Skip to main content

Posts

Showing posts from August, 2015

Toe's swellin' up - that mean's a hurricane's comin'

So Tropical Storm Erika is rapidly approaching my home in South Florida. Those who don't live on the Gulf Coast or the South East usually aren't familiar with the drama that is living through a hurricane. Its an emotional roller coaster similar to what war has been described as " boredom punctuated by moments of extreme terror ." The hurricane comes at somewhat of an odd time; coming almost exactly three years after I was caught outside my house in the middle of a tornado which sent me flying into a wall after being hit by a wall of water . The tornado three years ago was the remnants of Tropical Storm Debbie, which was supposed to completely miss my neighborhood. The winds were so strong that they snapped a solid concrete bench in my back yard in half, right down to the re-bar. A gentle summer breeze In my front yard, the tornado ripped a 15-20 foot tree out by the roots, twisted it until it cracked, and laid the whole mess to rest on the hood of my car - mis

HOWTO Remove KB2876229 - the sneaky Skype 7 Windows "Update"

A ton of Skype users were unhappy with the update from Skype 6.x to 7.x. Most of what I have seen is complaining about a few minor changes to the user interface. In the usual baby/bathwater situation that follows this sort of thing, "Power Users" began circulating guides on how to modify hosts files to prevent TCP connections to skype and msn domains. You know, because making sure you have the correct proportion of whitespace is more important than stupid trivia like patching critical security vulnerabilities . To address this madness, Microsoft decided to get clever. In addition to sending the Skype 7 update through the Skype application and related packages like Lync, they would push it through as a Windows update - KB2876229 . The Skype application updates are pushed through *.skype.com and *.msn.com , while Windows updates come from domains like  *.microsoft.com , *.windowsupdate.com and *.windows.com . The looks over substance crowd hadn't yet reached the levels

This changed my mind about the War on Drugs

After seeing this I'm convinced we should probably keep the War on Drugs going for a few more decades. Remember, kids:

Anti-GamerGate activists threatened to blow up my mom

My mom was at an awards ceremony tonight for journalists in Miami. She was one of the first women in news radio in the South, a Pulitzer Prize nominee and a staunch feminist. So you can imagine my surprise when she told me that this afternoon she was escorted out of the awards ceremony after a series of not one or two but FIVE bomb threats were called in to the venue [ EDIT : some people are saying it was up to ten ]. The bomb threats weren't called in by ISIS or Al Qaeda or white supremacist militias. Apparently the threats were called in by anti-GamerGate activists. I guess somewhere in the same building was an event called SPJ AirPlay , which was targeted. Someone threatened to explode my mom over video games . This is my mom. I think she played Angry Birds once. I have to admit I am not very familiar with GamerGate. I guess it has something to do with a couple breaking up very publicly and a nasty blog post accusing video game critics of some sort of malfeasance? An

Assigning multiple IP addresses to a single Amazon EC2 instance on a single ENI

UPDATE March 1st, 2017 : I'm glad to see that people are finding this helpful, and thanks to everyone that has contacted me here or via email. Just to be clear, though, the script on GitHub works much better than what I describe here in this post. The idea for this post was to describe the basics of how to get IP aliasing working in EC2 w/out using Amazon's weirdo linux distro, and I wrote it about a while before I posted the script to GitHub . If you want functional code with step-by-step instructions, goto the aliaser GitHub repo . I just don't have the time to rewrite the post each time I (or someone else) has an update for the script. Also, if you have feature requests or feedback, it will be easier for me to get back to you on GitHub than here ... especially if you have something specific you want added or that doesn't work. Also, just FYI, I added a systemd .service file to the script in the aliaser GitHub repo a year ago. IIRC its LFB compatible so should wo

Afternoon Links 8/4/2015

I am a victim of my nostalgia. Yesterday, I revived a years-old post in which I provided bloggees with some of the latest Windows activation keys to update the data for Windows 10. I figured I might as well dredge up another bit I had let fall by the wayside; Weekly links ! Exciting, I know.    - Yahoo's ad network and Microsoft Azure's web hosting service were abused to circulate an enormous flood of malicious software . Malwarebytes is being credited with the discovery - which is a little amusing because Malwarebytes has for had their own issues with security   for many years. h/t Washington Post     - Planned Parenthood and a variety of other related organizations were brought offline by a sustained series of DDoS attacks .  In what may or may not have been the work of the same group of individuals, someone has claimed they have hacked Planned Parenthood and retrieved an employee list database of some kind or another .      AFAIK, this sort of thing is new to the abor

Privacy is for closers says Microsoft

Heres part of the Microsoft's 12,000 word ToS for Windows 10: Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to: 1.comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; 2.protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone; 3.operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 4.protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we

CrowdStrike founder George Kurtz made some outrageous claims in Fortune Magazine this week

George Kurtz has quite the resume. Perhaps you remember the time he spent at McAfee, a company founded by a drug-addled heavily-armed lunatic and maybe murderer whose recent contributions to infosec include being one of the handful of companies to use BSAFE encryption library in their products , the library famously back-doored by government security contractors/prostitutes RSA for a National Security Agency check in the amount of $10 million . Or perhaps you arm more familiar with his time as Chief Financial Officer of General Motors, whose flagship "IT" product, OnStar, is best known to actual security researchers as the government tracking device that allows police to disable your car remotely and quite likely kill you in the process. Did I say police? Because I meant basically anybody who has a computer and can read. And did I say disable? Because I also meant unlock the car and start the engine . George Kurtz is to the information technology community what Bull Connor

List of Windows Activation Keys for KMS - Windows 10 Edition!

Hey there everybody. सुनो! आप कैसे हैं A few years back I published a list of Windows Activation Keys  /  माइक्रोसॉफ्ट सक्रियण कुंजी  that can be used for KMS client deployment and approximately a bajillion readers visited it. Traffic was particularly heavy from my peoples in India, who are all awesome. It was by far the most popular post of all time on this website, despite the fact it received no media coverage and no one linked to it. All that love despite the fact that these keys are completely legit, 100% legal and simply buried deeply in Microsoft's documentation. These keys are specifically for volume-activation scenarios. If you think you will pull off some sort of piracy with these keys, you will be disappointed. Anyway, here are the latest keys for Microsoft's latest labor of love, Windows 10. Remember that to install a client key, open a command prompt as Administrator and use this command:   slmgr /ipk yourkeyhere If you aren't familiar with the process, che