Skip to main content

Posts

CrowdStrike founder George Kurtz made some outrageous claims in Fortune Magazine this week

George Kurtz has quite the resume. Perhaps you remember the time he spent at McAfee, a company founded by a drug-addled heavily-armed lunatic and maybe murderer whose recent contributions to infosec include being one of the handful of companies to use BSAFE encryption library in their products , the library famously back-doored by government security contractors/prostitutes RSA for a National Security Agency check in the amount of $10 million . Or perhaps you arm more familiar with his time as Chief Financial Officer of General Motors, whose flagship "IT" product, OnStar, is best known to actual security researchers as the government tracking device that allows police to disable your car remotely and quite likely kill you in the process. Did I say police? Because I meant basically anybody who has a computer and can read. And did I say disable? Because I also meant unlock the car and start the engine . George Kurtz is to the information technology community what Bull Connor ...

List of Windows Activation Keys for KMS - Windows 10 Edition!

Hey there everybody. सुनो! आप कैसे हैं A few years back I published a list of Windows Activation Keys  /  माइक्रोसॉफ्ट सक्रियण कुंजी  that can be used for KMS client deployment and approximately a bajillion readers visited it. Traffic was particularly heavy from my peoples in India, who are all awesome. It was by far the most popular post of all time on this website, despite the fact it received no media coverage and no one linked to it. All that love despite the fact that these keys are completely legit, 100% legal and simply buried deeply in Microsoft's documentation. These keys are specifically for volume-activation scenarios. If you think you will pull off some sort of piracy with these keys, you will be disappointed. Anyway, here are the latest keys for Microsoft's latest labor of love, Windows 10. Remember that to install a client key, open a command prompt as Administrator and use this command:   slmgr /ipk yourkeyhere If you aren't familiar...

Leaked Zerofox documents outline Baltimore network infrastructure vulnerabilities

Several days ago a document from the corporation Zerofox was leaked on the internet. Zerofox is a domestic spying organization there is no other word for them. They are paid obscene amounts of money to monitor people's Twitter and Facebook accounts, and provide the results of their stalking to police departments and other people who are in theory bound to respect the autonomy of free political speech. In the document that was leaked, Zerofox claimed to have "mitigated" 19 "threats" and "monitored" hundreds of others. The document is available here . What constitutes a threat? Political speech that is critical of the police. At the top of the list of "physical threats" are #blacklivesmatter activists Deeray McKesson and Johnetta Elzie , neither of whom have ever been convicted of a violent crime AFAICT. The report recommends that police engage in "continuous monitoring" of the pair and justify this absurd response because they ha...

Cryptome publishes my Wikileaks findings

Those unfamiliar with my Wikileaks findings should read my (so far) four post series on my discover of malware within files available for download on the Wikileaks website that can, among other things, identify and track those reading infected files: 1st post  |  2nd post  |  3rd post  |  4th post   Note that my posts are lengthy and contain some technical information. If you aren't really into reading technical things you would probably prefer the summaries of my findings available in The Register or  Neue Zürcher Zeitung (for German speakers).  Because Wikileaks has refused to inform its users that the infected files are, in fact malicious, I went public with my findings. Cryptome has just published a letter with a brief explanation of the issues with the Wikileaks malware .  Cryptome is a long time advocate of government transparency, and had already been publishing leaked documents on their website for close to a dec...

PHP logging timestamp oddities

I noticed something odd yesterday while reviewing log data on one of the RHEL 7 web servers I look after. Peering through the PHP error log, I noticed that all of the timestamps were formatted using the Coordinated Universal Time (UTC ... because acronyms that make sense are for losers). [29-Jul-2015 14:26:04 UTC] PHP [redacted] on line 511 [29-Jul-2015 14:26:04 UTC] PHP [redacted] on line 530 [29-Jul-2015 14:26:04 UTC] PHP [redacted] on line 574 [29-Jul-2015 14:26:04 UTC] PHP [redacted] on line 607 [29-Jul-2015 14:26:04 UTC] PHP [redacted] on line 629 There is nothing wrong with UTC. UTC avoids the calamities inherent in the highly politicized, frequently changed, deeply flawed and inevitably pointless Daylight Savings rules. And unlike epoch-based timestamps, UTC is human readable. It's good stuff. Your hwclock should use it. With that said, with this particular server a decision was made for logging to consistently be Eastern Time. So I jumped through a number of hoops to ...

Hotmail is bouncing bugtraq mailing list emails from Yahoo

What really irks me about this is that I deliberately use gigantic, stupid MTAs like gmail and live mail to deliberately avoid this sort of garbage (deliberately). Those familiar with administrating large volume email can appreciate that you can perfectly configure your mail server and end up bounding all over the place because almost everyone with a mail server is not an actual email administrator and has no clue what they are doing. Email, like high school, is ultimately all about popularity . Even the least competent of email server owners will eventually get tech support to make sure google and microsoft can deliver to and receive from their Zimbra abomination. At least that's what I figured until I started getting bounces like the one below. It seems Microsoft has decided that Security Focus mailing lists are too dangerous. To step up the oddity of this policy, bounces only occur when the originating MTA is with Yahoo. I can receive email directly from securityfocus.com. I c...