30 Oct 2017
So I decided I’d take a look at PureVPN quickly today, because they are a VPN provider who claim no logs but snitch on their users to the feds and frankly, its a Thursday and I am bored. Sure, they snitched on a dude who was probably a shit human being and all, but really, if you are a VPN provider and you lie about having a “No Logs” policy… You are going to get whats coming.
24 Oct 2016
Note: The following article is intended to be highly tongue-in-cheek as it points out the glaringly obvious. I do not condone following any of the hypothetical “instructions” outlined in the thought experiment provided. This information is already known to the crooks out there who are doing nasty things to our internet, so its not like writing about it is going to do anyone any harm… The views expressed here are probably my own (on Tuesdays, at least) and do not represent the views of my cat,...
26 Nov 2015
Today there was a critical vulnerability in various VPN providers disclosed by the Perfect Privacy VPN’s security team. This vulnerability can lead to “unmasking” or “decloaking” of VPN users under certain conditions, and after some analysis of how it works, I determined that this issue is of utmost importance to those who use VPN services to mask their bittorrent traffic from MAFIAA scum, as it can allow for ‘uncloaking’ of Bittorrent users quite readily.
12 Sep 2015
This is another lab report dug up from the archives of lab reports for the fun of it.
27 Jul 2015
This is a quick post, kind of a reposting of a thing I pastebinned about a year ago that has served me REALLY well in evading stupid paywalls in airports and the likes. Also in evading a ridiculous firewall at the Uni I sometimes attend.
15 Jul 2015
4 months ago…
I was examining using ‘ElasticSearch’ as a logging mechanism for recording and searching data from a network of honeypots I run. Well, a mixture of ElasticSearch and Kibana, for logging Kippo and suchlike, when I stumbled across a posting on the “Wooyun Drops” Chinese security research blog detailing a vulnerability in the (at the time current) version of ElasticSearch.
08 Jul 2015
This is a quick post to splainz the methodology behind how we were able to make fingerprints for the Hacking Team and Equation Group C&C infrastructure allowing remote identification of their servers, as shown in The Italian Job and Equation Smasher releases on Github.