MINIX (Mini-Unix) is a micro-kernel O/S based upon the AT&T’s 1979 release of Unix Version 7. It was developed by Andrew Tanenbaum in 1987 for use on PC platforms. Version 7 is significantly older than AT&T’s Unix System 5 Release 3/Release 4 variants that are the basis for most Unix, Linux, and BSD systems today. However, […]
Spy vs. Spy
John Kelly’s Cell Phone Hack
Politico ran a story on the personal cell phone belonging to White House Chief of Staff, John Kelly. It turns out that it was hacked sometime in December of 2016. He’d been using and fiddling with it up until September 2017, when he finally gave it to staffers to figure out why he couldn’t get […]
SSL/TLS Email Connection Testing
Introduction I’ve developed a Sieve script that will auto-respond with a description of how your email message was received, with a snippet of the “Received:” header If you run a mail server or use a local ISP, this is an easy way to see if connections to this site are secure. To use, simply send […]
The Insecurity of Journalism
Bruce Schneier had an interesting post last week on how insecure journalists are. It turned out to be quite an animated discussion. As I commented therein, I really doubt that your typical newspaper reporter gets much cybersecurity, or even cyber-awareness, training in journalism school. There are no whistle-blowers that go to traditional media anymore, a […]
Of NSA Vulnerability Disclosures and Cyber-Command
Wow. That’s a lengthy title that covers just about anything. Really, this is just a sounding-out of what’s been happening in the Spy business lately. Vulnerability Disclosure To start with, there’s a good read on Lawfare, entitled “No, the U.S. Government Should Not Disclose All Vulnerabilities in Its Possession“. It was written by Rick Ledgett, Deputy […]
EFF: Who has your back?
The Electronic Frontier Foundation (EFF) puts together a ranking of companies with how well they stand up to your electronic freedom. The more stars, the better. From their original page here, these are 2017’s listings: Follows industry best practices Tells you about Gov’t data requests Promises not to sell out users Stands up to NSL […]
Debate: Technology, Privacy, and Law Enforcement
Wow. So, I’m trolling through TV channels and I came across a great debate on CSPAN on July 8th. It was originally aired live on June 6, 2017. The CSPAN broadcast can be found here. The debate was sponsored by Intelligence Squared, and their podcast of the debate can be found here. The Debate Question: […]
The CIA’s CherryBlossom WiFi Exploits
On June 15th, 2017, WikiLeaks provided more “Vault 7” dumps detailing a CIA WiFi router hacking program dubbed “CherryBlossom“. The WikiLeaks dumps can be found here. CherryBlossom is a WiFi router exploitation program designed by the CIA as part of a larger program, “CherryBomb“. A tool called “Claymore” is used to identify WiFi devices. It […]
Inside CIA’s OutlawCountry Linux Hack
Last week, in June 2017, Wikileaks released more “Vault 7” documents detailing an exploit of Redhat Enterprise 6 and derivatives (CentOS 6). The exploits loads the Netfilter module into the kernel and then creates hidden iptables rules that perform network traffic redirection. The redirection is based upon DNAT (Destination Network Address Translation) rules. Wikileaks posted […]
Of the NSA & Russian Election Hacks
Well, here is the NSA document that Reality Winner sent off to The Intercept. A locally cached copied is here. sacrificed her job and freedom for. The document details a successful Russian hack back in in August of 2016. Russia’s military intelligence agency, GRU, attacked a voter roll software company called VR Systems. The information […]
1 2