Guerrilla guide to CNC machining, mold making, and resin casting

Posted on January 1, 2016 by mea

Home manufacturing tutorial for robot builders, model makers, and other hobbyists

Source: Guerrilla guide to CNC machining, mold making, and resin casting

What’s the best way to check if a volume is mounted in a Bash script?

Posted on December 25, 2015 by mea

What’s the best way to check if a volume is mounted in a Bash script? What I’d really like is a method that I can use like this: if <something is mounted at /mnt/foo> then <Do some

Source: What’s the best way to check if a volume is mounted in a Bash script?

Avoid using /etc/mtab because it may be inconsistent.

Avoid piping mount because it needn’t be that complicated.

Simply:
if grep -qs '/mnt/foo' /proc/mounts; then
    echo "It's mounted."
else
    echo "It's not mounted."
fi

On the Juniper backdoor

Posted on December 23, 2015 by mea

To sum up, some hacker or group of hackers noticed an existing backdoor in the Juniper software, which may have been intentional or unintentional — you be the judge! They then piggybacked on top of it to build a backdoor of their own, something they were able to do because all of the hard work had already been done for them. The end result was a period in which someone — maybe a foreign government — was able to decrypt Juniper traffic in the U.S. and around the world.

And all because Juniper had already paved the road.

Source: A Few Thoughts on Cryptographic Engineering: On the Juniper backdoor

One of the most serious concerns we raise during these meetings is the possibility that encryption backdoors could be subverted. Specifically, that a backdoor intended for law enforcement could somehow become a backdoor for people who we don’t trust to read our messages. Normally when we talk about this, we’re concerned about failures in storage of things like escrow keys. What this Juniper vulnerability illustrates is that the danger is much broader and more serious than that.

SpaceX Falcon 9 Returns to Flight, Sticks Landing at Cape Canaveral

Posted on December 22, 2015 by mea

Employees at SpaceX’s Hawthorne, California headquarters cheered emphatically as a bright orange speck blazed into view on video screens tracking the landing. Just before touchdown, the first stage deployed its landing legs and came into view against the darkened Cape Canaveral sky. The rocket settled onto the landing pad and the single center engine shut down, marking a giant leap forward in SpaceX’s quest for reusable rocketry.

Source: SpaceX Falcon 9 Returns to Flight, Sticks Landing at Cape Canaveral

Lessons from the PC video game industry

Posted on December 22, 2015 by mea

What the PC game industry figured out is that in a world of abundant media, users have endless choices; instead of fighting for scarcity, fight for attention. Maximize user engagement and money will — with enough experiments — inevitably follow.

Source: Lessons from the PC video game industry — Medium

“Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

Posted on December 18, 2015 by mea

As involved as that process was, getting unauthorized code covertly installed into an official operating system and keeping it there for years would appear to be an even more complicated—and brazen—undertaking. This 2013 article published by Der Spiegel reported that an NSA operation known as FEEDTHROUGH worked against Juniper firewalls and gave the agency persistent backdoor access.

Source: “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic | Ars Technica

Brazil court orders WhatsApp messaging to be suspended

Posted on December 17, 2015 by mea

The move against WhatsApp comes as Brazilian phone companies have urged the government to restrict the use of free voice-over-internet services offered through WhatsApp.

The phone companies argue that the rise of WhatsApp has damaged their businesses.

Source: Brazil court orders WhatsApp messaging to be suspended – BBC News

Philips Hue Excludes 3rd Party Bulbs With Firmware Update

Posted on December 14, 2015 by mea

Philips just released firmware for the Philips Hue bridge that may permanently sever access to any “non-approved” ZigBee bulbs. We previously covered third party support in January 2015, when Philips indicated it was not blocked – and have since benefited.

Source: Philips Hue Excludes 3rd Party Bulbs With Firmware Update

Sometimes it’s better never to upgrade firmware. Don’t fix what isn’t broke. As a general rule firmware should never need upgrading.

NASA, Google reveal quantum computing leap

Posted on December 13, 2015 by mea

Quantum computers rely on fundamentally different principles to today’s computers, in which each bit represents either a zero or a one. In quantum computing, each bit can be both a zero and a one simultaneously. So while three conventional bits can represent any of eight values (2^3), three qubits, as they’re called, can represent all eight values at once. That means calculations can theoretically be performed at much higher speeds.

Source: NASA, Google reveal quantum computing leap | CIO

AVG, McAfee, Kaspersky Fix Common Vulnerability in Their Antivirus Products

Posted on December 10, 2015 by mea

The security bug relates to the fact that the AVG antivirus creates a memory space with full RWX (read-write-execute) privileges where it normally runs. For that particular version of the AVG antivirus, this memory space was not randomized and was often shared with other applications, like, for example, Acrobat Reader or the enSilo product that collided with the antivirus.

If an attacker knew about the antivirus’ predictable behavior and where this address space was, they could force their malicious code to execute inside that memory address and have the same privileges as the antivirus process (which is system-level).

Source: AVG, McAfee, Kaspersky Fix Common Vulnerability in Their Antivirus Products

Bucktown Bell

Cut to the chase.

Author Archives: mea