Archive for the ‘Security’ Category
Posted by jpluimers on 2026/01/21
Interesting video explaining on Intel’s Management Engine which has been the Intel Inside part of about every Intel Chipset since 2008: [Wayback/Archive] The Intel Nobody Can Remove (Not Even You) – YouTube
This is very relevant as it runs on a lightweight operating system called Minix, and there is a move from attacks on end-user operating systems personal computers and mobile phones towards edge devices running lightweight operating systems (not limited to Citrix, Ivanti, Fortinet, Palo Alto, Cisco, SonicWall and Juniper – for a potential OS list see Category:Lightweight Unix-like systems – Wikipedia).
More sources have started warning for this, see for instance [Wayback/Archive] Network security devices endanger orgs with ’90s era flaws | CSO Online and [Wayback/Archive] Security Appliance Vulnerability Bingo 2025 – Google Regneark.
Hopefully [Wayback/Archive] Dr. Christopher Kunz | heise online will have created a cku.gt/appbingo26 this year.
--jeroen
Read the rest of this entry »
Posted in CPU, Cyber, Hardware, Infosec (Information Security), Intel CPUs, Power User, Security | Leave a Comment »
Posted by jpluimers on 2026/01/20
Nice memories of the TBAV/ThunderByte Anti-Virus story.
Together with Jeroen Smulders, I was sort of on the sideline in the early days as we both were at the university had access to FidoNet (I as host, other Jeroen as point), Internet, mailing lists and newsgroups.
I used it because it was the fastest Virus Scanner around and a need when scanning all incoming FidoNet data for viruses (I had seen at university what damage a spread could do).
Some VIRUS-L, comp.virus and book links from that past:
Read the rest of this entry »
Posted in 8086, 8088, Antivirus, BBS, Compuserve, FidoNet, History, Internet, Power User, SearchEngines, Security | Tagged: 96 | Leave a Comment »
Posted by jpluimers on 2026/01/01
Cool, since I switched to Let’s Encrypt a long while ago, I missed that various tools now require TLS expiration be no longer than 398 days away (and preferably even 397 days).
So I also missed the reason for that specific number of days. [Wayback/Archive] ssl – Why was 398 days chosen for TLS expiration? – Stack Overflow (thanks [Wayback/Archive] stevendesu and [Wayback/Archive] user10063)
answers it:
366+31+1 = 398 days
It equals one leap year + one month + “a little room to handle the messiness of dates.”
then posts a lot of quotes from references to the history on how that reason came to be. I have archived and listed the links below.
Most of the discussion was during a very hectic time in life: after a single sided bad accident my mentally retarded brother was in and assisting him during his recovery period, I developed cancer and had extensive treatments against it. All the more reason for missing all this:
Read the rest of this entry »
Posted in Communications Development, Development, Encryption, https, HTTPS/TLS security, Internet protocol suite, Let's Encrypt (letsencrypt/certbot), Power User, Security, TCP, TLS | Tagged: 138, 195 | Leave a Comment »
Posted by jpluimers on 2025/12/18
I have had JavaScript disabled by default for years now, which means that:
- if your site requires JavaScript, I will opt for an alternative
- I will block anything ad related, even if it means I cannot use your site
The reasons are simple:
- JavaScript has become a big security threat over time. Be it tracking (hello fingerprinting!), data leakage, direct attacks, supply chain attacks, sloppy code or other risks, JavaScript is not vulnerable just by itself, but especially the eco systems (hello npm – 2 attacks in September 2025 alone – and advertising networks) using it. Just a few references:
- [Wayback/Archive] The perils of JavaScript: How we’ve broken the internet’s security
- [Wayback/Archive] Most Common Security Vulnerabilities Using JavaScript – SecureCoding
- [Wayback/Archive] Supply Chain Security Alert: Popular Nx Build System Package Compromised with Data-Stealing Malware – StepSecurity
- [Wayback/Archive] Wormable Malware Causing Supply Chain Compromise of npm Code Packages – Arctic Wolf
- [Wayback/Archive] FingerprintJS | Identify Every Web Visitor & Mobile Device
- JavaScript has become a huge resource hog. Disabling JavaScript by default increased the snappiness and battery life of my laptops and smartphones significantly. In addition, it makes it way easier to read region-blocked content. Double win!
The below thread by [Wayback/Archive] Dr. Christopher Kunz (@christopherkunz@chaos.social) – chaos.social sparked me to finally write why and add some relevant links.
Thread:
Read the rest of this entry »
Posted in Development, Infosec (Information Security), JavaScript/ECMAScript, Power User, Scripting, Security, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2025/12/11
Nog. niet gecontroleerd, maar wellicht werkt dit ook voor (fragmenten van) radiouitzendingen?
Uit een draad over het liedje “Met puntjes” van Joke Bruijs die een paar maanden terug enkele dagen na haar boezem vriend en ex-man Gerard Cox overleed¹.
Ionica Smeets schreef over het liedje op Mastodon², maar de link naar de audio van de podcast [Wayback/Archive] Andermans Veren – Beluister Andermans Veren zondag 14 januari 2018 | Podcasts | NPO Radio 5 verdween al snel.
Omdat ik al eerder een probleem had met de audio van [Wayback/Archive] Keihard de Beste – NPO Podcast te downloaden, dook ik in de CDN die de NPO gebruikt.
De archivers hadden er wat problemen mee dus het staat in 2 stukken:
- [Wayback/Archive] Jeroen Wiert Pluimers: “@ionica ik ga het je proberen uit te leggen. En dan kan jij het vast in veel simpeler bewoording weer terug uitleggen zodat anderen het ook begrijpen. …” – Mastodon
- …
- [Wayback/Archive] Jeroen Wiert Pluimers: “@ionica hopelijk heb ik je een beetje kunnen helpen met je opmerkingen in…” – Mastodon
- …
- ³
Er waren wat zijstapjes naar onder meer hoe je een goede vraag op het internet moet stellen, dus de draad werd lang (:
Hieronder de volledige tekst, aangevuld met wat gearchiveerde links. Maar eerst twee versies van het liedje “Met puntjes” van Joke Bruijs: opnamen van 1986 en 1988:
Read the rest of this entry »
Posted in Authentication, CDN (Content Delivery Network), Cloud, CSS, Development, Hashing, HMAC, HTML, Infrastructure, Power User, Security, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2025/12/01
Posted in Power User, Security | 1 Comment »
Posted by jpluimers on 2025/11/19
[Wayback/Archive] Thread by @cyb3rops on Thread Reader App – Thread Reader App
If your agent gets flooded – detect the flooding.
If code gets obfuscated – detect the obfuscation.
If ETW gets silenced – detect the silence.
If the EDR gets killed – detect the killing.
If logs get cleared – detect the clearing.
The act of hiding is often more suspicious than what’s being hidden.
It’s like a surveillance camera going black or freezing.
That is the signal.
I’ve been doing this successfully for years.
I detect obfuscated crap all the time.
People ask, “What is it?”
I say, “No fucking clue. Could be:
– a Themida-packed sample with a Microsoft copyright,
– a UPX-packed ELF with a 1-char filename,
– a PowerShell script that looks like static noise, or
– a fake svchost.exe with no Microsoft copyright.”
I don’t need to know what it is.
It’s obviously shady.
That’s enough to detect it – and deal with it.
There’s a Chinese saying that fits perfectly: 欲蓋彌彰
The more you try to hide it, the more obvious it becomes.
--jeroen
Posted in Blue team, Development, DevOps, LifeHacker, Power User, Red team, Security, Software Development | Leave a Comment »
Posted by jpluimers on 2025/11/19
Voor mijn link archief: script tegen telemarketeers: [Wayback/Archive] EGBG tegenscript
Met name deze onderdelen op de pagina:
Via [Wayback/Archive] Angrynerds 023 – YouTube
–jeroen
Posted in LifeHacker, Power User, Security | Leave a Comment »
.
.
The Wiert Corner - irregular stream of stuff 