Month: October 2021

This Spyware Makes Everyone Vulnerable

This article speaks how vulnerable we are to determined actors. Some things can just not be defended against. But we can still learn good practices to mitigate many of these attacks.

  1. Text messages and email do remain the vulnerabilities on phones/tablets.
  2. WhatsApp asked this reporter to a protest
  3. I also keep my personal data off my phone
  4. But photos and contacts and texts are still on it
  5. Zero click is scary. You don’t have to even click for this kind of infection, so there’s not much defense if you’re on someone’s list. Nearly impossible to definitively identify the bad guys.

Gadgets 10/25/2021: Z Flip, Samsung Buds Pro, Jabra headphones, Storytelling Clock, Pocket Cameraman, Cipher game, other deals pre-Black Friday

My new tech days are comprised of today’s deals and then upcoming tech that I think kewl.

As I said previously, try shopping early this holiday season. There is a shortage in a number of industries/supply chains. Amazon, Home Depot, Walmart and other big retailers will probably get their own planes to make up for the cargo ship problem. Continue reading “Gadgets 10/25/2021: Z Flip, Samsung Buds Pro, Jabra headphones, Storytelling Clock, Pocket Cameraman, Cipher game, other deals pre-Black Friday”

Vulnerable IoT Devices! (Using Publicly-available Information To Learn More About A Target pt. 2)

Three very cool search engines. Use them 1-2-3 bang all together.

IoT devices are horribly insecure nowadays. You can search for information in your passive footprinting.  Stuff like webcams by manufacturer or version. Continue reading “Vulnerable IoT Devices! (Using Publicly-available Information To Learn More About A Target pt. 2)”

Day at theZoo

No that is not a typo. The original theZoo is a github repo with commodity malware samples.  Everyone has access to malware that is off-the-shelf and it’s the most common type.  No Advanced Persistent Threats here. But your anti-malware software will probably flag you.

It’s neat because you can use it to study this code. Alternatively, you could do some things that are not recommended. You could create a phishing email that could be sent to a million users, not targeting anyone in particular like the APTs do.  The APTs and other lone hackers or groups create more sophisticated malware. Instead, these users–sometimes called script kiddies–can download say WannaCry ransomware and send it out through your phishing email (or through a “stager” email malware that will load other modules). No reconnaissance needed here.

Think about it, if only one percent of a million users open the email, you end up with 10,000 compromises. Not a bad pay day.

All hail, the Recovering Provocateur!

My day starts with my family member playing and reading all the Trump-related memes.
“Don’t you know what’s going on?”
“No, what?”
“They found massive fraud in the elections in Arizona and they’re going to find it in the other states…”
“O.K. let me know when that happens.”
I need proof, I say—a lot. When it comes to QAnon you must.
“It’s not QAnon,” she says.
“Maybe not in name. It’s just Qanon-lite.” Continue reading “All hail, the Recovering Provocateur!”

Dictionary.com Changes and Early Covid-era Mental Health Suggestions

ATTENTION: The discussion below includes talk of suicidal ideation. If you or someone you know is having any suicidal ideation, please contact the National Suicide Prevention Lifeline at 800-273-TALK (8255). People care about you.

Dictionary.com has removed the word “commit” in various references to suicide.
https://www.dictionary.com/e/mental-health-language/

And has the following recommendations for being aware of and helping those struggling with suicidal ideation:

  • Adopt a nonjudgmental and open-minded attitude
  • Show you care by listening actively, without interrupting or giving advice unless prompted
  • Ask open-ended questions instead of “yes”-or-“no” questions to keep the conversation going
  • Validate the feelings of the other person; it’s OK to not be OK, and sometimes just holding space for another to express themselves can be deeply comforting

Because I am so high functioning, it took me a long time to acknowledge having a mental illness. Talk it out. Below are some early Covid-era mental health suggestions (by early I mean under more stringent sheltering conditions), from Mental Health During Coronavirus (seizetheawkward.org):

  • Engage in live streams – from your favorite yoga studio to your favorite artists
  • Schedule virtual dinners or dance parties with friends
  • Start a virtual book club
  • Participate in online game nights
  • Plan to watch television shows or movies at the same time and video chat to share reactions
  • Enroll in remote learning classes or look up tutorials online
  • Go on virtual museum tours together
  • Share your favorite recipes or host a virtual cooking competition
  • Try a home workout together

“Whatever Gets You Talking” | Seize the Awkward | Ad Council – YouTube

Gadgets 10/12/2021: Holiday shopping; lower storage prices; M1 price returns; mixed reality headset; FHD projector

My new tech days are comprised of today’s deals and then upcoming tech that I think kewl.

Try shopping early this holiday season. As you may know, there is a shortage in a number of industries/supply chains. In fact, Amazon, Home Depot, Walmart and other big retailers will probably get their own planes to make up for the cargo ship problem.

This could be great. I just question the decision to not have the peripheral vision immersed.
https://www.kickstarter.com/projects/stanlarroque/lynx?ref=discovery&term=mixed%20reality%20headset

M1 Macbook at $850
https://www.amazon.com/Apple-MacBook-13-inch-256GB-Storage/dp/B08N5LNQCX/ref=sr_1_4?dchild=1&keywords=m1+macbook&qid=1634058025&sr=8-4

Cheaper micro sd cards
https://www.amazon.com/s?k=micro+sd+card&i=computers&rh=n%3A516866%2Cp_n_feature_two_browse-bin%3A13203835011&dc&crid=237NQWK1KJUNR&nav_sdd=aps&qid=1634058218&rnid=6518301011&sprefix=micro&ref=sr_nr_p_n_feature_two_browse-bin_1

This is not completely clear to me, but is it a rear projector?
Splay- Expandable Display & Ultra-Short-Throw Pico Projector by Arovia — Kickstarter

China’s Aggression and U.S. Debt

The incursions on Taiwanese airspace seems to have picked up. I don’t know how this will work out if there is conflict with the U.S. Will the debt we owe China be called in if there is a conflict? We know that it would have a horrible effect, but China would suffer as well. This piece I wrote a little while back talks about the debt and Chinese aggression before these events.

Thoughts on 100th Anniversary of the CCP

Skynet is Rebooting

What is everyone doing now? I kid, but no really.

We are so dependent on Facebook and this could be time for reflection. What do we do at home, out and about–God forbid, at work? I know that FB is a kind of drug for some people and I have found that I need a timeout sometimes myself. But when 2.89 billion people on the planet are on this infernal thing, the question is what would happen in a long term outage? People may get back to life.

Avoiding the Crush

Part 2 of Considering the Crush

So what should we do being in Europe amid the crush? I thought, “how can we make this work? How to sleep well, get around relatively cheaply and easily, and to just enjoy ourselves?” We could have made a frantic travel plan, to see all the big attractions, run to and fro, and try to get photos of everything. You may encounter someone in your party like Ellen Griswold (National Lampoon’s “Vacation”): Continue reading “Avoiding the Crush”

Active Reconnaissance – There’s no place like 127.0.0.1

Before I continue, I should mention that scanning any other system than yours could get you in big trouble. To be safe, you need written permission to do so on systems other than your own. The IP number for the computer you are on is 127.0.0.1, also called “localhost” or just home. If you run nmap against that IP you should be OK. Continue reading “Active Reconnaissance – There’s no place like 127.0.0.1”