The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,860 other subscribers

Archive for the ‘Security’ Category

« Previous Entries
Next Entries »

In case I need a small 5-port managed switch that can do port-mirroring: GS305E | Easy Smart Managed Essentials Switch | NETGEAR Support

Posted by jpluimers on 2025/08/13

[Wayback/Archive] GS305E | Easy Smart Managed Essentials Switch | NETGEAR Support which can do many-to-one port mirroring.

This is a newer and cheaper hardware revision than the:

  • GS105Ev2 (which is managed and can do port-mirroring, and is confusingly sold as GS105E-200) which in Germany already is end-of-life
  • GS105Ev1 (which is unmanaged and cannot do port-mirroring and is confusingly sold as GS105E-100) which is end-of-life but still sold

Via [Wayback/Archive] Everyone Should Have One of These – EASY Packet Capture! – YouTube who explains very well why you need a switch that can do port-mirroring, then recommends the GS105E but forgets to mention:

  • there are different revisions of the GS105E with the above drawbacks
  • there is GS305E

Related:

Read the rest of this entry »

Posted in Blue team, Communications Development, Development, Ethernet, Hardware, Internet protocol suite, Network-and-equipment, Power User, Red team, Security, Software Development, TCP, UDP | Leave a Comment »

html – What can cause Chrome to give an net::ERR_FAILED on cached content against a server on localhost? – Stack Overflow

Posted by jpluimers on 2025/08/07

On my research list [Wayback/Archive] html – What can cause Chrome to give an net::ERR_FAILED on cached content against a server on localhost? – Stack Overflow

The reason what that back then this would fail (but worked in Firefox and Safari, and because I was in a hurry I didn’t research further): [Wayback/Archive] https://www.office.com/

This site can’t be reached

The webpage at https://www.office.com/ might be temporarily down or it may have moved permanently to a new web address.

ERR_FAILED

Thanks [Wayback/Archive] Mason Wheeler and [Wayback/Archive] Joel Davey.

Details:

Read the rest of this entry »

Posted in Chrome, Communications Development, Development, Encryption, HTTP, https, HTTPS/TLS security, Power User, Security, TCP, TLS, Web Browsers, Web Development | Leave a Comment »

GitHub – minvws/horsebattery: A password generator inspired by https://xkcd.com/936/

Posted by jpluimers on 2025/07/22

[Wayback/Archive] GitHub – minvws/horsebattery: A password generator inspired by https://xkcd.com/936/

Inspiration: [Wayback/Archive] xkcd: Password Strength

Curated Dutch word list: [Wayback/Archive] horsebattery/config/nl/word-list.txt at main · minvws/horsebattery · GitHub

Via: [Wayback/Archive] Discord

--jeroen

Posted in Development, Passwords/manages, PHP, Power User, Scripting, Software Development | Leave a Comment »

HackErOpUit – agenda with hacker/maker/security related conferences and meetings in or near The Netherlands; add your own event through a pull request

Posted by jpluimers on 2025/07/08

[Wayback/Archive] HackErOpUit

Pull-requests via [Wayback/Archive] GitHub – revspace/hackeropuit: HackErOpUit.nl website

An overview of hacker-events in and around the Netherlands

Patches welcome ;) (Both in the code as with new events)

The different kinds of events are at [Wayback/Archive] hackeropuit/events at master · revspace/hackeropuit · GitHub.

Via: [Wayback/Archive] Angry Nerds – de privacy en security podcast. ->  [Wayback/ArchiveDiscord | #houd-toch-je-feedback | Angrynerds Podcast

--jeroen

Posted in Development, Hardware, Power User, Security, Software Development | Tagged: | Leave a Comment »

VISA payments needed JavaScript enabled for https://secure5.arcot.com/

Posted by jpluimers on 2025/07/04

While paying with VISA card for some services, I had to explicitly enable JavaScript for the https://secure5.arcot.com/ domain which looks suspicious and is titled [Wayback/Archive] location.hostname

Screenshot: This is Arcot Secure Services This is the Arcot OBO verified by visa service Please visit visa website for more details

Before I enabled JavaScript for it, I did some querying around as at first it looked like a man-in-the-middle-attack. I wasn’t the only one, as this was going on since 2013 (but I didn’t notice it earlier as I only disabled JavaScript for most sites in 2022): [Wayback/Archive] Verified by Visa and arcot.com function like a man-in-the middle attack – Jason Pearce (found via [Wayback/Archive] arcot obo – Google Search)

JavaScript there is needed so VISA card can use Arcot to be the intermediate between VISA and the web-site:

Read the rest of this entry »

Posted in Power User, Security | Leave a Comment »

Of interest – GitHub – t-d-k/LibreCrypt: LibreCrypt: Transparent on-the-fly disk encryption for Windows. LUKS compatible.

Posted by jpluimers on 2025/06/17

Of interest – despite the known issues and LUKS workaround through WSL – mainly as the majority was written in Delphi: [Wayback/Archive] GitHub – t-d-k/LibreCrypt: LibreCrypt: Transparent on-the-fly disk encryption for Windows. LUKS compatible.

Found when researching TFrame – What is the accepted way to use frames in Delphi? – Stack Overflow.

Related: Read the rest of this entry »

Posted in Delphi, Development, Encryption, Power User, Software Development, Windows Development | Leave a Comment »

PayPal domains to enable JavaScript for

Posted by jpluimers on 2025/06/16

I have JavaScript disabled in my browser and had to enable it for these domains to get PayPal working:

Without the first and last, Captchas nor 2FA would work.

[Wayback/Archive] Netify.ai: PayPal – Domains, IPs and App Information (which I found via [Wayback/Archive] domains used by paypal – Google Search) only lists primary domains (not subdomains like the above) and contains both paypal.com and paypalobjects.com.

The list is by Netify.ai, the company having Deep Packet Inspection products around the open source engine [Wayback/Archive] pcbaldwin/netifyd: The open-source Netify DPI engine is a standalone deep packet inspection agent that provides a flexible and affordable DPI solution for gateways, firewalls, SD-WAN, WiFi, IoT and other OEM devices..

–jeroen

Posted in 2FA/MFA, Authentication, Power User, Security | Leave a Comment »

0x00 – Introduction to Windows Kernel Exploitation //

Posted by jpluimers on 2025/05/27

On my reading list (plus read/watch the links it mentions): [Wayback/Archive] 0x00 – Introduction to Windows Kernel Exploitation // by [Wayback/Archive] wetw0rk (@wetw0rk_bot) / X ([Wayback/Archive] wetw0rk.github.io).

Hopefully by now, more episodes have been published.

Links from this one, including archived versions split in the same sections as the above article:

Via [WaybackSave/Archive] Alex Plaskett on X: “0x00 – Introduction to Windows Kernel Exploitation by @wetw0rk_bot …”.

--jeroen

Posted in Development, Infosec (Information Security), Red team, Security, Software Development | Tagged: | Leave a Comment »

Cyber Gangsta’s Paradise | Prof. Merli ft. MC BlackHat [Parody Music Video] – YouTube

Posted by jpluimers on 2025/05/16

Cyber Gangsta’s Paradise | Prof. Merli ft. MC BlackHat [Parody Music Video] – YouTube [Wayback/Archive]

Cyber Gangsta’s Paradise; professor Merli featuring MC Blackhat

Via @christopherkunz@chaos.social [Wayback/Archive]

The video is on the walled garden called Instagram as well, but since I intentionally don’t have an account there accessing is hard. Anyway, it is at: [WaybackSave/Archive] Instagram: „Cyber Gangsta’s Paradise“ feiert Premiere 🎶🎬.

In the past, picuki was an alternative. Now it fails for instagram content.  [Wayback/Archive] Instagram Reels Download with Reels Downloader got me to [Wayback/Archive] cdninstagram, which in the end worked.

Transcript (via Google, typos all mine), song-text (from video description), and of course the credits:

Read the rest of this entry »

Posted in Blue team, Cyber, Infosec (Information Security), Power User, Red team, Security | Tagged: , , , | Leave a Comment »

September 2024 – Agust Tell HN: Twilio quietly removes Authy iOS app from Mac App Store, stops updates | Hacker News

Posted by jpluimers on 2025/05/05

Installing the Authy iOS app on a Apple Silicon Mac (M1/M2/M3/…) used to be the way to keep using Authy in the Mac Desktop, as early this year Authy announced their desktop applications would shut down by August (links further below).

I missed the September 2024 post [Wayback/Archive] Tell HN: Twilio quietly removes Authy iOS app from Mac App Store, stops updates | Hacker News, which basically means that if you had it installed on a Mac, it will keep being installed but never updated.

This was done silently by Authy owner Twilio making new installs are possible, never updating old installs any more thereby effectively decreasing your security.

Anyway: if you want to try side-loading, this is the iOS app link: [Wayback/Archive] Twilio Authy on the App Store.

Sideloadly (links further below)  might work, but in reality it likely is better to have your MFA running on a separate device.

Read the rest of this entry »

Posted in 2FA/MFA, Authentication, Power User, Security, TOTP (Timebase One Time Pads) | Leave a Comment »

« Previous Entries
Next Entries »