A Technologists Deep Dive into indictment detailing Russia's Hacking of the 2016 USA elections
Since the 2016 USA elections evidence is piling up that Russia's Intelligence services attacked the election process with an attempt to derail Hillary Clinton's candidacy. Evidence is piling up in other countries about similar cybersecurity attacks by Russia against other elections. On Friday, the special prosecutors office investigating the USA election hacking (Robert Meuller's team) released an indictment laying out the Russian Intelligence service officers involved, and more importantly the technology and techniques being used. In part this story is about misapplying technology in order to create more chaos and confusion in the world.
Block remote root login via ssh on Ubuntu/etc to keep your server safe
A moment ago I was checking the system logs on my Ubuntu server and found that in auth.log reports that someone was repeatedly trying to SSH login as root. The "root" entry in /etc/passwd is setup so that no password will ever be matched, so perhaps this potential cracker would never get into my server anyway. But the requests are using bandwidth - and what if they were able to figure out a password that would work? Why not just block remote SSH login access to logging in as root in the first place? It's a bad idea to login directly as root - instead the recommended best practice is to login as a regular user then use sudo to perform things requiring super user access.
Brickerbot, vigilante software aiming to kill malicious botnets by killing IoT devices
The last few months has seen escalating botnet activity on the Internet. The botnet operators are targeting non-existent security in certain Internet of Things devices. Some devices, like wireless security cameras or baby monitors, are not only connected to the Internet, but have gaping security holes. Using those holes, botnet operators have ammassed vast flotillas of Internet devices that can be commanded to attack targets on the Internet. Last fall several attacks, larger than any previously seen, attacked several large sites and even brought down critical Internet infrastructure on a few instances. The Brickerbot appears to be a Botnet purposed with destroying those malicious botnets. One hopes the cure is better than the illness.
Build a security camera system with Raspberry Pi Zero and cheap webcams
Implement a full security camera system supporting multiple cameras, with night vision, motion detection, uploading video to Google Drive, all built on the Raspberry Pi Zero platform. The Zero W makes a perfect security camera because of its small size, and the NO-IR camera supports night vision (with IR light source) in a slim case that directly supports the camera.
Build your own security camera system with Raspberry Pi and cheap webcams
You can build a powerful and flexible motion sensing security camera system using open source software on a Raspberry Pi and similar single board computers. The key is the MotionEyeOS that neatly bundles everything you need into a Raspberry Pi image. Simply burn it to an SD card, attach cameras, boot the Raspberry Pi, and start configuring. It easily supports monitoring multiple cameras, which can be USB webcams, WiFi cameras, the Raspberry Pi camera, or other MotionEyeOS instances. I have an original-version Raspberry Pi (low CPU power) driving two cameras and it handles things just fine.
Example phishing attempt - bogus try at grabbing $10,000 in BTC
In the interest of exposing scammers let me share a phishing attempt I just recieved. The email includes a lot of technological-sounding phrases that are a threat to reveal compromising information. The supposed kompromat would be deleted if one sent some BTC to a named address, otherwise it'll be shared to all my friends.
Fixing 'Enter passphrase for /dev/fd/63' in a Gitlab CI job
If you're a Gitlab user you're probably hoping to use Gitlab CI to automate builds and deployments. You probably want to deploy something using rsync, using an SSH key for security. Unfortunately (in my opinion) the official Gitlab documentation is confusing. While the Gitlab team does provide example .gitlab-ci.yml files that are supposed to work, the actual specifics of what to do are sketchy, and I found myself puzzling over a curious error message: "Enter passphrase for /dev/fd/63" ... WTF?
Guccifer 2.0 and fake Romania connections to Russia hacking 2016 USA elections
Last Friday (July 13, 2018), the Meuller team issued an indictment of a handfull of Russian GRU agents who are claimed to have hacked the DNC and DCCC servers, then distributed stolen information in an attempt to discredit the Hillary Clinton campaign. Or maybe the goal was to have Donald Trump elected President, which did happen. In any case a big figure in the story is Guccifer 2.0, who purported to be a Romanian hacker, but the Meuller team claims was actually Russian agents. This seems like an interesting angle to explore a bit.
Installing OpenVPN on a Raspberry Pi Zero W, inexpensive security for your peace of mind
Nowadays our personal privacy is being threatened by new government policies. Fortunately the open source world gives us tools with which to secure our lives. This tutorial goes over installing OpenVPN on your home network, giving you a secure method to access resources on your home network from anywhere else. Suppose you have a NAS with many terabytes of data at home, but you're traveling thousands of miles away and need to access that data. A VPN service on your home network provides a porthole through which to do so, provided you have VPN software on the computer you're carrying.
Wikileaks reveals CIA iPhone penetration team: hacking the iPhone
A new batch of 8,761 files was released on Tuesday by WikiLeaks that alleges that the U.S. Central Intelligence Agency (CIA) has a dedicated iOS exploit team —and lacks the ability to keep the attack vectors under lock and key. They either bought or developed in-house a large pile of iPhone hacking tools. They were collected by the CIA's Center for Cyber Intelligence (CCI), a group of over 5000 members, and have been used to directly target over 10,000 people. However, the tools have escaped the CIA and are now circulating among former U.S. government hackers and contractors in an unauthorized manner. It is one of those people who released the information to Wikileaks.