Language Selection

English French German Italian Portuguese Spanish

Security: Kali Linux Forensics Tools, SSH Primer and “Yelp, but for MAGA” Mad About Holes

Filed under
Security
  • Kali Linux Forensics Tools

    Kali Linux is a powerful Operating system especially designed for Penetration Tester and Security Professionals. Most of its features and tools are made for security researchers and pentesters but it has a separate “Forensics” tab and a separate “Forensics” mode for Forensics Investigators.
    Forensics is becoming very important in Cyber Security to detect and backtrack Black Hat Criminals. It is essential to remove Hackers’ malicious backdoors/malwares and trace them back to avoid any possible future incidents. In Kali’s Forensics mode, Operating System doesn’t mount any partition from System’s hard drive and doesn’t leave any changes or fingerprints on host’s system.

    Kali Linux comes with pre-installed popular forensics applications and toolkits. Here we’ll review some famous open source tools present in Kali Linux.

  • What is SSH (Secure shell protocol)?

    SSH stands for Secure Shell which is a security protocol based on the application layer. We use the SSH to securely access the remote servers and Desktops to execute various commands. In short, we can control the complete system remotely, if we have login information and SSH server access. Because The Secure Shell (SSH) is a cryptographic network protocol designed to replace the Telnet and access the remote system even on the unsecured remote shell by encrypting data before sending.

  • Security Researcher Discovers Flaws In Yelp-For-MAGAs App, Developer Threatens To Report Him To The Deep State

    Even a cursory look at past stories we've done about how companies treat security researchers who point out the trash-state of their products would reveal that entirely too many people and companies seem to think shooting the messenger is the best response. I have never understood the impulse to take people who are essentially stress-testing your software for free, ultimately pointing out how the product could be safer than it is, and then threatening those people with legal action or law enforcement. But, then, much of the world makes little sense to me.

    Such as why a Yelp-for-MAGA people should ever be a thing. But it absolutely is a thing, with conservative news site 63red.com releasing a mobile app that is essentially a Yelp-clone, but with the twist that its chief purpose is to let other Trump supporters know how likely they are to be derided when visiting a restaurant. This is an understandable impulse, I suppose, given the nature of politics in 2019 America, though the need for an app seems like overkill. Regardless, the app was released and a security researcher found roughly all the security holes in it.

  • “Yelp, but for MAGA” turns red over security disclosure, threatens researcher

    But the safe space for 63red founder Scott Wallace was violated quickly when French security researcher Elliot Alderson discovered some fundamental security flaws in Safe's architecture—making it not so safe.

    Because the application is build in React Native, a JavaScript- and JSX-based scripting language that basically turns Web apps into "native" Apple iOS and Android applications, the entire architecture of the application is available to anyone who downloads and unpacks it. And in that code, Alderson discovered a few things: [...]

More in Tux Machines

today's leftovers

  • This Open Source Extension Displays Hidden Google Search Results
    Google receives tonnes of requests from copyright holders daily for removing infringing content. The company then analyzes the received requests and removes the content that violates copyright claims. The number of DMCA notices received by Google has increased manifold over time. As reported by TorrentFreak, content creators have asked Google to remove over four billion pirate links till date. Whenever Google removes links from its search results, it displays a notice at the bottom with the number of results removed from a search page. Google also provides links to the DMCA notices on LumenDatabase which led to the removal of links.
  • Mozilla Open Policy & Advocacy Blog: EU copyright reform: a missed opportunity
    We’ve been engaged in the discussions around the EU Copyright directive since the very beginning. During that time, we deployed various tools, campaigns, and policy assessments to highlight to European lawmakers the importance of an ambitious copyright reform that puts the interests of European internet users and creators at the centre of the process. Sadly, despite our best efforts – as well as the efforts of academics, creator and digital rights organisations, internet luminaries, and over five million citizens – our chances of reversing the EU’s march towards a bad legislative outcome diminished dramatically last September, after the draft law passed a crucial procedural milestone in the European Parliament. Over the last several months, we have worked hard to minimise the damage that these proposals would do to the internet in Europe and to Europeans’ rights. Although the draft law is still deeply flawed, we are grateful to those progressive lawmakers who worked with us to improve the text.
  • Mozilla’s Firefox Send File Sharing Service Now Available As Android App
    Mozilla recently introduced its file-sharing service, Firefox Send, which was initially available on the web. As promised previously, the service now has an Android app, currently available in the form of a beta. Firefox Send allows users to share files with other users, in a secure and end-to-end encrypted form.
  • Jelmer Vernooij: Breezy evolves
    Last month Martin, Vincent and I finally released version 3.0.0 of Breezy, a little over a year after we originally forked Bazaar. When we started working on Breezy, it was mostly as a way to keep Bazaar working going forward - in a world where Python 2 has mostly disappeared in favour of Python 3).
  •  

Linux Foundation and Servers Leftovers

  • How Open Source Is Accelerating NFV Transformation
    Red Hat is noted for making open source a culture and business model, not just a way of developing software, and its message of open source as the path to innovation resonates on many levels. In anticipation of the upcoming Open Networking Summit, we talked with Thomas Nadeau, Technical Director NFV at Red Hat, who gave a keynote address at last year’s event, to hear his thoughts regarding the role of open source in innovation for telecommunications service providers. One reason for open source’s broad acceptance in this industry, he said, was that some very successful projects have grown too large for any one company to manage, or single-handedly push their boundaries toward additional innovative breakthroughs.
  • Why The CDF Launch From Linux Foundation Is Important For The DevOps And Cloud Native Ecosystem
    Continuous Integration and Continuous Delivery (CI/CD) has become an essential building block of modern application lifecycle management. This technique allows business to increase the velocity of delivering software to users. Through CI/CD, what was once confined to large, web-scale companies became available to early-stage startups and enterprises.
  • Five layers of security for Red Hat Data Grid on OpenShift
    Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. With it, your applications can access, process, and analyze data at in-memory speed to deliver a superior user experience. In-memory Data Grid has a variety of use cases in today’s environment, such as fast data access for low-latency apps, storing objects (NoSQL) in a datastore, achieving linear scalability with data distribution/partitioning, and data high-availability across geographies, among many others. With containers getting more attention, the need to have Data Grid running on a container platform like OpenShift is clear, and we are seeing more and more customers aligning their architecture with a datastore running natively on a container platform. In this article, I will talk about multiple layers of security available while deploying Data Grid on OpenShift. The layers of security offer a combination of security measures provided by Data Grid as well as by OpenShift/Kubernetes.
  • Rebooting UUCP to redecentralize the net
    UUCP (Unix-to-Unix Copy Protocol) is a venerable, non-hierarchical networking protocol that was used as transport for early email and Usenet message boards; its intrinsic decentralization and its cooperative nature (UUCP hosts store and forward messages for one another) make it a kind of symbol of the early, decentralized robustness that characterized the early net and inspired so much optimism about a fundamentally distributed arrangement of peers rising up to replace the top-down phone companies and other centralized systems. As part of the decentralized web movement, UUCP has been rebooted by Dataforge, a Fort Worth, Texas-based "hybrid shell provider/tilde server" whose proprietor Wesley "praetor" Banderia uses his decades of Unix systems administration to keep the system running on a cluster of lovingly maintained vintage SGI machines with a Google Cloud VPS for backup.

5 Julia-Specific IDEs Developers Should Know

If you already are a Julia programmer or developer, you would be interested to know what are the top IDEs one can use. Julia is easier to work with when you make use of an IDE such as Juno which is an excellent IDE. For developers who wish to create complex applications, IDEs can be very helpful but it must be noted that there is no such specific feasible IDE for this language and one must choose their IDE according to their comfort level as well as accessibility to that language. In this article, we list down 5 Julia-specific IDEs along with some prominent alternative IDEs. Read more Also: Release of GooCalendar 0.5

Android Leftovers