Fix Homebrew for OS X 10.10 Yosemite

Since the location of ruby moved with this update, the hard-coded location in brew needs to be updated.

The fix involves telling brew how to find the current version of ruby and then updating brew.

Open up brew.rb

vim /usr/local/Library/brew.rb

Change the first line to
#!/System/Library/Frameworks/Ruby.framework/Versions/Current/usr/bin/ruby -W0

Close and save ( Esc + wq )

Run

brew update

If you pulled /usr/local prior you will have an error complaining about overwriting an untracked file /usr/local/Library/Formula/freeswitch.rb, move that out of the Formula directory then try again.

You should now be able to brew update and then run additional brew commands from here.

Update Bash to 3.2.54(1) on Apple Mac OS X 10.9.5

Since Apple hasn’t released a security update for the “shellshock” vulnerability [1] yet for Mavericks 10.9.5, this guide will help you properly patch bash.
NOTE: This guide has been updated since the 3.2.52 patch did not completely remove the vulnerability

Check your bash version

/bin/bash --version

If you have less than 3.2.51, you are most likely vulnerable.

Test for vulnerability
In your terminal type:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

You are vulnerable if the output in your shell is this

vulnerable
echo this is a test

How to fix
If you don’t have wget, you’re going to want it eventually anyway. There are many ways to install this. I use homebrew.

brew install wget

Get the latest version of bash

mkdir ~/bash && cd ~/bash
wget http://opensource.apple.com/tarballs/bash/bash-92.tar.gz

Extract it

tar zxvf bash-92.tar.gz

Apply patches

cd bash-92 && cd bash-3.2
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-053 | patch -p0
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-054 | patch -p0

Build it

cd ..
xcodebuild

Check version of newly built bash

~/bash/bash-92/build/Release/bash --version

Should be 3.2.54(1)

Install it

sudo mv /bin/bash /bin/bash.old
sudo mv /bin/sh /bin/sh.old
sudo chmod 0000 /bin/bash.old
sudo chmod 0000 /bin/sh.old
sudo cp ~/bash/bash-92/build/Release/bash /bin/
sudo cp ~/bash/bash-92/build/Release/sh /bin/

Quit terminal and open a new bash session.

Check your bash version

/bin/bash --version

Confirm by testing again

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

Console output should be

this is a test

[1]: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

Heartbleed Test

Are you scared to use the internets now because you are unsure what websites are affected by the Heartbleed bug? If so, here is a bookmarklet that will check the current website you are on for the vulnerability. Just drag the button into your toolbar to use on any site you want. If you see a error message it is probably because you are not viewing the site through the SSL. Try changing from http to https in the address bar.


Test site for Heartbleed

Thanks goes to filippo.io for creating the backend and for the idea.

Checkbox 2

I was walking home from work recently and overheard someone talking about checkboxes. This presented an idea; What tools are available for making checkboxes styleable in a more cross browser fashion?

A jQuery plugin that will take normal checkbox elements and make them styleable.

Github links as soon as I create a branch.