Category: security

Skimmer Scanner

Today, Hackaday featured an app called Skimmer Scanner that I wish I’d known about before. Awhile back, I had my debit card skimmed, most likely at a gas pump.

Prior to the proliferation of Bluetooth, in order to skim a card, the crook needed physical access to the card reader to plant the skimmer, and physical access each time they wanted to retrieve data. Now that Bluetooth is common, they only need physical access once to plant the skimmer. As long as no one detects the skimmer, the crook can reap the rewards without any additional risk of getting caught.

This is also good news for consumers, as it allows apps like the above mentioned Skimmer Scanner which looks for a signature used by many skimmers to detect them. I know I’ll be using it every time I pull up to a pump or ATM from now on.

Set up a TOR WifI Gateway

With all the NSA spying and such, those who value their privacy may be interested in TOR, but not know where to start. Or they may want to enable TOR on their network by default. MAKE has a solution called How to Bake an Onion Pi, which many may find useful. My plan is to set something like this up, then having it sit alongside my regular wi-fi router. That way, I decide whether or not to use TOR via which WiFi network I connect to.

Weevely

Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.


PGP is 15 years old

Happy Birthday, PGP!

Wow! 15 years! It seems like only yesterday that I discovered PGP and spent countless hours pouring over the documentation to learn all of the command-line options that were required to get things going. At the time, I was totally amazed at how few of my fellow computer geeks could get a handle on using PGP. After all, Windows wasn’t really that popular until 95 came out. Almost everyone who used IBM-compatible PCs used DOS, or at least had to know how to use DOS in order to set up their menu program of choice.

One thing I remember doing, probably not in ’91 but certainly not many years later, was setting up batch files to use with my mail reader of choice at the time, OLX, so that I could set it to use these batch files as an external editor in order to either sign or encrypt messages for posting on the local BBSs. I’m sure that if I dig around enough, I’ll be able to find the 3 1/2 inch floppy that contains my original public and private keyrings. I even remember my original passphrase! Not only that, but I remember what I changed the passphrase to the first time I ever changed it.

Linux Security blog

This is my first announcement I hinted at yesterday: After doing a couple guest posts for the Linux Security blog over on Linux World Net, I’ve decided to make that arrangement more permanent. Jon has graciously accepted my offer to become the permanent author in addition to my duties as author of Minimum Linux. It should be lots of fun! 🙂

Look for my next announcement tomorrow 🙂