Category Archive: security

Mar 18 2017

pwned

I recently received a spam email to one of my email addresses. In itself this is annoying, but not particularly interesting or that unusual (despite my efforts to avoid such nuisances). What was unusual was the form of the address because it contained a username I have not used in a long time, and only …

Continue reading »

Permanent link to this article: http://baldric.net/2017/03/18/pwned/

Oct 22 2016

NFC? NFW

As is our custom on a Saturday, this morning my wife and I went out to a local cafe for breakfast. We know the proprietress so I was chatting to her whilst paying for the meal. Part way through the chat, the cafe proprietress tore off the receipt from the POS terminal and removed my …

Continue reading »

Permanent link to this article: http://baldric.net/2016/10/22/nfc-nfw/

Mar 30 2016

jibber jabber

For some time mow I have been increasingly fed up with the poor service offered by SMS on my mobile phone. I’m not a hugely prolific sender of text messages, and those I do send are primarily aimed at my wife and kids, but when I do send them, I expect them to get there, …

Continue reading »

Permanent link to this article: http://baldric.net/2016/03/30/jibber-jabber/

Jan 07 2016

idiotic

Today’s Register has an article about the UK Internet Service Providers Association written evidence to the Parliamentary Joint Committee on the Draft Investigatory Powers Bill. I don’t wish to comment on that evidence here, Adrian Kennard has already provided much useful comment on the failings of the Draft Bill. My purpose in this post to …

Continue reading »

Permanent link to this article: http://baldric.net/2016/01/07/idiotic/

Dec 24 2015

merry christmas 2015

santa with laptop

It’s trivia’s birthday again (9 years old today!), so I just have to post to wish my readers (both of you, you know who you are….) a Merry Christmas and a happy New Year. Much has happened over the last year or so which has distracted me from blogging (life gets in the way sometimes) …

Continue reading »

Permanent link to this article: http://baldric.net/2015/12/24/merry-christmas-2015/

Dec 08 2015

knees and other jerks

On sunday, the motherboard intially reported that, in the wake of the Paris atrocities of November 13th, the French Government was proposing to ban Tor and free WiFi. As it turns out, this is not strictly accurate. The report was later corrected – thus: Correction: The initial headline and copy of this article suggested that …

Continue reading »

Permanent link to this article: http://baldric.net/2015/12/08/knees-and-other-jerks/

Nov 23 2015

christmas present

Like most people in the UK at this time of the year I’ve been doing some on-line shopping lately. Consequently I’m waiting for several deliveries. Some delivery companies (DHL are a good example) actually allow you to track your parcels on-line. In order to do this they usually send out text or email messages giving …

Continue reading »

Permanent link to this article: http://baldric.net/2015/11/23/christmas-present/

Oct 29 2015

lancashire police fail

This is simply depressing. Today I received a classic phishing attack email – the sort I normally bin without thought. According to virustotal, the attachment, which purported to be an MS Word document called “Invoice 7500005791.doc”, was a copy of W97M/Downloader, a word macro trojan which Symantec says is a downloader for additional malware. So …

Continue reading »

Permanent link to this article: http://baldric.net/2015/10/29/lancashire-police-fail/

Jun 02 2015

de-encrypting trivia

Well, that didn’t last long. When I decided to force SSL as the default connection to trivia I had forgotten that it is syndicated via RSS on sites like planet alug. And of course as Brett Parker helpfully pointed out to me, self-signed certificates don’t always go down too well with RSS readers. He also …

Continue reading »

Permanent link to this article: http://baldric.net/2015/06/02/de-encrypting-trivia/

Jun 01 2015

encrypting trivia

In my post of 8 May I said it was now time to encrypt much, much more of my everyday activity. One big, and obvious, hole in this policy decision was the fact that the public face of this blog itself has remained unencrypted since I first created it way back in 2006. Back in …

Continue reading »

Permanent link to this article: http://baldric.net/2015/06/01/encrypting-trivia/

Nov 27 2014

independent hit

On trying to reach the website of the Independent newspaper today (the Grauniad is trying my patience of late), I received the following response: Closing the popup takes you to this page: I haven’t checked whether this is simply a DNS redirect or an actual compromise of the Indy site, but however the graffiti was …

Continue reading »

Permanent link to this article: http://baldric.net/2014/11/27/independent-hit/

Sep 26 2014

CVE-2014-6271 bash vulnerability

Guess what I found in trivia’s logs this morning? 89.207.135.125 – – [25/Sep/2014:10:48:13 +0100] “GET /cgi-sys/defaultwebpage.cgi HTTP/1.0” 404 345 “-” “() { :;}; /bin/ping -c 1 198.101.206.138” I’ll bet a lot of cgi scripts are being poked at the moment. Check your logs guys. A simple grep “:;}” access.log will tell you all you need …

Continue reading »

Permanent link to this article: http://baldric.net/2014/09/26/cve-2014-6271-bash-vulnerability/

Older posts «