Some notes on the Raspberry Pi
I keep seeing this article in my timeline today about the Raspberry Pi. I thought I'd write up some notes about it.The Raspberry Pi costs $35 for the board, but to achieve a fully functional system, you'll need to...
A quick lesson in confirmation bias
In my experience, hacking investigations are driven by ignorance and confirmation bias. We regularly see things we cannot explain. We respond by coming up with a story where our pet theory explains it. Since there is no alternative explanation,...
A basic question about TCP
So on Twitter, somebody asked this question:I have a very basic computer networking question: when sending a TCP packet, is the packet ACK'ed at every node in the route between the sender and the recipient, or just by the...
How Bezo’s dick pics might’ve been exposed
In the news, the National Enquirer has extorted Amazon CEO Jeff Bezos by threatening to publish the sext-messages/dick-pics he sent to his mistress. How did the National Enquirer get them? There are rumors that maybe Trump's government agents were...
Passwords in a file
My dad is on some sort of committee for his local home owners association. He asked about saving all the passwords in a file stored on Microsoft's cloud OneDrive, along with policy/procedures for the association. I assumed he called...
Notes on Build Hardening
I thought I'd comment on a paper about "build safety" in consumer products, describing how software is built to harden it against hackers trying to exploit bugs.What is build safety?Modern languages (Java, C#, Go, Rust, JavaScript, Python, etc.) are...
Notes about hacking with drop tools
In this report, Kasperky found Eastern European banks hacked with Raspberry Pis and "Bash Bunnies" (DarkVishnya). I thought I'd write up some more detailed notes on this.Drop toolsA common hacking/pen-testing technique is to drop a box physically on the...
Some notes about HTTP/3
HTTP/3 is going to be standardized. As an old protocol guy, I thought I'd write up some comments.Google (pbuh) has both the most popular web browser (Chrome) and the two most popular websites (#1 Google.com #2 Youtube.com). Therefore, they...
Brian Kemp is bad on cybersecurity
I'd prefer a Republican governor, but as a cybersecurity expert, I have to point out how bad Brian Kemp (candidate for Georgia governor) is on cybersecurity. When notified about vulnerabilities in election systems, his response has been to shoot...
Why no cyber 9/11 for 15 years?
This The Atlantic article asks why hasn't there been a cyber-terrorist attack for the last 15 years, or as it phrases it:National-security experts have been warning of terrorist cyberattacks for 15 years. Why hasn’t one happened yet?As a pen-tester whose...
Masscan and massive address lists
I saw this go by on my Twitter feed. I thought I'd blog on how masscan solves the same problem.If you do @nmap scanning with big exclusion lists, things are about to get a lot faster. ;)— Daniel Miller ✝...
Systemd is bad parsing and should feel bad
Systemd has a remotely exploitable bug in it's DHCPv6 client. That means anybody on the local network can send you a packet and take control of your computer. The flaw is a typical buffer-overflow. Several news stories have pointed...
Masscan as a lesson in TCP/IP
When learning TCP/IP it may be helpful to look at the masscan port scanning program, because it contains its own network stack. This concept, "contains its own network stack", is so unusual that it'll help resolve some confusion you might...
Some notes for journalists about cybersecurity
The recent Bloomberg article about Chinese hacking motherboards is a great example to talk about the problems with journalism.Journalism is about telling the truth, not a close approximation of the truth, but the true truth.Take, for example, a recent...
TCP/IP, Sockets, and SIGPIPE
There is a spectre haunting the Internet -- the spectre of SIGPIPE errors. It's a bug in the original design of Unix networking from 1981 that is perpetuated by college textbooks, which teach students to ignore it. As a...
Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack
Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night.
The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
Glitch exposes Sprint customer data to other users
A bug
has allowed some Sprint customers to see the personal data of other customers from
their online accounts.
The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...
6 Ways Mature DevOps Teams Are Killing It in Security
New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled
Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…
Old Tech Spills Digital Dirt on Past Owners
Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.
