awkward position where I’m an Android developer but have been using an iPhone as my daily driver for the past couple months now. Kinda miss some things about Android but I do love being on an OS that’s more privacy and security focused and being on the same page as the rest of my family. Which do you use and why?

Any tips for getting over burnout? I’ve been in a gradual decline and tried to just push through it against my better judgement. I’m at the point now where I can’t even look at code outside of work and studying infosec stuff isn’t happening either. I have a bad habit of burning out hard and for long periods of time so I’m hoping to avoid that again.

Billy boosted

what if all jobs were phrased like "attorney at law"?

programmer at computer

chef at food

barista at coffee

surgeon at brain

It’s days like today where a little pre-workout in the morning is absolutely essential in getting my ass to the gym. Unfortunately I didn’t realize it was raining before I took it and I walk to the gym. Oh well, no going back now

I _finally_ got around to finishing a blog post I started a few months ago about adding C code to an Android app: wbrawner.com/2019/11/17/adding

After working with Swift on iOS, I must say, I *much* prefer using C on iOS as it's *so* much easier than interacting with the JVM.

Has anyone had any luck linking to libresolv on Android? I attempted briefly last night with dynamic linking and had no luck. I might try static linking but not entirely sure that would work either.

I could continue to optimize by sending out multiple requests concurrently as well, further reducing the time to discovery. At the moment I'm running everything synchronously which is quite slow. More news to follow!

Results are promising so far. I'm assuming LAN traffic will be pretty responsive, so I've cut the timeout interval to just half a second. By my calculations, I can scan the entire 8-bit block of IP addresses in just over 2 minutes in the worst-case scenario, which seems reasonable to me at least. I'm of course hoping that the average time to find the IP for the Pi would be much faster.

At the moment I'm trying to find ways to simplify the setup process, so I'm working on an automated network scanner that does a binary search through the 8-bit block of IP addresses that your device is currently registered under to find the Pi. You can of course manually enter in an IP address but I know most of my family wouldn't even know what an IP address is, so I want an easier solution, even if it is slower than manual entry.

So I'm also working on an open source iOS/iPadOS/macOS client for the Pi-Hole. It's geared towards less technical people to help them see stats and enable/disable the Pi-Hole quickly, without having to fire up the web interface. Here's the link in case anyone wants to check it out before I release it publicly or contribute! github.com/wbrawner/Pi-Helper

Anyways, I guess what I'm looking for is some direction on whether or not this is a good idea, or if going the server route would be better. I'm trying to strike an impossible balance between security/privacy and convenience, but I'm hoping to do most of the heavy lifting behind the scenes so that the users can at least use the app without hating it and having to work around its quirks.

The apps could have whitelist or blacklist methods of using servers to relay information, but the primary sync method would be via bluetooth/WiFi Direct (I imagine you most likely are in close contact with people you share money with on a semi-regular basis). This has other issues like conflict resolution and no single source of truth, but absolves me of a lot of responsibility and could probably keep server costs down too.

This is of course not without drawbacks and I'd like to avoid centralizing the information. My idea is to encourage people to take control over their own data instead of just relying on providers to host everything for them. I also don't really want to be responsible for anyone's financial data, encrypted or not. So I'm considering building a peer-to-peer network, where the servers merely act as additional nodes in the event that no one is within range of sharing.

Looking for some advice here. I'm working on a budgeting app, designed to be shared among families/small groups of people, and I'd obviously like to make it secure. My first thought was to do some sort of key-based client-side encryption so that the server has no knowledge/insights into the data. It's all open source so anyone could run their own server but I planned on offering a hosted option for those who are less technical/not interested in self-hosting. Running out of room here so thread 👇

Just noticed my personal site was down for who-knows-how-long. I'm debating whether or not to just go back to static site generation.

Hey everyone, I’m an android developer looking to get into red teaming. Previously I’ve done web development and Linux system administration but I always seem to get bored and look for new challenges, so I’m hoping I’ll fit in around here.

I like to self host my software (even email), work on personal coding projects, and lift weights.

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.