Category: Sicherheit / Security / SPAM / Privacy / convenience vs surveillance

13.07.2017

LibreSignal is like Signal – the private WhatsApp and SMS service – but without using requirement for GooglePlay. So people with alterntive firmwares on their phones (CyanogenMod) can use it as well. download: http://dwaves.de/software/apps/LibreSignal_4.6.0_267.apk sha512sum „LibreSignal_4.6.0_267.apk“ f0a42a14b5ab6d7ccf7d19ddc05752ca42745e1506b702fe1591ee17941c0193e4e8031bcb85c4c44a8dc614ed33dc3765d1f1e383c27a0934b0fcee7da484f5 Also pretty cool […]

07.07.2017

Atomkraft ist nicht nur im laufenden Betrieb gefährlich. KEIN DEUTSCHES Atomkraftwerk HÄLT EINEN FLUGZEUGABSTURZ STAND! Allein daran kann man schon erkennen wie kurzsichtig und Macht-Geld-getrieben diese ganze Branche funktioniert – sammt ihren politischen Kollaborateuren. FBI in Sorge: Hacking-Kampagne gegen Atomkraftwerke […]

Linux Kernel – Security Updates
27.06.2017

latest kernel related security problems can be found here… -> https://tracker.debian.org/pkg/linux newsletter subsribe: https://tracker.debian.org/accounts/login/ also https://anonscm.debian.org/cgit/kernel/linux.git http://www.securityfocus.com/ http://www.securityfocus.com/cgi-bin/index.cgi?c=11&op=display_threads&ListID=1&limit=30&offset=0&date=2017-06-20&mode=threaded https://cve.mitre.org/index.html https://twitter.com/CVEnew/ https://wiki.debian.org/DebianKernel

akamai state of the internet quarterly report
23.06.2017

https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/ https://www.akamai.com/us/en/about/news/press/2017-press/akamai-releases-first-quarter-2017-state-of-the-internet-connectivity-report.jsp security Q1 2017: https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q1-2017-state-of-the-internet-security-report.pdf connectivity: Q4 2016 https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q4-2016-state-of-the-internet-connectivity-report.pdf https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/state-of-the-internet-connectivity-visualization.jsp

20.06.2017

AES is often used in conjunction with IPSec-VPNs. K.U. Leuven, Belgium; Microsoft Research Redmond, USA; ENS Paris and Chaire France Telecom, France Abstract. Since Rijndael was chosen as the Advanced Encryption Standard, improving upon 7-round attacks on the 128-bit key […]

09.06.2017

in general programs = processes = tasks = job less is more (security) run as little software as you absolutely need – uninstall/disable all services you don’t need. less software = less lines of mistaken code = less security flaws. […]

08.06.2017

client /etc/ssh/ssh_config is for client side config – here you can for example enable StrictHostKeyChecking yes /etc/ssh/ssh_known_hosts similar to ~/.ssh/known_hosts it contains the system-wide-accepted public keys of other hosts. So if you have „StrictHostKeyChecking yes“ enabled, you could manually accept […]

gpg cheat sheed – encrypting files with gpg
08.06.2017

Warning! while gpg is very likely sound and solid encryption – what is far more likely to be compromised is YOUR HARDWARE – every network card – wifi card – usb UMTS G3 modem – PCI-Card – contains enough RAM […]

cool stuff you can do with ssh
07.06.2017

i assume you have setup public-private-key-authentication and tested its workings. run local scripts remotely You can run local scripts remotely by executing bash on the remote system and feeding it your script ssh user@host ‚bash -s‘ < script.s sftp kick […]

02.06.2017

whenever you have a linux desktop (KDE, Gnome2-3) you use the x-server and a client (window-manager like lightdm) to connect to it. They communicate via network thus allowing to redirect the grafical output of remotely-run programs to the local display. […]

password protect encrypt files with vim and vi
02.06.2017

it’s amazing… try this: open up a text file Hit ESC (command mode) :X now vim / vi will ask you for a password if you know save and quit and reopen the file it detects that the file was […]

installing lilo boot loader on debian8 – just because you can
30.05.2017

uname -a; # tested with Linux debian 3.16.0-4-686-pae #1 SMP Debian 3.16.43-2 (2017-04-30) i686 GNU/Linux su; # become root apt-get update; apt-get install lilo; # install the thing liloconfig; # generate config file /sbin/lilo; # install lilo to mbr enjoy […]

25.05.2017

„Trump-Modus“: 1Password entfernt Passwörter temporär für GrenzkontrollenNutzer können in dem Passwort-Manager hinterlegte Zugangsdaten nun leicht von all ihren Geräten entfernen – und später wieder hinzufügen. Dies soll verhindern, dass Grenzbeamte bei Kontrollen Einblick in die Daten erlangen. › Artikel lesen     […]

16.05.2017

this article might be largely incomplete… kernel ringbuffer boot messages messages from the kernel during first stages of boot. # all distros dmesg; # show kernel ring buffer boot messages log # Centos7 only (debian8 has the file but it […]

13.05.2017

Ransomware hitting a new dimension – with the NSA-backdoors pre-installed in a lot of soft and hardware (check out Intel AMT/ME disaster) – hackers/attackers are trying to find and exploit those in order to make some profit. Millions of € […]

06.05.2017

Da haben wir es – Bequemlichkeit vs Privatsphäre 😀 Es ist sehr schade/seltsam – dass es scheinbar neben dem ActiveSync / ExchangeProtokoll von Microsoft – dere Android / Linux implementation leider nicht 100%tig funktioniert – kein anderes Open-Protokoll gibt – […]

linux ssh – generate public private keys
05.05.2017

giving a passphrase seems like a good idea – because it will protect your key (if passphrase is sufficiently strong) if it get’s stolen. So even if somebody manages to hack into your client and steal your private ssh-key – […]

04.05.2017

tcp wrapper (tcpd) tcpd.man.txt Centos5 documentation (Centos7 does not have it installed per default can be installed like this: yum install xinetd*) To control access to Internet services, use xinetd, which is a secure replacement for inetd. The xinetd daemon […]

04.05.2017

DO NOT SEND YOUR PASSWORT WITH TELNET! people might capture those unencrypted passwords on backbone-level… the NSA is the largest state-sponsored hacking organization on this planet. with telnet you can test what service and even it’s version number is running […]

02.05.2017

bought by: https://en.wikipedia.org/wiki/Micro_Focus The company was founded in 1976,[4] and in its early years, concentrated on COBOL products. In 1981, it became the first company to win the Queen’s Award for Industry purely for developing a software product. The product […]