Archive for the ‘Security’ Category
Posted by jpluimers on 2026/06/03
Interesting, but be aware that using it outside a shielded environment likekly is illegal: [Wayback/Archive] Osmo-fl2k – osmo-fl2k – Open Source Mobile Communications
- osmo-fl2k allows to use USB 3.0 to VGA adapters based on the Fresco Logic FL2000 chip, which are available for around $5, as general purpose DACs and SDR transmitter generating a continuous stream of samples by avoiding the HSYNC and VSYNC blanking intervals.
…
- Operating a transmitter with the unfiltered FL2000 DAC output attached to an antenna outside a RF shielding chamber is dangerous. Don’t do it!
Related/via
Read the rest of this entry »
Posted in Development, Hardware Development, Infosec (Information Security), Pen Testing, Power User, Red team, Security | Leave a Comment »
Posted by jpluimers on 2026/05/07
A few years back this trick was shown to screw up %windir%\system32 [Wayback/Archive] Patrick Doyle on Twitter: “@SwiftOnSecurity @RoseAreaZero Delete any file in three easy steps: > takeown /F "example.ext" > icacls "example.ext" /grant "%USERNAME%":F > del "example.ext"“.
Like [Wayback/Archive] SwiftOnSecurity (@SwiftOnSecurity) / Twitter (see the long thread further below), I was expecting that Windows would either prevent you from doing this at all, or allow for easy recovery with System File Protection (now Source: Windows File Protection).
That didn’t prevent or recover it back then.
I wonder if that has been changed by now.
From the above Tweet:
Delete any file in three easy steps:
> takeown /F "example.ext"
> icacls "example.ext" /grant "%USERNAME%":F
> del "example.ext"
Read the rest of this entry »
Posted in Batch-Files, Development, Power User, Scripting, Security, Software Development, Windows, Windows 10, Windows 11, Windows Development | Leave a Comment »
Posted by jpluimers on 2026/05/04
Ook vandaag even een herinnering aan de NLUUG voorjaarsconferentie 2026 van (komende) donderdag 7 2026 mei in het Van der Valk Hotel Utrecht¹.
Deze keer omdat een goede vriend van me daar spreekt. Arjen Lentz heeft het over A Wizard’s Guide to Foreseeing the Unseen.
Dat klinkt misschien vaag, het concrete resultaat is dat je met analyse van CVE’s veel te weten komt over hun echte root cause. Die blijkt verrassend voorspelbaar, is fixbaar, en kennis daarover is niet alleen nuttig voor adversaries. Het kan jou namelijk helpen bij de development en selectie van wat je zelf gebruikt.
Het volledige programma staat hieronder², eerst de aankondiging van [Wayback/Archive] L⭕️rd Quux RCX CCX: “Over een week is het zover! De enige NLUUG conferentie van 2026. …” – Mastodon
Read the rest of this entry »
Posted in Blue team, Development, DVCS - Distributed Version Control, git, Infosec (Information Security), Power User, Red team, Security, Software Development, Source Code Management, Systems Architecture | 1 Comment »
Posted by jpluimers on 2026/04/10
Cool: [Wayback/Archive] scr.im « Share your email in a safe way. Get less spam.
Bumped into this via [Wayback/Archive] Mary Branscombe (@marypcbuk) / Twitter.
At the time of writing, it had an invalid TLS certificate, so you would get red warnings when accessing it over HTTPS.
Hopefully that has been fixed by now.
It’s not exactly security through obscurity, but it allows people to access your email after solving a captcha so it is not 100% secure but a lot more secure than otherwise.
I found it 5 years after mailhide got discontinued by Google. I used it on my [Wayback/Archive] Contact form through mailhide.recaptcha.net which Google slowly killed without me noticing likely because Google didn’t want to upgrade it from using reCAPTCHA v1 into v2 or v3.:
Read the rest of this entry »
Posted in LifeHacker, Power User, Security | Leave a Comment »
Posted by jpluimers on 2026/02/25
Often I need to generate passwords or uuids (on some systems called guids). I usually try to do that in a relatively platform agnostic way as I use MacOS, Windows and Linux in various mixes for many reasons (for instance that I have had developed quite hefty RSI in the early 1990s of the and the best keyboard/pointing-device combination for is the MacBook built in keyboard/touchpad combination so basically MacBooks are my window to all other operating systems).
Generating randomly with a good random number generator them makes sense as for most usage, it is important that both passwords and uuids are hard to guess which means having an entropy that is as high as possible.
A cool thing about OpenSSL is that:
- most of not all systems have it installed (it was no coincidence I published Installing OpenSSL on Windows a few days ago)
- it has a very good pseudo-random number generator and as of [Wayback/Archive] OpenSSL version 1.1.1 first released in 2018 has solved the problem around [Wayback/Archive] Random fork-safety – OpenSSLWiki, see [Wayback/Archive] Our Review of the OpenSSL 1.1.1 Random Number Generation Update – OSTIF.org.
- it supports various useful output formats
hex (hexadecimal) and base64 (next to the default of octet – or by today’s naming convention byte – output)
The easiest to generate are passwords. Yes I know that password managers can do this too, but there are some systems I cannot use them on or sync between them (don’t you love the corporate world) so my aim is to use a random password generator in a platform agnostic way which usage is easy to remember. Read the rest of this entry »
Posted in *nix, *nix-tools, Apple, base64, bash, bash, Batch-Files, Conference Topics, Conferences, Development, Encoding, Event, HEX encoding, Mac, Mac OS X / OS X / MacOS, MacBook, OpenSSL, Power User, Python, Scripting, Software Development, Windows | Leave a Comment »
Posted by jpluimers on 2026/01/21
Interesting video explaining on Intel’s Management Engine which has been the Intel Inside part of about every Intel Chipset since 2008: [Wayback/Archive] The Intel Nobody Can Remove (Not Even You) – YouTube
This is very relevant as it runs on a lightweight operating system called Minix, and there is a move from attacks on end-user operating systems personal computers and mobile phones towards edge devices running lightweight operating systems (not limited to Citrix, Ivanti, Fortinet, Palo Alto, Cisco, SonicWall and Juniper – for a potential OS list see Category:Lightweight Unix-like systems – Wikipedia).
More sources have started warning for this, see for instance [Wayback/Archive] Network security devices endanger orgs with ’90s era flaws | CSO Online and [Wayback/Archive] Security Appliance Vulnerability Bingo 2025 – Google Regneark.
Hopefully [Wayback/Archive] Dr. Christopher Kunz | heise online will have created a cku.gt/appbingo26 this year.
--jeroen
Read the rest of this entry »
Posted in CPU, Cyber, Hardware, Infosec (Information Security), Intel CPUs, Power User, Security | Leave a Comment »
Posted by jpluimers on 2026/01/20
Nice memories of the TBAV/ThunderByte Anti-Virus story.
Together with Jeroen Smulders, I was sort of on the sideline in the early days as we both were at the university had access to FidoNet (I as host, other Jeroen as point), Internet, mailing lists and newsgroups.
I used it because it was the fastest Virus Scanner around and a need when scanning all incoming FidoNet data for viruses (I had seen at university what damage a spread could do).
Some VIRUS-L, comp.virus and book links from that past:
Read the rest of this entry »
Posted in 8086, 8088, Antivirus, BBS, Compuserve, FidoNet, History, Internet, Power User, SearchEngines, Security | Tagged: 96 | Leave a Comment »
The Wiert Corner - irregular stream of stuff 