Language Selection

English French German Italian Portuguese Spanish

Security: Domain Name System, Department of Homeland Security, and Underclocking the ESP8266 Leads to WIFI Weirdness

Filed under
Security
  • A DNS hijacking wave is targeting companies at an almost unprecedented scale

    The attacks, which security firm FireEye said have been active since January 2017, use three different ways to manipulate the Domain Name System records that allow computers to find a company's computers on the Internet. By replacing the legitimate IP address for a domain such as example.com with a booby-trapped address, attackers can cause example.com to carry out a variety of malicious activities, including harvesting user’s login credentials. The techniques detected by FireEye are particularly effective, because they allow attackers to obtain valid TLS certificates that prevent browsers from detecting the hijacking.

  • Worries mount as cybersecurity agency struggles amid shutdown

    Former Department of Homeland Security (DHS) officials and lawmakers fear the shutdown, now in its 20th day, could have both short- and long-term effects, hurting the new Cybersecurity and Infrastructure Security Agency’s (CISA) efforts to get off the ground and potentially pushing existing talent out the door.

  • Underclocking the ESP8266 Leads to WIFI Weirdness

    Now it was time for another of those basic questions. What would happen if you did the same thing to a second ESP8266? Much to his surprise, [CNLohr] discovered that the two devices could still communicate successfully as long as their BBPLL clock speed was the same. From an outsider’s perspective it looked like gibberish, but to the two ESPs which had been slowed by the same amount, everything worked as expected even though the 802.11 standards say it shouldn’t.

    So what can you do with this? The most obvious application is a “stealth” WiFi connection between ESP8266s which wouldn’t show up to normal devices, a communications channel invisible to all but the most astute eavesdropper. [CNLohr] has made all the source code to pull this trick off public on GitHub, and it should be interesting to see what kind of applications (if any) hackers find for this standards-breaking behavior.

More in Tux Machines

Programming: C++, Python and In-house OpenJDK Implementation of Alibaba

  • Next C++ workshop: Pointers and Linked Lists, 28 March at 19:00 UTC
    Another workshop is coming up! Improve your C++ skills with the help of LibreOffice developers: we’re running regular workshops which focus on a specific topic, and are accompanied by a real-time IRC meeting. For the next one, the topics are Pointers and Linked Lists. Start by watching this presentation:
  • Python programming language: Pyboard D-series arrives for MicroPython robots
    The new Pyboard D-series micro-controller is now available for purchase at a rather hefty price of £43 ($56), offering developers a low-powered device for running programs created with MicroPython, a stripped-back version of the hugely popular Python 3 programming language.
  • Commenting Python Code
    Programming reflects your way of thinking in order to describe the single steps that you took to solve a problem using a computer. Commenting your code helps explain your thought process, and helps you and others to understand later on the intention of your code. This allows you to more easily find errors, to fix them, to improve the code later on, and to reuse it in other applications as well. Commenting is important to all kinds of projects, no matter whether they are - small, medium, or rather large. It is an essential part of your workflow, and is seen as good practice for developers. Without comments, things can get confusing, real fast. In this article we will explain the various methods of commenting Python supports, and how it can be used to automatically create documentation for your code using the so-called module-level docstrings.
  • Documenting Python Projects With Sphinx and Read The Docs
  • Django Migrations 101
  • PyCoder’s Weekly: Issue #361 (March 26, 2019)
  • MongoDB connections
  • Alibaba Dragonwell8 : The In-house OpenJDK Implementation At Alibaba
    Alibaba requires no introduction. It is one of the popular and largest multinational conglomerate founded by Jack Ma, a business magnate and philanthropist from China. It is also world’s fifth-largest internet company by revenue. It specializes in various sectors such as e-commerce, retail, Internet and technology. Alibaba team has provided significant contribution to open source projects. One such project is OpenJDK. The development team at Alibaba has developed many Java-based applications over the years. They have adopted OpenJDK and created their own JDK named “Alibaba Dragonwell8”. It is the downstream version of OpenJDK and completely open source. Alibaba Dragonwell is optimized for developing e-commerce, financial, logistics applications which are running on their 100k+ servers. It is certified as compatible with the Java SE standard. It is currently supports Linux/x86_64 platform only. Let us hope they will extend the support to Unix and other platforms soon. In this guide, we will see how to install Alibaba Dragonwell8 in Linux. I have tested this guide on Ubuntu 18.04 LTS server. However, it should work on other Linux distributions as well.

4MLinux 29.0 BETA released.

4MLinux 29.0 BETA is ready for testing. Basically, at this stage of development, 4MLinux BETA has the same features as 4MLinux STABLE, but it provides a huge number of updated packages. Read more

Why We Need Our Nonprofits

SPARC was at best a relatively small success. But RISC did succeed, massively, with ARM (which stands for Advanced RISC Machine). ARM started as the Acorn RISC Machine in 1983. Today, most of the world's mobile devices run ARM chips. I don't know how well the CHIPS Alliance will do, but I do know that only an entity big and experienced enough to pull giant competing companies together can do it. For Linux, that's the Linux Foundation. I'm glad we have it. I'm also glad we have the Software Freedom Conservancy. Times are getting tough for FLOSS, and we need all the help we can get. Read more

See GNOME 3.32 on Ubuntu 19.04 Beta

Although the 19.04 is still not officially released this March, but even today we can download the development version and run it (LiveCD) on our computer. We find that it includes the 3.32, the latest version of GNOME desktop environment. I want to highlight some interesting aspects of it on Ubuntu as we saw it on Fedora Rawhide few days ago. I suggest you to download the 19.04 daily-live ISO and quickly test it, I believe you can feel the performance improvements especially how quick it's now to open the start menu and it's now even quicker to search files on Nautilus. Here we go. Happy testing! Read more