Andrew Hay

the man, the myth, the blog

April 1, 2014
by Andrew Hay
0 comments

Quick fix for Ruby after Xcode 5.1 update

If you’ve recently upgraded XCode to 5.1 on your OS X workstation/laptop you may have run into the following error when trying to install or update a gem:

root# gem install shodan
Fetching: json-1.8.1.gem (100%)
Building native extensions. This could take a while...
ERROR: Error installing shodan:
ERROR: Failed to build gem native extension.

/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/bin/ruby extconf.rb
creating Makefile

make "DESTDIR="
compiling generator.c
linking shared-object json/ext/generator.bundle
clang: error: unknown argument: '-multiply_definedsuppress' [-Wunused-command-line-argument-hard-error-in-future]
clang: note: this will be a hard error (cannot be downgraded to a warning) in the future
make: *** [generator.bundle] Error 1

Gem files will remain installed in /Library/Ruby/Gems/2.0.0/gems/json-1.8.1 for inspection.
Results logged to /Library/Ruby/Gems/2.0.0/gems/json-1.8.1/ext/json/ext/generator/gem_make.out

As discussed here the reason for this sudden error is found in the Xcode Release Notes:

The Apple LLVM compiler in Xcode 5.1 treats unrecognized command-line options as errors. This issue has been seen when building both Python native extensions and Ruby Gems, where some invalid compiler options are currently specified.

According to the blog post it seems that the newer version of the llvm compiler shipping with Xcode 5.1 is a little more restrictive when it comes to warnings. Furthermore it says that:

Projects using invalid compiler options will need to be changed to remove those options.
That is, developers should not expect this change to be reverted in the future.

It turns out that the temporary fix, until everyone updates their gems, is to run the following command instead of the usual gem install command:

root# ARCHFLAGS=-Wno-error=unused-command-line-argument-hard-error-in-future gem install gem_name

For example:

root# ARCHFLAGS=-Wno-error=unused-command-line-argument-hard-error-in-future gem install shodan
Building native extensions. This could take a while...
Successfully installed json-1.8.1
Fetching: shodan-1.0.0.gem (100%)
Successfully installed shodan-1.0.0
Parsing documentation for json-1.8.1
Installing ri documentation for json-1.8.1
Parsing documentation for shodan-1.0.0
Installing ri documentation for shodan-1.0.0
2 gems installed

There you go. Hope it helps.

February 25, 2014
by Andrew Hay
0 comments

My AGC Roundup

I had the opportunity to attend the Tenth Annual West Coast Infosec & Technology Growth Conference put on by AGC Partners on Monday, February 24th. I wasn’t able to stay for the entire day but I was able to run into a few people who I hadn’t seen in a while, couldn’t remember meeting, and people I had only ever “met” on Twitter.

The panels are led by security industry experts, bankers, and investors with executives (or their designates) from various companies as panelists. What do they talk about you might ask? Well, the people leading the panel ask hard questions about the industry, threats, and opportunities. The majority of the panelists answer in a way that can be explained by the following tweet:

You’re the CEO of a company. I get it. You’re passionate about your company, its products, its accomplishments, and its “innovation”. That doesn’t mean, however, that you get to take the current mature market, completely dismiss it, and say “the way my company does it is the only way that matters”. Case in point:

Not only is this particular “way” 5, 10, or a “mythical factor of never”-years away, it presumes that people are willing to completely re-architect their compute environment, IT delivery strategy, and, well, business simply to operate in a cloud environment. As I tweeted during the event:


I stand by my statement that:


The biggest companies in the world are not going to throw everything into the “cloud bucket” tomorrow, next week, or whenever your fiscal year closes. The baby is certainly not getting thrown out with the bathwater so perhaps a migration-based, staggered adoption message is more palatable? Want to run your messaging by me? I’m happy to help.

February 8, 2014
by Andrew Hay
1 Comment

Word Cloud of RSA Meeting Request Emails

I wanted to see what the “trend words” were in the PR emails being sent to press leading up to the RSA conference. Using TagCrowd I was able to copy and paste the subjects and bodies of all emails sent to the “press list” for RSA 2014.

As you can see in Figure 1, the top 5 words used in the PR email blasts are RSA (28), meeting (15), conference (9), request (7), and security (5).

Figure 1 – Email Subject Trend Words

Screen Shot 2014-02-08 at 7.59.49 AM
The top 5 words in in the email body, as depicted in Figure 2, are security (108), RSA (63), meet (60), product (47), and a tie between network (40) and company (40).

Figure 2 – Email Body Trend Words

Screen Shot 2014-02-08 at 7.50.22 AM
Not entirely useful, but interesting nonetheless :)