Thursday, September 11, 2014

Tuesday, August 12, 2014

Nerd News: LastPass Back Up

LastPass has been down for a while, but according to LastPass and other reports it should be back up, though there may still be some issues.

Sounds like they only use 2 datacenters, or maybe even only single primary one with a "backup".
"Update: 1:28 pm EST

Though one of our data centers remains completely down, the service is generally stable and should be available to the majority of users (with the exception of login favicons). Some users may see connection errors but should still be able to access their data. We continue to work as quickly as possible to get the service back to 100%. "
       Source http://blog.lastpass.com/


"Aug 12, 2014 - One of LastPass' datacenters has been down since 3:57am EDT. The service is now running fully off one Herndon VA datacenter and we have been engaged with our provider all morning. Currently favicons/sprites are impacted. We are doing what we can to minimize the impact and apologize for the inconvenience. "

       Source https://lastpass.com/status.php


Also http://www.isitdownrightnow.com/lastpass.com.html 

For LastPass users that want an offline solution to prevent this type of problem in future consider LastPass Pocket

This is LastPass link specifically about offline access https://helpdesk.lastpass.com/password-manager-basics/your-lastpass-vault/offline-access-to-your-lastpass-vault/ 


Monday, August 11, 2014

Def Con 21: "Pentesting with an Army of Low-power Low-cost Devices"





Couldn't go to Def Con 22, waiting for vods to come out, so started watching some of the Def Con 21 Youtubes in the meanwhile.

I like this one about Pen Testing with cheap Arm devices by Dr. Philip Polstra aka Dr. Phil the Hacker his Twitter is ppolstra | https://twitter.com/ppolstra.

He uses the BeagleBoard Black as the starting point for his hardware.

Some useful links:
For new readers of my blog, I have labels at bottom left of every post & selected labels at left side of the blog to help find related posts.

These labels can be booked marked so you can just check topics your interested in, so for more posts like this you could click on:

Security & Hacking: The Matasano Crypto Challenges

Really cool the Matasano Crypto Challenges is "a collection of 48 exercises that demonstrate attacks on real-world crypto."

It's designed to teach real Crypto attacks by doing, great for improving the security of code you write, or to get an idea of what Pen Testing or malicious hacking involves.

Very good review, worth reading in it's own right here https://blog.pinboard.in/2013/04/the_matasano_crypto_challenges/

Note in the Pinboard review the original link for Matasano Crypto Challenges  didn't update for server move, current working link (I have correct link at top of this blog post of mine as well) is http://web.archive.org/web/20140213141638/http://www.matasano.com/articles/crypto-challenges/

Wednesday, June 11, 2014

Hope? Federal Appeals Court ruled Police need Warrant for cell phone location history


"For the first time, a federal appeals court has ruled that law enforcement must obtain a warrant to get people’s phone location histories from their cell service companies."
Source & full article at https://www.aclu.org/technology-and-liberty/first-time-appeals-court-rules-warrant-required-cell-phone-location-tracking

PDF of the ruling itself at https://www.aclu.org/sites/default/files/assets/q_davis_opinion_0.pdf

A little hope, my understanding is that this ruling would only apply to jurisdiction of the court that made the ruling, and I suspect governments (local/state/federal?) will appeal.


Security & Hacking: Windows Patch Tuesday Reminder

In case you forgot, yesterday was patch Tuesday for Windows.

Some critical fixes in this patch, for quick details on Patch Tuesdays I always recommend Brian Krebs posts http://krebsonsecurity.com/2014/06/adobe-microsoft-push-critical-security-fixes-4/

Excellent match from SPL2014: Maru vs effOrt



Jinair vs CJ series, Maru vs effOrt match.

Great game, I really liked seeing a Zerg that uses Overlords more effectively than typical Zerg.

Don't want to spoil it, so no more comments for now.