Tag: security

Xi Jinping Thought: Implications for Chinese Trade and Relations

Astounded I am. I would have never thought that I would be studying Xi Jinping Thought 习近平思想 but here we are. This document was released on 2017 Oct 18 at the 19th Communist Party Congress (CPC), and is the roadmap China will use going forward. I usually do not read much Chinese propaganda, but this one seems to be repeatedly referenced, forcing me to come back and review this in greater detail, from the Chinese source through to translation. The implication of the first point, “Ensuring Party leadership over all work”, has strong implications for international trade, espionage and foreign relations.

Trump POTUS Smartphone Security Measures

I am sure that the US Secret Service has this covered, but to their consternation and chagrin Trump will not follow their orders. The problem with smartphone security is that it is onerous and difficult to follow. When Trump Phones Friends, the Chinese and the Russians Listen and Learn

Problem: China and Russia are eavesdropping on Trumps’s private calls. China specifically wants to know who influences Trumps so they can influence the influencers. This is standard practice for many countries and not just China.

Mapquest Gives Developers Free SDK, in Exchange for Customer Data

Here is a deal that all smartphone developers should ignore. You receive free access to a new Mapquest SDK for Android and IOS, in exchange for all your customer’s data. This is a complete breach of user privacy.

I am sure that users of a smartphone app will not give Mapquest and their a third party tool, complete access to their data. Would smartphone developers actually disclose that all your data will be sent to Mapquest?

We’re extremely excited to announce the launch of our new Mobile Navigation SDK for Android and iOS applications. Our Mobile Navigation SDK is available to you for free, if you agree to a mutual flow of data sharing.*

Debian 8 Jessie Linux and Enlightenment E17 on an Old Desktop

My search continues for possible Linux operating systems for an old desktop. I have successfully installed Puppy Linux Tahrpup 6.0.5 and it runs very well. I wondered if a fresh Debian 8 Jessie server install coupled with a lightweight desktop such as Enlightenment E17 would work. I was pleasantly surprised. It does.

My old desktop is circa 2003, so about 14 years old. I say circa because it originally came with Windows ME, of year 2000 vintage. The desktop is a Pentium 3 800 mhz, 500mb ram and some disk, partitioned for multiple Linux test distributions. It can boot up from a CD but not a USB. I want these Linux installs to be as small as possible, preferably below the 2G disk mark. I allocated 4G for the root partition.

Nikto Web Server Scan: View from the Access Log

Playing, I am, with the Nikto web server scanning package. I scanned my own site, just for fun. While it does take some time, it did finish. I wondered how it would look from my site’s raw access log viewpoint. In summary, Nikto is not stealthy at all. It is also easily detected and banned mid-scan, as it takes a long time to complete.

Essentially you start a Terminal, and type “nikto -h “. There are lots of options, such as output to a log. The Nikto output highlights web site vulnerabilities and cross references these with a database of known hacks. Using this tool you can highlight the site’s weaknesses and then strengthen your site from hackers.

Wifi Off, Android Phone App Head Soccer Still able to Connect to Internet

Suspicious, we were, that Little Weed was burning through our internet bandwidth quota very quickly. Even with wifi off, how could this happen? Some Android apps have the ability to turn on wifi by themselves and communicate.

Little Weed noticed that one of his apps, Head Soccer, updated without his knowledge, so he asked to take the phone off our wifi network. This app, Head Soccer, has following permissions:

Strange Host Names that I Cracked

These host names try hard to evade detection of their IP addresses, in order to scrape content and sometimes break into from web sites. They have specifically scraped mine and so I hunted them down and banished them. Often times the unix host command returns nothing, so research is required. This usually works.

Government Tracking of Private Citizens using Cell Phones

Call me suspicious, but it is simply too convenient for governments and large corporations to track private citizens. I feel that our rights and privacy are being violated, yet there is not much of a outrage amongst the public. It is very easy because so many of us love to carry around our very own tracking devices: personal cellular phones.

I am sure that we did not intend to give up our privacy, but that is the end result. Leave your cell phone on and your phone provider knows exactly where you are located. Leave your wifi on and roam between free networks. Turn on your wifi to receive the internet and some ISP will track you. it is that convenient.

Automobile Software: Unsecure and not upgradeable

As a renter I get to try out a lot of new cars. This is somewhat disconcerting at times because if the UI is not intuitive, this causes me grief. I fumble around, trying to find a requirement, using my experience with other cars as my guide. This is common to not only cars but to any other object as well. One of the fancy features that almost all new cars have is the onboard entertainment system. Most have bluetooth connectivity. The car also have a myriad of independent computers, ranging from IR door unlocking to backup cameras. As a technologist I always wonder if these systems are secure. In the back of my mind I know they are not.

Chubb Monitor Qx Security System Maintenance

Chubb Monitor Qx started warnings, the trouble LED always lit. The battery needed replacing.

Chubb Monitor Qx started warnings, the trouble LED always lit. The battery needed replacing.

Somethings in your house just keep working silently in the background. You eventually take them for granted, out of mind and out of sight. Such was my Chubb Monitor Qx security system, 452-4713, until the alarm started going off in the middle of the night, here in Toronto, Canada. It aurally called for attention. The trouble LED light remained lit, but with no station indicated. It turned out the battery was near dead. Once replaced it returned to its normal state of silence.