Feel free to browse around and you'll have a pretty good idea of what this is about. I write about security, privacy, vulnerabilities and exploits, various programming languages and my projects. I might have written some stuff that's in my GitHub, but I'll never admit it anyway.

Hacker. Not Phineas Fisher. My other computer is your computer.

#Tor · #Ricochet · #Debian · #Infosec · #CubeSat · #OSdev · #Cyberpunk · #Cypherpunk

If you want to contact me, do it. I might answer. Probably. Or not.

 PGP  Key: 0xFAEA6AF5567BE45D
Fingerprint: 9AB8 10E5 AC82 1C12 53A3 D1D8 FAEA 6AF5 567B E45D

DNS servers

A public recursive name server (also called public DNS resolver) is a name server service that networked computers may use for query to DNS, the decentralized Internet naming system, in place of or in addition to name servers operated by the Internet service provider to which the devices are connected.

Below is a list of public DNS service operators.

Quad9

Quad9 is a not-for-profit public-benefit organization supported by IBM, Packet Clearing House (PCH), Global Cyber Alliance (GCA), and many other cybersecurity organizations for the purpose of operating a privacy-and-security-centric public DNS resolver. Its main differentiators from other DNS resolvers are that it does not record the queries users send to it, and that it automatically blocks domains known to be associated with malicious activity. Quad9 offers DNS over TLS service over port 853, DNS over HTTPS over port 443 and DNSCrypt service over port 443. - Wikipedia

Features

DNS over TLS
DNS over HTTPS
DNSCrypt

Compile a list of all Facebook-owned IPs

Sometimes you want to block all Facebook IPs for various reasons (1, 2, 3, 4, 5, 6, 7, 8). Sometimes you really really do want that (and you should do it), so compiling a list with all the IPs is easy (both IPv4 and IPv6):

$ whois -h whois.radb.net '!gAS32934' | tr ' ' '\n' | awk '!/[[]]/' > facebook-ips-ipv4.txt
$ whois -h whois.radb.net '!6AS32934' | tr ' ' '\n' | grep '::' > facebook-ips-ipv6.txt

And a list of Facebook-owned IPs will be saved into the facebook-ips-{ipv4/ipv6}.txt files, ready to be used.

Azure and Full Disk Encryption

Introduction

Here is a small tutorial on encrypting a Microsoft Azure virtual machine disk.

Preparing the Azure Virtual Machine

Enable the Azure Key Vault provider within your Azure subscription.

$ az provider register -n Microsoft.KeyVault

Create a resource group in your favorite location (keep in mind different locations enable different features, some VM sizes are not available in other locations).

The Starfish Parable

One day an old man was walking along the beach. It was low tide, and the sand was littered with thousands of stranded starfish that the water had carried in and then left behind.

The man began walking very carefully so as not to step on any of the beautiful creatures. Since the animals still seemed to be alive, he considered picking some of them up and putting them back in the water, where they could resume their lives.

The man knew the starfish would die if left on the beach’s dry sand but he reasoned that he could not possibly help them all, so he chose to do nothing and continued walking.

Total Meltdown - Windows 7

Did you hear about the newest bug in Windows 7, introduced by the Meltdown patches that Microsoft implemented? Accidentally leaving the Page-Map Level 4 (PML4) as user?

A simple user-space application that tried to read a kernel address should’ve crashed, how about this for a basic test, Microsoft?

#include <stdio.h>
  
int main() {
	volatile unsigned long *ptr = (volatile unsigned long *)0xFFFFF6FB7DBED000;
	printf("%lu\n", *ptr);
	return 0;
}

Compile with Cygwin and run. If it doesn’t crash, the new Windows 7 Meltdown bug is present.

The real question is, I guess, how do you accidentally make PML4 user. Oh, and if you’re wondering why this only affects Windows 7, it’s easy: parts of the memory management code were rewritten for Windows 10 so that the location of the page tables could be randomized.

Have fun.