NoPressuRe2015-08-14T16:49:13+00:00http://www.nopressure.co.uk/bloghttp://www.nopressure.co.uk/blogNoPressuReCreating your first Ember JS app w/ Apitools.2015-07-27T00:00:00+00:00http://www.nopressure.co.uk/bloghttp://www.nopressure.co.uk/blog/Creating-your-first-EmberJS-App<p>A couple of <a href="weeks ago">http://www.meetup.com/Ember-js-Barcelona/events/223198909/</a> we reloaded the local <a href="EmberJS">http://emberjs.com/</a> Barcelona meetup. </p>
<p>For the occasion I wrote a quick application to show everyone how easy it easy to start developing with EmberJS.
The idea was to recreate the feeling that first time Rails devs get when they start scaffolding. They type a few commands and everything works out of the box.</p>
<p>I also wanted to take the opportunity to stress the importance of thinking in terms of mircoapps for development agility and quick prototyping.</p>
<p>A microapp A microapp is small, self-contained, application focused on doing one thing and doing it well. Microapps can be integrated into more complex projects and use language agnostic APIs to communicate. Microapps speed up prototyping, innovation and therefore adoption of new technologies.</p>
<p>I decided to show off EmberJS capabilities with an app retrieving and displaying public Github events.</p>
<p>Not to get involved w any backend development I decided to use <a href="Apitools">https://www.apitools.com/</a> as middleware between my EmberJS app and Github API.</p>
<p><a href="https://raw.githubusercontent.com/nopressurelabs/blog/gh-pages/assets/images/ember-apitools.png" title="Ember - Apitools - Github API">Ember-GithubAPI-Apitools</a></p>
<p>Our microapp in EmberJS is called Microgit. Microgit can:</p>
<ul>
<li>Retrieve public Github events</li>
<li>Use Apitools as middleware to talk to ext APIs</li>
<li>Use EmberJS as frontend framework</li>
</ul>
<p>To get started we first need to prepare our environment:</p>
<pre><code>$ npm install -g ember-cli
$ npm install -g bower
$ brew install watchman
$ npm install -g phantomjs
$ ember new microgit
</code></pre>
<p>Setting up <a href="Apitools">https://www.apitools.com/</a> is almost instant. We just <a href="sign in">https://www.apitools.com/accounts/sign_in</a>, and create a service by using the Github premade example. </p>
<p>Once the service is setup on Apitools, we integrate this in our Routes in our EmberJS app.
Routes in Ember are sometimes a complicated concept, especially if you come from Rails.</p>
<p>More specifically:
- Routes represent application URLs
- Routes represent RESTful resources
- Routes represent app states</p>
<p>We siply have to add an index.js route to pull events from Apitools.</p>
<pre><code># app/routes/index.js
import Ember from "ember";
var IndexRoute = Ember.Route.extend({
model: function(params) {
return Ember.$.getJSON(
"https://github7ad43e39-bd5086abac4b.my.apitools.com/events?per_page="
+ params.per_page);
}
});
export default IndexRoute;
</code></pre>
<p>We will then add a template to display the data we pull from the Github APIs.
Ember.js uses the <a href="Handlebars">http://handlebarsjs.com/</a> templating library to power your app’s user interface. Handlebars templates are just like regular HTML, but also give you the ability to embed expressions that change what is displayed.</p>
<pre><code># app/templates/index.hbs
<li>
<div>
<strong>Github Event:</strong>
<p>id: </p>
<p>type: </p>
<p>github user: </p>
<p>
<a >
<img style="width: 40px" >
</a>
</p>
<p>github repo: </p>
<p>
<a >
</a>
</p>
</div>
</li>
</code></pre>
<p>And that’s it! You have your EmberJS microapp and can start visualising APIs traffic on <a href="Apitools">https://www.apitools.com/</a>.</p>
<p>Repo for microgit is availiable on <a href="Github">https://github.com/nopressurelabs/Microgit</a>.</p>
<p>If you are interested in microapps development and developing APIs w/ Rails you can checkout my book: <a href="RESTful Rails Development">http://shop.oreilly.com/product/0636920034469.do</a>.</p>
<p>If you want to find out more about all you can do with <a href="Apitools">https://www.apitools.com/</a> check <a href="apitools.com">https://www.apitools.com/</a>.</p>
Side channel crypto attacks2015-04-01T00:00:00+00:00http://www.nopressure.co.uk/bloghttp://www.nopressure.co.uk/blog/side-channel-crypto-attacks<p>I had miss this <a href="http://www.cs.tau.ac.il/~tromer/acoustic/">great article</a> from Daniel Genkin, Adi Shamir and Eran Tromer. </p>
<ul>
<li><a href="https://www.youtube.com/watch?v=DU-HruI7Q30">Video presentation</a></li>
<li><a href="http://www.cs.tau.ac.il/%7Etromer/papers/acoustic-20131218.pdf">Full paper</a></li>
</ul>
<p>They explain how different RSA keys induce different sound patterns, but due to the very low bandwidth of the acoustic side channel it was not clear to them how to extract individual key bits.</p>
<p>They continue describing a new acoustic cryptanalysis key extraction attack, applicable to GnuPG’s current implementation of RSA.
The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts.
They present experimental results demonstrating that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away.</p>
<p>Beyond acoustics, they also demonstrate how a similar low-bandwidth attack can be performed by measuring the electric potential of a computer chassis. A suitably-equipped attacker need merely touch the target computer with his bare hand, or get the required leakage information from the ground wires at the remote end of VGA, USB or Ethernet cables.</p>
<p>Now imagine that you carry the attack using the victim mobile phone by activating the microphone remotely…</p>
<p>Till next time, then!</p>
Moving away from tumblr: a new blog2015-03-31T00:00:00+00:00http://www.nopressure.co.uk/bloghttp://www.nopressure.co.uk/blog/Moving-away-from-tumblr<p>We have decided to move away from Tumblr, slowly but surely. The old blog would still be accessible at <a href="http://tumblr.nopressure.co.uk">http://tumblr.nopressure.co.uk</a> while the new blog will start replacing it by featuring different content.</p>
<p>The reason behind this is that we thought tumblr could never been the Privacy friendly platform that we wanted for our content. Jekyll supported by gh-pages is.
We will still continue to feature content that we find interesting on tumblr, but we will move our technical material to here. We think it will also be easier this way to showcase our projects in a more organic way. Whatever that means. :)</p>
<p>If you want to keep track of how websites track you while you are surfing the web, we would suggest you to download the PrivacyBadger extension:</p>
<ul>
<li><a href="https://www.eff.org/privacybadger">https://www.eff.org/privacybadger</a></li>
</ul>
<p>If you have it already installed, you will see we are now completely track free.</p>
<p>Till next time, then!</p>