Posted by jpluimers on 2019/02/18
Got some calls to my phone numbers in The Netherlands from +18553308653 that I did not ask for. The below searches revealed it is likely someone trying to use those to setup Two Factor Authentication.
It was not my live account, as that was already covered by the Microsoft Authenticator app (you can set up your phone number through account.live.com/names/Manage and authentication through account.microsoft.com/security, see steps at [WayBack] Microsoft – Authy).
Posted in 2FA/MFA, Authentication, Authy, Power User, Security | Leave a Comment »
Posted by jpluimers on 2019/01/25
This week, Google introduced the [WayBack] Phishing Quiz, a series of questions to see how good you spot phishing emails.
It is a perfect example on why Google AMP is a bad idea: it makes it easier to write phishing mail targeting Google users.
One of the questions is about a password change email seemingly from Google with a link by Google.
The link is really deceptive, as it:
This will deceive a lot of people as they are trained to look at the main domain to assess authenticity: google.com
That combined with an email domain that also looks being from Google (with so many real word top-level domains, many would not be surprised getting email from no-reply@google.support)
Just look at the below screenshot to see how deceptively this trick is.
Posted in Google, LifeHacker, Power User, Security | Leave a Comment »
Posted by jpluimers on 2019/01/23
Don’t forget your padding: Hello,I’m playing with the APK format of a sample “Hello world” Android application.my (first) goal is to be able to rebuild an APK from a unzipped one… – Paul TOTH – Google+
References: RSA Algorithm
–jeroen
Posted in Android, Development, Encryption, Mobile Development, Power User, Security, Software Development | Leave a Comment »
Posted by jpluimers on 2019/01/16
With the advent of WebSockets, it looks like TCP tunnels over HTTP/HTTPS are gaining more ground and I need to put some research time in them.
Some old to new links:
CONNECT requests are not supported by many HTTP proxies, especially in larger organisations, so chisel and crowbar have a much bigger chance there.
However, that is a VPN solution which is much broader than just a single TCP tunnel. You can so similar things with OpenVPN, but over HTTP/HTTPS, also requires CONNECT:
SoftEtherVPN seems to be more versatile though. I blogged about that before, but back then didn’t have needs for it yet. VPN over HTTPS: Ultimate Powerful VPN Connectivity – SoftEther VPN Project.
–jeroen
via: [WayBack] VPN through only http – Server Fault answer by [WayBack] neutrinus
Posted in Communications Development, Development, HTTP, https, Internet protocol suite, Network-and-equipment, OpenVPN, Power User, TCP, VPN, WebSockets, Windows-Http-Proxy | Leave a Comment »
Posted by jpluimers on 2019/01/15
10 years after the publication of the [WayBack] Top 25 Most Dangerous Programming Mistakes, the list for me is still the same.
You can see this from the CWE/SANS revisions: 1.0 in 2009 until 1.0.3 in 2011: not much changed.
Via: [WayBack] Top 25 Most Dangerous Programming Mistakes (2009) – Lars Fosdal – Google+
–jeroen
Posted in Development, Power User, Security, Software Development | Leave a Comment »
Posted by jpluimers on 2019/01/15
Interesting library with ditto command-line tools: [Wayback/Archive] oath-toolkit / oath-toolkit · GitLab.
It allows you to perform all sorts of OAUTH operations from your code or terminal window including generation and verification of OAUTH tokens through [WayBack] OATHTOOL.
Which allows you to do TOTP “zero fucktor” authentication. [WayBack/Archive] Zero Fucktor Authentication – Kristian Köhntopp – Google+: [WayBack] Zero Factor Authentication – The Isoblog.
The project has it’s home at [WayBack] OATH Toolkit, but the repository has done some traveling and for now ended up at GitLab: [Wayback/Archive] oath-toolkit / oath-toolkit together with the web-site source [Wayback/Archive] oath-toolkit / website.
Posted in Development, Power User, Security, Software Development | Leave a Comment »
Posted by jpluimers on 2018/12/10
On the same server, part of my letsencrypt renewals worked fine, while others had an error like this:
------------------------------------------------------------------------------- Processing /etc/letsencrypt/renewal/spring4d.4delphi.com.conf ------------------------------------------------------------------------------- Cert is due for renewal, auto-renewing... Renewing an existing certificate Performing the following challenges: tls-sni-01 challenge for spring4d.4delphi.com Waiting for verification... Cleaning up challenges Attempting to renew cert from /etc/letsencrypt/renewal/spring4d.4delphi.com.conf produced an unexpected error: Failed authorization procedure. spring4d.4delphi.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Error getting validation data. Skipping. ... - The following errors were reported by the server: Domain: spring4d.4delphi.com Type: connection Detail: Error getting validation data To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
A retry worked fine:
------------------------------------------------------------------------------- Processing /etc/letsencrypt/renewal/spring4d.4delphi.com.conf ------------------------------------------------------------------------------- Cert is due for renewal, auto-renewing... Renewing an existing certificate Performing the following challenges: tls-sni-01 challenge for spring4d.4delphi.com Waiting for verification... Cleaning up challenges ... The following certs were successfully renewed: /etc/letsencrypt/live/spring4d.4delphi.com/fullchain.pem (success)
–jeroen
Posted in Encryption, Let's Encrypt (letsencrypt/certbot), Power User, Security | Leave a Comment »
Posted by jpluimers on 2018/12/06
Found out yesterday that Avira marks one of many Delphi 10.1 built executables as false positive; submitted, but VirusTotal shows it as false positive:
Related:
I think it was Avira too that interfered with my Delphi IDE compiling Delphi applications, especially resource compilation:
ConHost, cmd or/and BRCC.exe in the tree, none of them using much CPU or even being suspended 1/… @AskAvira… 
–jeroen
Posted in Delphi, Development, Security, Software Development | 4 Comments »
Posted by jpluimers on 2018/12/04
From [WayBack] Kubernetes’ first major security hole discovered | ZDNet in reverse order:
Fortunately, there is a fix, but some of you aren’t going to like it. You must upgrade Kubernetes. Now. Specifically, there are patched version of Kubernetes [WayBack] v1.10.11, [WayBack] v1.11.5, [WayBack] v1.12.3, and [WayBack] v1.13.0-rc.1.
…
[WayBack] Red Hat said, “The privilege escalation flaw makes it possible for any user to gain full administrator privileges on any compute node being run in a Kubernetes pod. [WayBack] This is a big deal. Not only can this actor steal sensitive data or inject malicious code, but they can also bring down production applications and services from within an organization’s firewall.”
…
And the bug, [WayBack] CVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It’s a [WayBack] CVSS 9.8 critical security hole.
Via [WayBack] Kubernetes’ first major security hole discovered | ZDNet – Ondrej Kelle – Google+
–jeroen
Posted in Cloud, Containers, Docker, Infrastructure, Kubernetes (k8n), Power User, Security | Leave a Comment »
Posted by jpluimers on 2018/11/23
If you are not a company good at infrastructure, then do not start hosting new things yourself. This is why I like the DelphiPraxis forums (both English and German), as they really know what they are doing.
Of course, forums never have all the features in a way that each user wants, but DelphiPraxis is secure, has well maintained and public moderators, and a history if quality posts.
But the G+ group did move there for a reason (: [WayBack] We have moved to https://en.delphipraxis.net ! Starting January 1st, 2019 – the G+ Delphi Developers Community will be closed for new posts and new mem… – Lars Fosdal – Google+
After a long series of goofing around with infrastructure (old forums, new forums, now newer forums, years of TLS trouble, selling software or which the infrastructure has been down for a long time), last week, finally they had the [WayBack] New official Embarcadero forums online http://community.idera.com/developer-tools/ The sign-up/login is a bit prickly at first, so keep your login name… – Lars Fosdal – Google+.
The announcement already has a the catch in the title: initially they were http only, so totally insecure for your logon data. They could have easily circumvented that by deploying some LetsEncrypt renewal, for instance the commercial one in Delphi ([WayBack] Execute’s Online Store), of which this is a demo: [WayBack] GitHub – tothpaul/LetsEncryptDelphi: Let’s Encrypt component for Delphi Tokyo 10.2.3
I have not added them to embarcaderomonitoring.wiert.me, as they are now on the Idera.com domain, so I will likely start a special monitoring page for those subdomains.
–jeroen
Posted in Delphi, Development, Power User, Security, Software Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 