Archive for the ‘Infosec (Information Security)’ Category
Posted by jpluimers on 2026/06/03
Interesting, but be aware that using it outside a shielded environment likekly is illegal: [Wayback/Archive] Osmo-fl2k – osmo-fl2k – Open Source Mobile Communications
- osmo-fl2k allows to use USB 3.0 to VGA adapters based on the Fresco Logic FL2000 chip, which are available for around $5, as general purpose DACs and SDR transmitter generating a continuous stream of samples by avoiding the HSYNC and VSYNC blanking intervals.
…
- Operating a transmitter with the unfiltered FL2000 DAC output attached to an antenna outside a RF shielding chamber is dangerous. Don’t do it!
Related/via
Read the rest of this entry »
Posted in Development, Hardware Development, Infosec (Information Security), Pen Testing, Power User, Red team, Security | Leave a Comment »
Posted by jpluimers on 2026/05/04
Ook vandaag even een herinnering aan de NLUUG voorjaarsconferentie 2026 van (komende) donderdag 7 2026 mei in het Van der Valk Hotel Utrecht¹.
Deze keer omdat een goede vriend van me daar spreekt. Arjen Lentz heeft het over A Wizard’s Guide to Foreseeing the Unseen.
Dat klinkt misschien vaag, het concrete resultaat is dat je met analyse van CVE’s veel te weten komt over hun echte root cause. Die blijkt verrassend voorspelbaar, is fixbaar, en kennis daarover is niet alleen nuttig voor adversaries. Het kan jou namelijk helpen bij de development en selectie van wat je zelf gebruikt.
Het volledige programma staat hieronder², eerst de aankondiging van [Wayback/Archive] L⭕️rd Quux RCX CCX: “Over een week is het zover! De enige NLUUG conferentie van 2026. …” – Mastodon
Read the rest of this entry »
Posted in Blue team, Development, DVCS - Distributed Version Control, git, Infosec (Information Security), Power User, Red team, Security, Software Development, Source Code Management, Systems Architecture | 1 Comment »
Posted by jpluimers on 2026/01/21
Interesting video explaining on Intel’s Management Engine which has been the Intel Inside part of about every Intel Chipset since 2008: [Wayback/Archive] The Intel Nobody Can Remove (Not Even You) – YouTube
This is very relevant as it runs on a lightweight operating system called Minix, and there is a move from attacks on end-user operating systems personal computers and mobile phones towards edge devices running lightweight operating systems (not limited to Citrix, Ivanti, Fortinet, Palo Alto, Cisco, SonicWall and Juniper – for a potential OS list see Category:Lightweight Unix-like systems – Wikipedia).
More sources have started warning for this, see for instance [Wayback/Archive] Network security devices endanger orgs with ’90s era flaws | CSO Online and [Wayback/Archive] Security Appliance Vulnerability Bingo 2025 – Google Regneark.
Hopefully [Wayback/Archive] Dr. Christopher Kunz | heise online will have created a cku.gt/appbingo26 this year.
--jeroen
Read the rest of this entry »
Posted in CPU, Cyber, Hardware, Infosec (Information Security), Intel CPUs, Power User, Security | Leave a Comment »
Posted by jpluimers on 2025/12/18
I have had JavaScript disabled by default for years now, which means that:
- if your site requires JavaScript, I will opt for an alternative
- I will block anything ad related, even if it means I cannot use your site
The reasons are simple:
- JavaScript has become a big security threat over time. Be it tracking (hello fingerprinting!), data leakage, direct attacks, supply chain attacks, sloppy code or other risks, JavaScript is not vulnerable just by itself, but especially the eco systems (hello npm – 2 attacks in September 2025 alone – and advertising networks) using it. Just a few references:
- [Wayback/Archive] The perils of JavaScript: How we’ve broken the internet’s security
- [Wayback/Archive] Most Common Security Vulnerabilities Using JavaScript – SecureCoding
- [Wayback/Archive] Supply Chain Security Alert: Popular Nx Build System Package Compromised with Data-Stealing Malware – StepSecurity
- [Wayback/Archive] Wormable Malware Causing Supply Chain Compromise of npm Code Packages – Arctic Wolf
- [Wayback/Archive] FingerprintJS | Identify Every Web Visitor & Mobile Device
- JavaScript has become a huge resource hog. Disabling JavaScript by default increased the snappiness and battery life of my laptops and smartphones significantly. In addition, it makes it way easier to read region-blocked content. Double win!
The below thread by [Wayback/Archive] Dr. Christopher Kunz (@christopherkunz@chaos.social) – chaos.social sparked me to finally write why and add some relevant links.
Thread:
Read the rest of this entry »
Posted in Development, Infosec (Information Security), JavaScript/ECMAScript, Power User, Scripting, Security, Software Development, Web Development | Leave a Comment »
Posted by jpluimers on 2025/09/30
Posted in *nix, *nix-tools, Blue team, Bluetooth, Development, Encryption, ESP32, Hardware, Hardware Development, Hardware Interfacing, Home Audio/Video, HTTPS/TLS security, Infosec (Information Security), Network-and-equipment, Power User, Red team, Software Development, WiFi, Wireshark | Tagged: USBArmyKnife | Leave a Comment »
Posted by jpluimers on 2025/05/16
Cyber Gangsta’s Paradise | Prof. Merli ft. MC BlackHat [Parody Music Video] – YouTube [Wayback/Archive]
Cyber Gangsta’s Paradise; professor Merli featuring MC Blackhat
#ParodyMusicVideo #cybergangster #paradise #reimtsich
Via @christopherkunz@chaos.social [Wayback/Archive]
The video is on the walled garden called Instagram as well, but since I intentionally don’t have an account there accessing is hard. Anyway, it is at: [WaybackSave/Archive] Instagram: „Cyber Gangsta’s Paradise“ feiert Premiere 🎶🎬.
In the past, picuki was an alternative. Now it fails for instagram content. [Wayback/Archive] Instagram Reels Download with Reels Downloader got me to [Wayback/Archive] cdninstagram, which in the end worked.
Transcript (via Google, typos all mine), song-text (from video description), and of course the credits:
Read the rest of this entry »
Posted in Blue team, Cyber, Infosec (Information Security), Power User, Red team, Security | Tagged: cybergangster, paradise, ParodyMusicVideo, reimtsich | Leave a Comment »
The Wiert Corner - irregular stream of stuff 