Ah Facebook you’ve done it again!

Very interesting reading over the last few days from Gizmondo

https://gizmodo.com/facebook-is-giving-advertisers-access-to-your-shadow-co-1828476051?IR=T

In a nut shell it’s not a good idea to give FB your phone number. I’ve never felt right about FB wanting my phone number and I’m darn glad I’ve honoured that feeling.

From the article…
“They found that when a user gives Facebook a phone number for two-factor authentication or in order to receive alerts about new log-ins to a user’s account, that phone number became targetable by an advertiser within a couple of weeks.”

Also there is some confusion about how private address book data is, and what FB does with that information.

Again from the article…
“People own their address books,” a Facebook spokesperson said by email. “We understand that in some cases this may mean that another person may not be able to control the contact information someone else uploads about them.”

In addition, the use of the phone number for advertising, is something that destroys peoples trusting of 2 stage authentication. After this sort of abuse of data by one of the biggest brands in the world who would want to trust any one else with this degree of security?

They want more and more!

I also thought I’d mention this – a while back FB were trying to sucker people into giving them more data – email address info friend data… in return for more content… Don’t do it… FB wants you to rat on your friends. Also each user is worth up to about $158 to FB. So lets say you have 30 email address’s in your contacts, that’s $4,740.00 worth of data for more “Free” content – mainly generated by me and you.

But wait there’s more! Just at the time of writing this Zuk messes up again. From the NYT
Facebook Is Breached by Hackers, Putting 50 Million Users’ Data at Risk

 

hacky hack hack!

This morning I stumbled upon this. Apple one of the companies in the world that does sort of care about privacy was hacked by a 16 year old!

After busting the kid. Police uncovered a litany of hacking files and instructions all saved in a folder titled “hacky hack hack”.

Full link to the article

https://www.theage.com.au/national/victoria/melbourne-teen-hacked-into-apple-s-secure-computer-network-court-told-20180816-p4zxwu.html

Now coming at you via fiber optic – or FTTP!

So I moved home recently and what I didn’t realise, and what was also a very pleasant surprise, was that the new home has a fiber optic link (or fttp if you want the nice acronym!). So now via a not so great gigabit link via my ISP’s cheap and rather crappy supplied modem. It’s not rocket ship fast but should hopefully be a lot better than the old ADSL2 link that the poor thing limped along on. Fingers crossed that this should work faster and we should have longer uptimes!

 

Quick shout out dumpNotificationDB.py

Had a quick look at this today and it’s a doozy! Patrick Wardle has created a small python script that dumps the data from the macOS, notifications database. This is a whole lot of information that you may not want anyone to see, let alone audit. Be interesting if and how the Mac os X dev team may manage this issue.

More info hear…

https://www.patreon.com/posts/18714633

Happy new year and some update news!

Well happy new year and I hope that you have had a happy and safe holiday season! I’ve made a few minor changes to my sshfail project. For those of you who don’t know what that’s about have a look at this old post. In a nut shell it’s a script to generate a report that looks at the number of unsuccessful attempts to attack your machine if you have ssh enabled. It also creates a list of the ip address that generate this may hem and it’s darn educational.

My own experience is that the the machine fights back anything from 3 to 6 thousand attempts a day to hack it!  I’m making an assumption that the bigger sites – targets may be taking more flac than that. It’s sobering and sad that this is the state of the internet today. SO be careful out there and secure your machines.

Oh and the pic I’ve included – well stay tuned it’s an exciting arduino pi based project that I may let you all in on soon. But it’s secrete and in testing at the moment!

Hope you all have a most amazing 2018 and that you stay safe and happy.

Kind regards & have fun!

Steve Abrahall

PS for those of you who might like to run – play with the script hear is the source code.https://github.com/nevetsanderson/sshfail

if you have Git installed just cd to your home and run the following.

git clone https://github.com/nevetsanderson/sshfail.git

 

 

 

Write an iso to an external drive from Mac os X

 

A quick cheat!

Running an ios based installer from a hard drive, instead of from a usb can often be faster and is useful if you have a swag of machines to re image and esata is a lot faster than say usb V2. I’ve needed to do this a few times but I often spend far to much time looking for the information. So, Now I’ve written this little cheat!

First run this

diskutil list

This will give you a list of drives and the result will look a little like this

/dev/disk2 (external, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:                                                   *80.0 GB    disk2

As you can see hear the disk attached I want to write to is /dev/disk2
The command to use is

sudo dd if=linuxmint-18.2-cinnamon-64bit.iso of=/dev/disk2 bs=1m

This will write the contents of the iso the the external drive

Break down of the command

dd if={path_to_iso_image} of/dev/{location of device you want this written to} bs=1m

Enjoy

Detail and old technology

I keep lots of note books, technical one’s and personal. Unfortunately like most people I’m not blessed with a photographic memory, but I can get rather methodical, and that’s useful.

Technical writing – this blogging thing is valuable. But I also like to write things in long hand and in pencil in note books! I know it sounds crazy, because these days we can google many if not most problems. But writing my own cheat sheets, (spells, as I call them ) can help a lot to jog the memory. Often it can be just as quick if not quicker than trying to find that page in google you forgot to book mark 3 years ago!

Not to mention that there is some evidence that a hand written approach to the problem solving process can have a number of positive side effects.

When I’m working on something technical my journal is close buy but I’ll also have the index open that I maintain in a spread sheet. The reason is that it’s a lot quicker to find things via the spread sheet. But I also have a hand written index that is good for if i’m off line or taking things slowly. We live in very fast times but it’s good on occasion to slow down a little, think and reap the benefits.