Language Selection

English French German Italian Portuguese Spanish

Security: Domain Name System, Department of Homeland Security, and Underclocking the ESP8266 Leads to WIFI Weirdness

Filed under
Security
  • A DNS hijacking wave is targeting companies at an almost unprecedented scale

    The attacks, which security firm FireEye said have been active since January 2017, use three different ways to manipulate the Domain Name System records that allow computers to find a company's computers on the Internet. By replacing the legitimate IP address for a domain such as example.com with a booby-trapped address, attackers can cause example.com to carry out a variety of malicious activities, including harvesting user’s login credentials. The techniques detected by FireEye are particularly effective, because they allow attackers to obtain valid TLS certificates that prevent browsers from detecting the hijacking.

  • Worries mount as cybersecurity agency struggles amid shutdown

    Former Department of Homeland Security (DHS) officials and lawmakers fear the shutdown, now in its 20th day, could have both short- and long-term effects, hurting the new Cybersecurity and Infrastructure Security Agency’s (CISA) efforts to get off the ground and potentially pushing existing talent out the door.

  • Underclocking the ESP8266 Leads to WIFI Weirdness

    Now it was time for another of those basic questions. What would happen if you did the same thing to a second ESP8266? Much to his surprise, [CNLohr] discovered that the two devices could still communicate successfully as long as their BBPLL clock speed was the same. From an outsider’s perspective it looked like gibberish, but to the two ESPs which had been slowed by the same amount, everything worked as expected even though the 802.11 standards say it shouldn’t.

    So what can you do with this? The most obvious application is a “stealth” WiFi connection between ESP8266s which wouldn’t show up to normal devices, a communications channel invisible to all but the most astute eavesdropper. [CNLohr] has made all the source code to pull this trick off public on GitHub, and it should be interesting to see what kind of applications (if any) hackers find for this standards-breaking behavior.

More in Tux Machines

Best Free and Open Source Terminal Session Recording

The vast majority of computer users depend on a graphical user interface, and fear the command line. However, the command line holds significant power and versatility. Commands issued from a shell offer system administrators a quick and easy way to update, configure and repair a system. The benefits of the command line are not only confined to system administration. The ability to transverse the file system quickly, give more information about files and directories, automate tasks, bring together the power of multiple console tools in a single command line, and run shell scripts are just a few examples of how the command line can offer a potent, multifarious toolbox. Read more

Geniatech XPI 3128 RK3128 SBC is Equipped with an NXP WIFi 5 Module

Geniatech XPI family of single board computers was first introduced in 2018 with the launch of the XPI-S905X development board following many of Raspberry Pi 3 Model B features and form factor. The company has now added another board to the family with XPI 3128 single board computer powered by a Rockchip RK3128 quad-core Cortex-A7 processor coupled with up to 2 GB RAM and 64 GB flash, as well as an NXP WiFi 5 and Bluetooth 4.2 module. Read more

Keep Tabs on Your To-Do Lists With This GNOME Extension

Task Widget is an open source GNOME extension that shows your to-do list embedded in the GNOME message tray (also known as the calendar or notification shade). This widget area displays your pending to-do items, and lets you check off tasks as you complete them. Task Widget is is able to integrate “…with GNOME Online Accounts and a number of GNOME applications, such as Evolution and To Do” but it is is not, by design, intended to replace any of those apps or services. Or to put it another way: it’s not a standalone task manager or to-do app. You can’t, for example, add a task from the widget area, or edit one either. You can only mark a task as done (or unmark it as done). Read more

Monitoring Tux Machines With Apachetop, Nmon and Htop

Monitoring Tux Machines

Summary: A little glimpse at how we monitor this site for DDOS attacks and general performance, especially now that DDOS attacks have already become pervasive and routine (Apachetop helps identity attack patterns and visual, colourful alerts are triggered in Nmon and Htop)