Language Selection

English French German Italian Portuguese Spanish

Security: Domain Name System, Department of Homeland Security, and Underclocking the ESP8266 Leads to WIFI Weirdness

Filed under
Security
  • A DNS hijacking wave is targeting companies at an almost unprecedented scale

    The attacks, which security firm FireEye said have been active since January 2017, use three different ways to manipulate the Domain Name System records that allow computers to find a company's computers on the Internet. By replacing the legitimate IP address for a domain such as example.com with a booby-trapped address, attackers can cause example.com to carry out a variety of malicious activities, including harvesting user’s login credentials. The techniques detected by FireEye are particularly effective, because they allow attackers to obtain valid TLS certificates that prevent browsers from detecting the hijacking.

  • Worries mount as cybersecurity agency struggles amid shutdown

    Former Department of Homeland Security (DHS) officials and lawmakers fear the shutdown, now in its 20th day, could have both short- and long-term effects, hurting the new Cybersecurity and Infrastructure Security Agency’s (CISA) efforts to get off the ground and potentially pushing existing talent out the door.

  • Underclocking the ESP8266 Leads to WIFI Weirdness

    Now it was time for another of those basic questions. What would happen if you did the same thing to a second ESP8266? Much to his surprise, [CNLohr] discovered that the two devices could still communicate successfully as long as their BBPLL clock speed was the same. From an outsider’s perspective it looked like gibberish, but to the two ESPs which had been slowed by the same amount, everything worked as expected even though the 802.11 standards say it shouldn’t.

    So what can you do with this? The most obvious application is a “stealth” WiFi connection between ESP8266s which wouldn’t show up to normal devices, a communications channel invisible to all but the most astute eavesdropper. [CNLohr] has made all the source code to pull this trick off public on GitHub, and it should be interesting to see what kind of applications (if any) hackers find for this standards-breaking behavior.

More in Tux Machines

Type Title Author Replies Last Postsort icon
Story today's leftovers Roy Schestowitz 01/10/2020 - 2:23am
Story Python Programming Roy Schestowitz 01/10/2020 - 2:17am
Story Purism/Librem, Librem Mini, and Librem 5 Updates Roy Schestowitz 01/10/2020 - 2:10am
Story today's howtos Roy Schestowitz 01/10/2020 - 2:07am
Story GNU/Linux in Hardware, Arduino for Amazon Surveillance Roy Schestowitz 01/10/2020 - 2:04am
Story IBM/Red Hat/Fedora Leftovers Roy Schestowitz 01/10/2020 - 1:56am
Story Audiocasts/Shows: Destination Linux, FLOSS Weekly, Full Circle Weekly, LINUX Unplugged, mintCast and More Roy Schestowitz 01/10/2020 - 1:52am
Story Debian: UBports, plocate, and developers' reports Roy Schestowitz 01/10/2020 - 1:44am
Story PCLinuxOS Review: This Classic Independent Linux Distribution is Definitely Worth a Look itsfoss 10 01/10/2020 - 1:33am
Story today's leftovers Roy Schestowitz 6 01/10/2020 - 1:18am