Secure Boot Linux Shim (Mokmanager)

Previously, we’ve had a look at secure boot in Fedora 27 / 28. Now we will look at another part of Secure Boot in linux. It is important to know about this aspect in order to have a complete picture of how Secure Boot functions in a typical linux distribution. In part, because having the shim misconfigured, may limit the security that is claimed Secure Boot provides. The Shim fixing a problem The idea of Secure Boot is to have every step in the boot process verified before it is executed.


Read more ...

On Error Handling

A living document on the fundamentals of case and error handling. A general programming language-agnostic guideline for application development of all sorts. The article attempts to establish first principles that can be applied in any context where defined trade-offs give you the necessary adaptability to make it suitable to any situation. Note In this document I use “case” and “error” interchangeably. Anything that’s not on the expected happy path is typically an alternative “case” and if this happens to be undesirable we call it an “error”.


Read more ...

What is in spotbugs annotations?

NOTE This article was originally written in August 2018. As it was never posted, I have now posted it unmodified with an updated publication date. In my current project, I am working on extending otr4j with OTRv4 support. ‘otr’, off-the-record, is a communication protocol that allows a user to establish a secure communication channel over a plain (untrusted) chat network. Reducing distractions, allowing for focus As part of this work, I am looking into how we can alleviate developers from the trivial kinds of inspections, mistakes, formatting issues, etc.


Read more ...

The local build configuration for otr4j

otr4j, the Java implementation of Off-the-Record protocol (OTR), is a library for use by chat clients to include OTR protocol support. My recent effort has been focused on implementing OTRv4 (draft) in otr4j. This is a follow up to previous efforts in refactoring otr4j. I have been able to benefit greatly from the design and code structure improvements. As otr4j is used by other software, it is important to provide a robust library with a good API.


Read more ...

Secure Boot in Fedora 27/28

In this article I’m going to describe the process of setting up a notebook as a secured UEFI Secure Boot system. This includes installing my own self-generated certificates, which replace the by-default installed certificates that come with the notebook. In this article we focus on replacing all keys. Therefore it works best with operating systems for which you are able to sign the boot binaries. The ideal case is an operating system for which you manage the boot binaries, such as the kernel, yourself.


Read more ...

Refactoring otr4j

A while back I published the Object Oriented Programming series articles. As a use case to support this series, I’ve looked into the code base of the Java implementation of otr (off-the-record), called otr4j, and used it for verifying and validating ideas described in this series. This article describes the findings while refactoring and eventually improving otr4j. The work discussed here can be found at https://github.com/cobratbq/otr4j. (Most recent commit at time of writing c607f0d50b6e791a23be30ca7f123504a5bd4cf2)


Read more ...

Object Oriented Programming: Evolving code

This article was started more than a year ago and was intended to be a close follow up in the series. I never did find the time to release it in that time frame, so now I decided to finish it more than a year later. In the previous articles we discussed different aspects of Object Oriented Programming. Most of these articles leverage the notions of expectations vs.


Read more ...

Object Oriented Programming: Evaluation of design patterns

This article was started more than a year ago and was intended to be a close follow up in the series. I never did find the time to release it in that time frame, so now I decided to finish it more than a year later. Given the definitions of usage logic and implementation logic and the distinction between internal state and expectations, we evaluate the well-known Gang of Four design patterns and some other design patterns.


Read more ...

TODO-supported development

When programming, the problem you are solving may quickly become more complicated. Even if the problem itself remains as simple as you expected at first, you may find other aspects that need your attention. Furthermore, it is not unthinkable that there is an occasional interruption of your work. Therefore it is very beneficial if you can adopt a way of working that allows you to reliably defer secondary curiosities for later and mitigate the “damage” done by unexpected and untimely interruptions.


Read more ...

Object Oriented Programming: Objects as utilities

In the article on Utilities we discussed how utilities, and more specifically, utility methods help to reuse common usage patterns. In this article we explore some of the more elaborate constructions for utilities. Utility methods are lacking portability, persistence, flexibility Utility methods as described in an earlier article are very much like functions. In the paradigm of object oriented programming, they are somewhat limited, though: No portability of logic


Read more ...