Cover photo
D.Spindel Ljungmark
Worked at Aanstoot
Attended Lunds Tekniska Högskola
Lived in Helsingborg
152 followers|128,040 views


D.Spindel Ljungmark

Shared publicly  - 
Soon two hours late to boarding. They are now power cycling the plane, which apparently means to leave it without power for 30 minutes.

"Have you tried turning it off and on again?"

Martin Samuelsson's profile photo
Oh, lovely! Let's just hope that's never needed mid-air...
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
The last few days I've been looking at Linux distribution default installations.
The default security settings are abysmal.

None ship with functional security updates by default.
None ask to enable automatic security updates by default.
Even when you install some kind of auto-updater they don't have useful defaults. At best they will notify you about updates if you log in.
At worst they will no-op because they don't ship with default configuration.
At least one distribution recommends an unsupported upgrade tool in its documentation.

The state of the default operating systems stinks.

Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
Något för +Malin Berg och fler ME/RPG-fantaster.
 ·  Translate
Niklas Påxlar's profile photoJoakim Siegers's profile photo
Om ett år, ungefär, är det tänkt att du ska spela det ;P
 ·  Translate
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
Right, I need to vent a bit again. Warning, the below text will contain ASN.1, x509 and text encodings. It is not suitable for children or developers who for some reason aren't allowed to consume alcohol.

I got a mail yesterday, from a customer, which included a lovely stacktrace:
> Bad subject: 'utf-8' codec can't decode byte 0xd6 in position 0: invalid continuation byte.

So. Something that should be utf-8 isn't utf-8.  It turns out that this customer was on a mac.

OS X has defaulted to utf-8 for the whole platform since the start. Everything there is unicode, so it seems strange that something coming out of a mac would NOT be unicode.
It turns out that this really was the case.  On OS X, the system supplied config file for openssl (The command line utility) explicitly prohibits the output of utf8.
This is a setting that has been changed in upstream openssl for several years, and that defaults to "utf8only" output.   But not Apple.
Apple as said denies output of utf8, and anything that should be utf8, like any string or domainname that includes unicode, will be forcibly degraded into the venerable T.61 text encoding standard.

Note that T.61 is obsolete, and was obsoleted back in 1994 when they withdrew the updated version of it, in favour of unicode.
In fact, openssl states that the reason to not create certificates with utf8 is that "really ancient" versions of Netscape crashed.
How Ancient are those?  Well, we're talking "Before Netscape 2.x"  

So. Thank you Apple.

And for anyone who tries to create SSL certificates on a Mac, you want to change that config file.
Martin Samuelsson's profile photo
What is that "Netscape" you're talking about?
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
iOS 9 release notes:
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker in a local LAN segment may disable IPv6 routing
Description: An insufficient validation issue existed in handling of
IPv6 router advertisements that allowed an attacker to set the hop
limit to an arbitrary value. This issue was addressed by enforcing a
minimum hop limit.
CVE-2015-5869 : Dennis Spindel Ljungmark
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
I wrote an example daemon in python that uses systemd's notify+watchdog support.

Showing off Systemd Watchdog in Python
Dick Nordenstad's profile photoD.Spindel Ljungmark's profile photo
Haha.  There ought to be english in there somewhere. :)
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
As an outsider visiting Kenya, I’m constantly amazed by the informal entrepreneurship of the many people I came across. Whether it is born out of necessity or brilliance, it’s a good and positive feature which has some downsides.
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
This is Excellent reading about the work that goes into all layers of the stack to turn Fedora into a proper workstation.
Pay attention to the xdg-app part. Desktop Containers.
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
When rockers Disturbed put out their latest album, Immortalized, in August, fans weren’t surprised at all when the news came that the band had notched up yet another accolade: Its fifth No. 1 debut in a row. The release, Disturbed’s first in five years, contained a notable cover of Simon & Garfunkel’
Malin Berg's profile photoNiklas Påxlar's profile photoJohn Peter Brekke's profile photo
Many do ☺
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
A reminder to all my friends.
Disable and Uninstall AVG antivirus ASAP.
Do not allow your relatives to run AVG.
AVG should now be considered spyware
Kristoffer Holmén's profile photoTodd Tupper's profile photoD.Spindel Ljungmark's profile photo
Yep. MS has been okay in that regard.
And Google most certainly knows a ton. But they aren't reporting from inside chrome yet.
Add a comment...

D.Spindel Ljungmark

Shared publicly  - 
The best camera is the one you have with you.
Add a comment...
Who am I?  Sysadmin, Developer, Photographer, Geek.   I create chaos, and therefore prefere minimalism. 
Bragging rights
One of the first developers of Gentoo, Linux geek for 15+ years now.
  • Lunds Tekniska Högskola
    Software Engineering
  • Ebersteinska Skolan
    Computer Technician
Basic Information
Other names
Spindel, Spider
Project Leader / Sysadmin
  • Aanstoot
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Helsingborg - Norrköping
Other profiles
D.Spindel Ljungmark's +1's are the things they like, agree with, or want to recommend.
The Google+ Project

The Google+ project makes sharing online more like sharing in real life. Take the interactive tour for a quick look at five of the first key

Opera Mini Next web browser - Apps on Android Market

Opera Next gives you a sneak preview of what's to come in future versions of Opera. Advanced users have the chance to test out exciting new

Firefox Beta

Experience cutting edge Firefox features still in development and provide your feedback! With Firefox Beta you can enjoy your favorite feat

2012:02:05:how-to-start-puppet-system-config-links-resources-tutorials -...

Puppet is a powerful open source tool to automate the configuration of and software management on Unix-like operating systems. This posting

Mozilla: Donate | Default Fundraising Page

Protect the Open Web. Mozilla is all about keeping the web open and free for everyone, everywhere. Our work is protecting the web from explo

Head Trip - Wednesday, April 27, 2011

This site is supported by advertising Revenue. The first comic. MAR April 2011. 27, 28, 29, 30, 31, 1, 2. 3, 4, 5, 6, 7, 8, 9. 10, 11, 12, 1

De Klomp

Välkommen till De Klomp! 2010-03-15. Vi är De Klomp, en krog i Holländsk miljö på Svenskt vis. Vi serverar lokal mat och internationell öl,

A Civil Response to Violence - K3RNEL

A Civil Response to Violence. June 28, 2011 Nushio No comments. This is a response to a blogpost I wrote about a month ago about the situati

fatrace: report system wide file access events « Martin Pitt

Part of our efforts to reduce power consumption is to identify processes which keep waking up the disk even when the computer is idle. This


Brick roads are beautiful and durable, but we don't see them too often due to the effort it takes to produce them. What once was a labor-int


Play the best award winning Wild West defense game on Android! Take up a smart, strategic position and lie in wait at the canyon to ambush s

Iron Sky Official Theatrical Trailer [HD]

Iron Sky Official Theatrical Trailer in glorious full HD! Music composed by Laibach.

The Kerberos-hater’s guide to installing Kerberos | Racker Hacker

As promised in my earlier post entitled Kerberos for haters, I've assembled the simplest possible guide to get Kerberos up an running on two

secommunicate is a handy little tool to analyze policy communication

I wrote about setrans back in October.  setrans is a tool that you could use to analyze policy to see if how one process domain transitions

Daniel P. Berrangé » Blog Archive » Guest MAC spoofing denial of serv...

Guest MAC spoofing denial of service and preventing it with libvirt and KVM. Posted: October 3rd, 2011 | Author: Daniel Berrange | Filed und

Update RHEL5 to RHEL6 | IT-Hure

Update RHEL5 to RHEL6. Posted on 08. October 2011 by Jens Kuehnel. Officially Red Hat does not support updates from RHEL5 to RHEL6. If you d

TLS overhead | netsekure rng

Every so often I get the question – “What is the overhead incurred by using TLS?”. Strangely enough, I couldn’t find a straight answer by do

YouTube - QuakeCon 2011 - John Carmack Keynote

Create AccountSign In. Home. BrowseMoviesUpload. Hey there, this is not a commercial interruption. You're using an outdated browser, whi

In Focus - The Atlantic

In Focus, a news photography blog on the official site of The Atlantic Magazine.

Jameco JE600 Hex Keyboard

I have two of these keyboards that came from a surplus equipment supplier. These were originally built from kits, apparently for a vocationa

Nice beer on the balcony.
Public - a year ago
reviewed a year ago
One of the most amazing places I've been at.
Public - a year ago
reviewed a year ago
2 reviews