Had a quick look at this today and it’s a doozy! Patrick Wardle has created a small python script that dumps the data from the macOS, notifications database. This is a whole lot of information that you may not want anyone to see, let alone audit. Be interesting if and how the Mac os X dev team may manage this issue.
More info hear…
Saw this today….”Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments”.
This will need more investigation – if it is what it purports to be … a lot of trouble!
I keep lots of note books, technical one’s and personal. Unfortunately like most people I’m not blessed with a photographic memory, but I can get rather methodical, and that’s useful.
Technical writing – this blogging thing is valuable. But I also like to write things in long hand and in pencil in note books! I know it sounds crazy, because these days we can google many if not most problems. But writing my own cheat sheets, (spells, as I call them ) can help a lot to jog the memory. Often it can be just as quick if not quicker than trying to find that page in google you forgot to book mark 3 years ago!
Not to mention that there is some evidence that a hand written approach to the problem solving process can have a number of positive side effects.
When I’m working on something technical my journal is close buy but I’ll also have the index open that I maintain in a spread sheet. The reason is that it’s a lot quicker to find things via the spread sheet. But I also have a hand written index that is good for if i’m off line or taking things slowly. We live in very fast times but it’s good on occasion to slow down a little, think and reap the benefits.
I have spent the afternoon researching the work of Sarah Jamie Lewis. A very interesting person and among other things she used to work for GCHQ! The irony is that she is now an independent security researcher who is pro anonymity and privacy advocate.
She is also the author of an interesting product called onionscan, which is a tool that can be used for mapping the dark web.
This particular talk I found rather interesting
Sarah Jamie Lewis: OnionScan: Practical Deanonymization of Hidden Services
Among other things it gives rise to the fact that if you want security you should find your self a great Sys admin! Put simply a lot of sites on the “Dark Web” are not well configured and if you use such services you could be at risk.
She covers such topics as why you should be careful if you use apache as a dark web server. Why not to use a google analytics id (don’t use the same id for all your sites) and be aware that if your using it in the real world as well as the dark web this is a rather incriminating vector!
Other things discussed are exif metadata (from photographs for instance) that give away your geolocation, phone type etc!!
Most importantly though she mentions a lot of the good things that the dark web can be used for including, that a lot of the dark web is blog sites, forums that help drug users with regards catching addiction before it happens and harm reduction. Also that the dark web is used to monitor human rights abuses, and censorship data gathering.
She sums up buy proposing that peer to peer may be the future of creating secure communications due to the fact that the client server model is rather difficult to secure and anonymise. Some very interesting, important and thought provoking work. Her twitter feed is also an interesting read and rather humorous but probably NSFW!
Source for onionscan
This is a Wombat not a snow flake!
My server hasn’t been working too well over the last 24 hours due to it becoming a bit of a snow flake, that and the fact the the plumber always has leaky pipes! Not to mention that I was running a rather old version of Debian.
What’s a snow flake server you may ask? It’s what all system admins should avoid! It’s a server that does all sorts of things (often rather well) and as such is a precious little snow flake! The problem with this is that the server will not, or is not, easy to manage or update or improve due to lack of documentation, configuration issues, and / or as was my issue- software and hardware conflicts.
There are a number of ways to manage machine production and developer working environments. These include approaches such as blue green servers, machine imaging with products like puppet and Ansible. As well as a VM approach with products like Vagrant or a software container product like Docker.
Whats also interesting is that with good old fashioned tools like password less key managed ssh access, and shell scripting you can control a lot of the process that the above products like to take claim for.
I’m going to think quite a bit about this snowflake problem some more in the coming weeks. I shall probably write more about how I, as someone with a “production server” and a number of other needs keeps all the ducks on the wall. The end result is that I hope I can create a machine from scratch in a very short space of time. Or at least learn a few things.
howmanypeoplearearound “calculates the number of people in the vicinity using the approximate number of smartphones as a proxy”
To do this on Mac os X first make sure that you have “brew” installed.
See the simple instructions / site hear
Your also going to need tshark the cli version of wireshark installed
brew install tshark
Also I found using python3 important as I was having dependency problems with the standard python install
Download and install python3 from hear
sudo pip3 install howmanypeoplearearound
now you can observe howmanypeoplearearound !
sudo howmanypeoplearearound -s 300 -o scan_big2.json -a en1
(Listens to network traffic for 5 minutes writes to the file scan_big2.json in json format using interface en1 (wireless card use ifconfig -a to check that yours is named in the same manner)
This is a very quick and dirty collection of notes to just get you up and running
View existing drives
lsblk -o NAME,SIZE,FSTYPE,TYPE,MOUNTPOINT
Create raid array
sudo mdadm –create –verbose /dev/md0 –level=6 –raid-devices=4 /dev/sda /dev/sdb /dev/sde /dev/sdd
Observe process of building
watch -n 3 -d cat /proc/mdstat
Ganesha is widely revered as the remover of obstacles
So from what I can work out your humble Sys Admin is a bit like a dentist! You know it’s good for you but no one likes pain, let alone paying for that pain.
But lets just hold it there for a minute can we? Lets just stop and think about this.
John Podesta recently had his email account hacked. Of that we have evidence, have a look at this.
There is some discussion that his account password was, or may have been “password”, or something simple and easy to hack. What ever his password was, it probably was not that difficult to hack see this information.
But guess what? If a System administrator had been looking after that email server properly this shouldn’t have happened.
So we now have a major question over the outcome of the political leadership of arguably the most powerful country on earth. Just so you know sysadmin appreciation day this year falls on Friday, 28 July.
Think about that! Especially if you have a good Sys admin who is looking after you and your network, and your email, and stays up late re booting the server doing stuff you never have to worry about, often stuff you don’t even care about until – whoops! Where did the election go?