Encrypted files purportedly containing source code of Microsoft Windows, Cisco, FireEye and SolarWinds products were published on a new site today. I’ll keep updating this post as more information is uncovered, if you want to tell me anything about this subject please email me .

The site

The message was posted on the solarleaks.net website with a mirror on the Tor network, use the Tor Browser for it.

• website: solarleaks[.]net
• tor onion: 5bpasg2kotxllmzsv6swwydbojnfuvfb7d6363pwe5wrzhjyn2ptvdqd[.]onion

What we know so far

The message has been signed with the RSA key with the fingerprint 24516C2E1CC7890832771178E2C73BC53B9118A0. Keep in mind that this is the fingerprint of the key the message claims to have been signed with, but there is no actual verification happening. There is currently no key on any keyserver with that fingerprint.

$ gpg --verify solarleaks.net.asc
gpg: Signature made Tue Jan 12 16:02:51 2021 GMT
gpg:                using RSA key 24516C2E1CC7890832771178E2C73BC53B9118A0
gpg: Can't check signature: No public key

The domain was registered with njal.la , a service started by Peter Sunde, founder of The Pirate Bay.

Some site changes implemented in the last part of 2020 and the beginning of 2021:

• Modified the theme design, reimplemented the post meta boxes, cleaned up the CSS a bit, replaced most of the PNG images with SVG ones.
• Implemented so.cl, the social part of this website. For now it’s a combination of bash scripts, python scripts and thirt-party tools that allow me to add a new so.cl post; it works but there is room for improvement.
• Added a /random/ page that redirects the visitor to a random page of this website. Considering the site is static it was pretty easy to implement (spoiler, I already have a list of the pages exposed for the search function).
• Cleaned up the /statistics/ page, added a part where you can see some personal horcruxed data plotted over a chart. It may or may not be useful. Might be fake data.
• Added a page where I keep my passwords in cleartext.

First they banned those they deemed to have wrong think from “social media”, crying build your own social media, it is a private company after all, they can choose their users.

And they did, but the totalitarians were no satisfied, so then they banned them from app stores users used to connect and find the new service, crying build your own service it is a private company after all, they can choose their users.

And they did, but the totalitarian were not satisfied so they banned them from the network infrastructure that used to connect them to the service, crying build your own network infrastructure it is a private company after all, they can choose their users.

This post is the first part in a series that will walk you through connecting several sensors to an Arduino microcontroller board. Of course you could buy a weather shield that has all the sensors included, but where is the fun in doing that? In addition to that, I already had some components laying around just taking up space so why not put them to good use.

Components

• 1x Arduino Mega 2560.
• 1x Sparkfun TSL2561 luminosity sensor breakout board.
• 1x TMP36 temperature sensor.
• 1x Breadboard
• ~10x jumper wires, M/M and F/F (if the M/M ones are too short).
• 1x USB cable A-male to B-male for powering up the Arduino and connecting to it.

Sometimes you want/need to sign a jar Java archive file with a self-signed key.

To generate the key you will use keytool:

$ keytool -genkey \
	-keyalg <ALGORITHM> \
	-alias <ALIAS> \
	-keystore <KEYSTORE> \
	-validity <VALIDITY>

To sign the already-existing jar with the newly-generated key you will use jarsigner:

$ jarsigner <JARNAME>.jar -keystore <KEYSTORE> <ALIAS>