I’ll admit it – I’m addicted to google and their services. I use Android, which saves my location history (which helps with my travel reports for work – months later I can see when and where I was), provides me with voice searches and contact management. I am a gmail user since they first announced… Continue Reading When the cloud goes wrong
http://www.washingtonpost.com/national/experts-warn-about-security-flaws-in-airline-boarding-passes/2012/10/23/ed408c80-1d3c-11e2-b647-bb1668e64058_story.html The last time we flew home, I got the “random selection” to be extra screened which was very annoying. It started when I went through the security theatre, the agent pointed out that I had a “DDD” printed on my boarding card, which means that I was subjected to additional security checks. This required… Continue Reading Airport Security hole
My local radio station has a web stream, that you can play from their website (www.radiokoeln.de). Their site, in addition to having annoying ads that delay the start of the music, only runs on Adobe Flashplayer. I wanted to be able to play it on my Raspberry Pi from XBMC, which is running an arm… Continue Reading Breaking into your local radio station
Mis-addressed emails is a common occurrence, particularly with one of my first accounts. On any given day I receive two or three emails intended for someone else. Most commonly, I receive welcome emails from mailing lists. But once in a while I get something more interesting. This one, at first glance, seemed like all the… Continue Reading Why you should always know your email address
I received a message from (not) my bank “Bank of America” about some recent account activity in (not) my account. The link leads here: http://nycompsonline.com/_vti_logs/_vti_logs/onlineest/onlineest/bankofamerica/onlinebankingsitekey/ which lead me to this search, which reveals all sites compromised by this toolkit: http://www.google.ca/search?q=%22Please+complete+all+of+the+information%22+%22(it+is+the+last+3+or+4+digits+AFTER+the+credit+card+number+in+the+signature+area+of+the+card+)%22&hl=en&client=firefox-a&rls=org.mozilla:en-GB:official&hs=i43&filter=0
This nifty little trick allows you to manually enter http requests over https: openssl s_client -connect www.pcfinancial.ca:443 -state This command takes place of telnet “www.google.ca 80” in that openssl negotiates all the key junk for you, and allow you to hack test https webservers.
Block Brute Force with IP Tables