My name is Philipp C. Heckel and I write about nerdy things.

Monthly Archives / October 2014


  • Oct 30 / 2014
  • 1
Code Snippets, Programming

Snippet 0x08: HTTP Basic Auth for secure WebSocket connections (with Undertow)

For my open source file sync software Syncany, I use the embedded web server and web socket server Undertow to provide a websocket and REST based interface by the Syncany daemon. Syncany clients (such as the GUI, or potentially a web interface) connect to this daemon, send requests and receive asynchronous events. Syncany’s GUI client also uses the Undertow websocket client to connect to the above mentioned daemon.

To authenticate the websocket client with the daemon, the simple HTTP basic authentication mechanism over HTTPS is used. This tiny post shows you how to authenticate against a websocket server with HTTP basic auth using the Undertow websocket client.

Continue Reading

  • Oct 25 / 2014
  • Comments Off on Snippet 0x07: Restart Docky from a cronjob (when it crashed)
Code Snippets, Scripting

Snippet 0x07: Restart Docky from a cronjob (when it crashed)

I recently updated from Linux Mint 16 Petra to Linux Mint 17 Qiana. Everything went smoothly, except for my dock Docky. For some reason, Docky decides to crash every once in a while with some error message.

Instead of fixing this error or reporting it, I decided to find the easy way out and simple set up a cronjob to restart Docky every minute (if it has crashed).

Continue Reading

  • Oct 17 / 2014
  • Comments Off on Snippet 0x06: Disable SSLv3 in Firefox to protect against POODLE attack
Code Snippets, Security

Snippet 0x06: Disable SSLv3 in Firefox to protect against POODLE attack

The recent POODLE attack (Padding Oracle On Downgraded Legacy Encryption) exploits a vulnerability of an older version of SSL (SSLv3) by performing a padding oracle attack — and thereby allowing a man-in-the-middle scenario.

To be vulnerable, both client (browser) and server have to support SSLv3. If either one does not support or has disabled the protocol, this vulnerability cannot be exploited. This tiny article shows you how to disable SSLv3 in Firefox — thereby effectively making your browser POODLE-safe.

Continue Reading