Tag Archives: GSM

Top 10 Most Pirated Movies of The Week on BitTorrent – 01/08/18

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-010818/

This week we have two newcomers in our chart.

Blade Runner 2049 is the most downloaded movie again.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (1) Blade Runner 2049 8.9 / trailer
2 (10) Coco (HDTS/DVDscr) 8.9 / trailer
3 (2) Justice League 7.1 / trailer
4 (…) Jumanji: Welcome to the Jungle 7.3 / trailer
5 (3) Bright 6.7 / trailer
6 (8) The Foreigner 7.2 / trailer
7 (5) Dunkirk 8.3 / trailer
8 (9) It 7.6 / trailer
9 (…) Renegades 5.5 / trailer
10 (6) Kingsman: The Golden Circle 7.2 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Top 10 Most Pirated Movies of The Week on BitTorrent – 01/01/18

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-010118/

This week we have two newcomers in our chart.

Blade Runner 2049 is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (7) Blade Runner 2049 8.9 / trailer
2 (1) Justice League 7.1 / trailer
3 (4) Bright 6.7 / trailer
4 (…) Brawl in Cell Block 99 7.2 / trailer
5 (5) Dunkirk 8.3 / trailer
6 (3) Kingsman: The Golden Circle 7.2 / trailer
7 (…) Lady Bird (DVDscr) 8.2 / trailer
8 (10) The Foreigner 7.2 / trailer
9 (2) It 7.6 / trailer
10 (8) Coco (HDTS) 8.9 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

This Was 2017 in ‘Pirate’ Searches

Post Syndicated from Ernesto original https://torrentfreak.com/this-was-2017-in-pirate-searches-171229/

Lists, list, lists, it’s that time of the year again. In December many prominent search engines publish their overviews of most used search terms.

On Google, Hurricane Irma was the most searched for term of the year, globally. With “It” and “Stranger Things” ending up as the most sought after movie and TV show respectively.

But what’s happening on torrent search engines? With billions of searches every year, it’s worth taking a look at the most-entered keywords on the dominant file-sharing network.

With data from one of the most visited torrent indexes, we compiled a list of 50 popular terms, to give an indication.

2017’s number one query is “Game of Thrones,” which was entered in several variations, often paired with the episode number. While it’s no surprise, considering the show’s popularity, as a TV-show it’s somewhat of an outlier.

The top 50 is mostly made up of movie titles. “Spider Man: Homecoming” ended up in the second spot, followed by “Baby Driver” and “War for the Planet of the Apes.”

The only non-title entry in the top ten is “Telugu 2017,” which shows how popular BitTorrent is in India. On most torrent sites nowadays, a large chunk of all visitors come from the Asian country.

Torrent sites are predominantly used to download video, which is evident from the list. There are no references to music at all, and “CracksNow” appears to be the only software related search.

Below is the full list of the Top 50 most-entered search queries based on a data sample provided by one of the most popular torrent sites on the Internet. Searches pointing to the same title have been combined.


Note that searches are not the same as download activity. The former are, in theory, easier to manipulate by outsiders.

What Pirates Searched for in 2017

rank search
1. Game of Thrones
2. Spider Man Homecoming
3. Baby Driver
4. War for the Planet of the Apes
5. Star Trek Discovery
6. Telugu 2017
7. Transformers the last knight
8. Pirates of the Caribbean Dead Men Tell No Tales
9. Thor Ragnarok
10 Alien Covenant
11. Wonder Woman
12. The Mummy
13. Atomic Blonde
14. Malayalam 2017
15. Riverdale
16. Kingsman The Golden Circle
17. Designated Survivor
18. 2017 Movies
19. Half Girlfriend
20. Dunkirk
21. The Fate of the Furious
22. The Orville
23. Baywatch
24. Blade Runner 2049
25. Tigole
26. Golmaal again
27. Valerian and the City of a Thousand Planets
28. Midnight Texas
29. King Arthur Legend of the Sword
30. Tamil 2017
31. Justice League
32. Tubelight
33. Annabelle Creation
34. Geostorm
35. The Handmaids Tale
36. Young Sheldon
37. Toilet Ek Prem Katha
38. Logan lucky
39. 13 reasons why
40. Baadshaho
41. Jagga Jasoos
42. CracksNow
43. Dangal
44. The Lost City of Z
45. Suits
46. Power Rangers
47. The Big Bang Theory
48. The Hitman’s Bodyguard
49 Secret Superstar
50. Jab Harry Met Sejal

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Top 10 Most Pirated Movies of The Week on BitTorrent – 12/25/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-122517/

This week we have four newcomers in our chart.

Justice League is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (…) Justice League 7.1 / trailer
2 (…) It 7.6 / trailer
3 (1) Kingsman: The Golden Circle 7.2 / trailer
4 (…) Bright 6.7 / trailer
5 (2) Dunkirk 8.3 / trailer
6 (3) The Mountain Between Us 6.3 / trailer
7 (…) Blade Runner 2049 (Russian audio WebRip) 8.9 / trailer
8 (8) Coco (HDTS) 8.9 / trailer
9 (5) Flatliners 5.0 / trailer
10 (4) The Foreigner 7.2 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Top 10 Most Pirated Movies of The Week on BitTorrent – 12/18/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-121817/

This week we have three newcomers in our chart.

Kingsman: The Golden Circle is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (2) Kingsman: The Golden Circle 7.2 / trailer
2 (1) Dunkirk 8.3 / trailer
3 (…) The Mountain Between Us 6.3 / trailer
4 (4) The Foreigner 7.2 / trailer
5 (…) Flatliners 5.0 / trailer
6 (6) American Made 7.2 / trailer
7 (3) Mother! 7.0 / trailer
8 (9) Coco (HDTS) 8.9 / trailer
9 (…) What Happened to Monday 6.9 / trailer
10 (10) Thor Ragnarok (HDTS/Cam) 8.2 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Top 10 Most Pirated Movies of The Week on BitTorrent – 12/11/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-121117/

This week we have four newcomers in our chart.

Dunkirk is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (…) Dunkirk 8.3 / trailer
2 (1) Kingsman: The Golden Circle 7.2 / trailer
3 (…) Mother! 7.0 / trailer
4 (2) The Foreigner 7.2 / trailer
5 (3) American Assassin 6.3 / trailer
6 (…) American Made 7.2 / trailer
7 (5) Valerian and the City of a Thousand Planets 6.7 / trailer
8 (7) Justice League (HDTS) 7.2 / trailer
9 (…) Coco (HDTS) 8.9 / trailer
10 (9) Thor Ragnarok (HDTS/Cam) 8.2 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Top 10 Most Pirated Movies of The Week on BitTorrent – 12/03/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-120317/

This week we have three newcomers in our chart.

Kingsman: The Golden Circle is the most downloaded movie again.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (1) Kingsman: The Golden Circle 7.2 / trailer
2 (…) The Foreigner 7.2 / trailer
3 (2) American Assassin 6.3 / trailer
4 (…) Detroit 7.5 / trailer
5 (3) Valerian and the City of a Thousand Planets 6.7 / trailer
6 (4) Geostorm (Subbed HDRip) 5.5 / trailer
7 (…) Justice League (HDTS) 7.2 / trailer
8 (5) Logan Lucky 7.2 / trailer
9 (9) Thor Ragnarok (HDTS/Cam) 8.2 / trailer
10 (6) Wind River 7.8 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Top 10 Most Pirated Movies of The Week on BitTorrent – 11/27/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-112717/

This week we have five newcomers in our chart.

Kingsman: The Golden Circle is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (…) Kingsman: The Golden Circle 7.2 / trailer
2 (…) American Assassin 6.3 / trailer
3 (1) Valerian and the City of a Thousand Planets 6.7 / trailer
4 (…) Geostorm (Subbed HDRip) 5.5 / trailer
5 (2) Logan Lucky 7.2 / trailer
6 (3) Wind River 7.8 / trailer
7 (…) Home Again 5.7 / trailer
8 (4) The Hitman’s Bodyguard 7.0 / trailer
9 (5) Thor Ragnarok (HDTS/Cam) 8.2 / trailer
10 (…) Hangman 4.9 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Top 10 Most Pirated Movies of The Week on BitTorrent – 10/23/17

Post Syndicated from Ernesto original https://torrentfreak.com/top-10-pirated-movies-week-bittorrent-102317/

This week we have three newcomers in our chart.

War for the Planet of the Apes is the most downloaded movie again.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This week’s most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (1) War for the Planet of the Apes 7.8 / trailer
2 (6) Annabelle Creation (Subbed HDRip) 6.7 / trailer
3 (3) Spider-Man: Homecoming 7.8 / trailer
4 (2) The Dark Tower 5.9 / trailer
5 (…) Atomic Blonde (Subbed HDRip) 7.0 / trailer
6 (4) American Made (Subbed HDrip) 7.3 / trailer
7 (…) Cars 3 7.0 / trailer
8 (5) Baby Driver 8.0 / trailer
9 (…) Kingsman: The Golden Circle (HDTS) 7.2 / trailer
10 (7) Wonder Woman 8.2 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Harry Potter and the Real-Life Wizard Duel

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/real-life-wizard-duel/

Walk around the commons of Cambridge and you’re bound to see one or more of the Cambridge University Quidditch Club players mounted upon sticks with a makeshift quaffle. But try as they might, their broomsticks will never send them soaring through the air.

The same faux-wizardry charge can’t be levelled at Allen Pan‘s Real-Life Wizard Duel. For when the wand-wielding witches or wizards cast one of four Harry Potter spells, their opponent is struck accordingly… as if by magic.

Real Life Wizard Duel with ELECTRICITY | Sufficiently Advanced

Body shocking wands with speech recognition…It’s indistinguishable from magic! Follow Sufficiently Advanced! https://twitter.com/AnyTechnology https://www.facebook.com/sufficientlyadvanced https://www.instagram.com/sufficientlyadvanced/ Check out redRomina: https://www.youtube.com/user/redRomina Watch our TENS unit challenge! https://youtu.be/Ntovn4N9HNs These peeps helped film, check them out too!

Real spells, real consequences

Harry Potter GIF

Allen uses Transcutaneous Electrical Nerve Stimulation (TENS) machines to deliver the mighty blows to both himself and his opponent, setting off various sticky pads across the body via voice recognition.

The Google Cloud Speech Recognition API recognises one of five spells – Expelliarmus, Stupefy, Tarantallegra, Petrificus Totalus, and Protego – via a microphone plugged into a Raspberry Pi.

Harry Potter GIF

When the spell is pronounced correctly and understood by the Pi, it tells an Arduino to ‘shoot’ the spell out of the wand via an infrared LED. If the infrared receiver attached to the opponent recognises the spell, it sets off the TENS machine to deliver an electric current to the appropriate body part. Expelliarmus, for example, sets off the TENS connected to the arm, while calling out a successful Petrificus Totalus renders the opponent near immobilised as every pad is activated. For a moment’s rest, calling out “Protego” toward your own infrared receiver offers a few moments of protection against all spells aimed in your direction. Phew.

“But people only die in proper duels, you know, with real wizards. The most you and Malfoy’ll be able to do is send sparks at each other. Neither of you knows enough magic to do any real damage. I bet he expected you to refuse, anyway.”
“And what if I wave my wand and nothing happens?”
“Throw it away and punch him on the nose,” Ron suggested.
Harry Potter and the Philosopher’s Stone

Defence Against the Dark Arts

Harry Potter Wizard Duel Raspberry Pi

To prevent abuse of the spells, each one has its own recharge time, with available spells indicated via LEDs on the wand.

In the realm of Harry Potter fan builds, this has to be a favourite. And while visitors to The Wizarding World of Harry Potter may feel the magical effect of reimagined Butterbeer as they wander around Hogsmead, I’d definitely prefer to play Real Life Wizard Duel with Allen Pan.

The post Harry Potter and the Real-Life Wizard Duel appeared first on Raspberry Pi.

Security and Privacy Guidelines for the Internet of Things

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/02/security_and_pr.html

Lately, I have been collecting IoT security and privacy guidelines. Here’s everything I’ve found:

  1. Internet of Things (IoT) Broadband Internet Technical Advisory Group, Broadband Internet Technical Advisory Group, Nov 2016.
  2. IoT Security Guidance,” Open Web Application Security Project (OWASP), May 2016.

  3. Strategic Principles for Securing the Internet of Things (IoT),” US Department of Homeland Security, Nov 2016.

  4. Security,” OneM2M Technical Specification, Aug 2016.

  5. Security Solutions,” OneM2M Technical Specification, Aug 2016.

  6. IoT Security Guidelines Overview Document,” GSM Alliance, Feb 2016.

  7. IoT Security Guidelines For Service Ecosystems,” GSM Alliance, Feb 2016.

  8. IoT Security Guidelines for Endpoint Ecosystems,” GSM Alliance, Feb 2016.

  9. IoT Security Guidelines for Network Operators,” GSM Alliance, Feb 2016.

  10. Establishing Principles for Internet of Things Security,” IoT Security Foundation, undated.

  11. IoT Design Manifesto,” May 2015.

  12. NYC Guidelines for the Internet of Things,” City of New York, undated.

  13. IoT Security Compliance Framework,” IoT Security Foundation, 2016.

  14. Principles, Practices and a Prescription for Responsible IoT and Embedded Systems Development,” IoTIAP, Nov 2016.

  15. IoT Trust Framework,” Online Trust Alliance, Jan 2017.

  16. Five Star Automotive Cyber Safety Framework,” I am the Cavalry, Feb 2015.

  17. Hippocratic Oath for Connected Medical Devices,” I am the Cavalry, Jan 2016.

Other, related, items:

  1. We All Live in the Computer Now,” The Netgain Partnership, Oct 2016.
  2. Comments of EPIC to the FTC on the Privacy and Security Implications of the Internet of Things,” Electronic Privacy Information Center, Jun 2013.

  3. Internet of Things Software Update Workshop (IoTSU),” Internet Architecture Board, Jun 2016.

They all largely say the same things: avoid known vulnerabilities, don’t have insecure defaults, make your systems patchable, and so on.

My guess is that everyone knows that IoT regulation is coming, and is either trying to impose self-regulation to forestall government action or establish principles to influence government action. It’ll be interesting to see how the next few years unfold.

If there are any IoT security or privacy guideline documents that I’m missing, please tell me in the comments.

The command-line, for cybersec

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/01/the-command-line-for-cybersec.html

On Twitter I made the mistake of asking people about command-line basics for cybersec professionals. A got a lot of useful responses, which I summarize in this long (5k words) post. It’s mostly driven by the tools I use, with a bit of input from the tweets I got in response to my query.


By command-line this document really means bash.

There are many types of command-line shells. Windows has two, ‘cmd.exe’ and ‘PowerShell’. Unix started with the Bourne shell ‘sh’, and there have been many variations of this over the years, ‘csh’, ‘ksh’, ‘zsh’, ‘tcsh’, etc. When GNU rewrote Unix user-mode software independently, they called their shell “Bourne Again Shell” or “bash” (queue “JSON Bourne” shell jokes here).

Bash is the default shell for Linux and macOS. It’s also available on Windows, as part of their special “Windows Subsystem for Linux”. The windows version of ‘bash’ has become my most used shell.

For Linux IoT devices, BusyBox is the most popular shell. It’s easy to clear, as it includes feature-reduced versions of popular commands.


‘Man’ is the command you should not run if you want help for a command.

Man pages are designed to drive away newbies. They are only useful if you already mostly an expert with the command you desire help on. Man pages list all possible features of a program, but do not highlight examples of the most common features, or the most common way to use the commands.

Take ‘sed’ as an example. It’s used most commonly to do a search-and-replace in files, like so:

$ sed ‘s/rob/dave/’ foo.txt

This usage is so common that many non-geeks know of it. Yet, if you type ‘man sed’ to figure out how to do a search and replace, you’ll get nearly incomprehensible gibberish, and no example of this most common usage.

I point this out because most guides on using the shell recommend ‘man’ pages to get help. This is wrong, it’ll just endlessly frustrate you. Instead, google the commands you need help on, or better yet, search StackExchange for answers.

You might try asking questions, like on Twitter or forum sites, but this requires a strategy. If you ask a basic question, self-important dickholes will respond by telling you to “rtfm” or “read the fucking manual”. A better strategy is to exploit their dickhole nature, such as saying “too bad command xxx cannot do yyy”. Helpful people will gladly explain why you are wrong, carefully explaining how xxx does yyy.

If you must use ‘man’, use the ‘apropos’ command to find the right man page. Sometimes multiple things in the system have the same or similar names, leading you to the wrong page.

apt-get install yum

Using the command-line means accessing that huge open-source ecosystem. Most of the things in this guide do no already exist on the system. You have to either compile them from source, or install via a package-manager. Linux distros ship with a small footprint, but have a massive database of precompiled software “packages” in the cloud somewhere. Use the “package manager” to install the software from the cloud.

On Debian-derived systems (like Ubuntu, Kali, Raspbian), type “apt-get install masscan” to install “masscan” (as an example). Use “apt-cache search scan” to find a bunch of scanners you might want to install.

On RedHat systems, use “yum” instead. On BSD, use the “ports” system, which you can also get working for macOS.

If no pre-compiled package exists for a program, then you’ll have to download the source code and compile it. There’s about an 80% chance this will work easy, following the instructions. There is a 20% chance you’ll experience “dependency hell”, for example, needing to install two mutually incompatible versions of Python.

Bash is a scripting language

Don’t forget that shells are really scripting languages. The bit that executes a single command is just a degenerate use of the scripting language. For example, you can do a traditional for loop like:

$ for i in $(seq 1 9); do echo $i; done

In this way, ‘bash’ is no different than any other scripting language, like Perl, Python, NodeJS, PHP CLI, etc. That’s why a lot of stuff on the system actually exists as short ‘bash’ programs, aka. shell scripts.

Few want to write bash scripts, but you are expected to be able to read them, either to tweek existing scripts on the system, or to read StackExchange help.

File system commands

The macOS “Finder” or Windows “File Explorer” are just graphical shells that help you find files, open, and save them. The first commands you learn are for the same functionality on the command-line: pwd, cd, ls, touch, rm, rmdir, mkdir, chmod, chown, find, ln, mount.

The command “rm –rf /” removes everything starting from the root directory. This will also follow mounted server directories, deleting files on the server. I point this out to give an appreciation of the raw power you have over the system from the command-line, and how easy you can disrupt things.

Of particular interest is the “mount” command. Desktop versions of Linux typically mount USB flash drives automatically, but on servers, you need to do it manually, e.g.:

$ mkdir ~/foobar
$ mount /dev/sdb ~/foobar

You’ll also use the ‘mount’ command to connect to file servers, using the “cifs” package if they are Windows file servers:

# apt-get install cifs-utils
# mkdir /mnt/vids
# mount -t cifs -o username=robert,password=foobar123  // /mnt/vids

Linux system commands

The next commands you’ll learn are about syadmin the Linux system: ps, top, who, history, last, df, du, kill, killall, lsof, lsmod, uname, id, shutdown, and so on.

The first thing hackers do when hacking into a system is run “uname” (to figure out what version of the OS is running) and “id” (to figure out which account they’ve acquired, like “root” or some other user).

The Linux system command I use most is “dmesg” (or ‘tail –f /var/log/dmesg’) which shows you the raw system messages. For example, when I plug in USB drives to a server, I look in ‘dmesg’ to find out which device was added so that I can mount it. I don’t know if this is the best way, it’s just the way I do it (servers don’t automount USB drives like desktops do).

Networking commands

The permanent state of the network (what gets configured on the next bootup) is configured in text files somewhere. But there are a wealth of commands you’ll use to view the current state of networking, make temporary changes, and diagnose problems.

The ‘ifconfig’ command has long been used to view the current TCP/IP configuration and make temporary changes. Learning how TCP/IP works means playing a lot with ‘ifconfig’. Use “ifconfig –a” for even more verbose information.

Use the “route” command to see if you are sending packets to the right router.

Use ‘arp’ command to make sure you can reach the local router.

Use ‘traceroute’ to make sure packets are following the correct route to their destination. You should learn the nifty trick it’s based on (TTLs). You should also play with the TCP, UDP, and ICMP options.

Use ‘ping’ to see if you can reach the target across the Internet. Usefully measures the latency in milliseconds, and congestion (via packet loss). For example, ping NetFlix throughout the day, and notice how the ping latency increases substantially during “prime time” viewing hours.

Use ‘dig’ to make sure DNS resolution is working right. (Some use ‘nslookup’ instead). Dig is useful because it’s the raw universal DNS tool – every time they add some new standard feature to DNS, they add that feature into ‘dig’ as well.

The ‘netstat –tualn’ command views the current TCP/IP connections and which ports are listening. I forget what the various options “tualn” mean, only it’s the output I always want to see, rather than the raw “netstat” command by itself.

You’ll want to use ‘ethtool –k’ to turn off checksum and segmentation offloading. These are features that break packet-captures sometimes.

There is this new fangled ‘ip’ system for Linux networking, replacing many of the above commands, but as an old timer, I haven’t looked into that.

Some other tools for diagnosing local network issues are ‘tcpdump’, ‘nmap’, and ‘netcat’. These are described in more detail below.


In general, you’ll remotely log into a system in order to use the command-line. We use ‘ssh’ for that. It uses a protocol similar to SSL in order to encrypt the connection. There are two ways to use ‘ssh’ to login, with a password or with a client-side certificate.

When using SSH with a password, you type “ssh [email protected]”. The remote system will then prompt you for a password for that account.

When using client-side certificates, use “ssh-keygen” to generate a key, then either copy the public-key of the client to the server manually, or use “ssh-copy-id” to copy it using the password method above.

How this works is basic application of public-key cryptography. When logging in with a password, you get a copy of the server’s public-key the first time you login, and if it ever changes, you get a nasty warning that somebody may be attempting a man in the middle attack.

$ ssh [email protected]

When using client-side certificates, the server trusts your public-key. This is similar to how client-side certificates work in SSL VPNs.

You can use SSH for things other than loging into a remote shell. You can script ‘ssh’ to run commands remotely on a system in a local shell script. You can use ‘scp’ (SSH copy) to transfer files to and from a remote system. You can do tricks with SSH to create tunnels, which is popular way to bypass the restrictive rules of your local firewall nazi.


This is your general cryptography toolkit, doing everything from simple encryption, to public-key certificate signing, to establishing SSL connections.

It is extraordinarily user hostile, with terrible inconsistency among options. You can only figure out how to do things by looking up examples on the net, such as on StackExchange. There are competing SSL libraries with their own command-line tools, like GnuTLS and Mozilla NSS that you might find easier to use.

The fundamental use of the ‘openssl’ tool is to create public-keys, “certificate requests”, and creating self-signed certificates. All the web-site certificates I’ve ever obtained has been using the openssl command-line tool to create CSRs.

You should practice using the ‘openssl’ tool to encrypt files, sign files, and to check signatures.

You can use openssl just like PGP for encrypted emails/messages, but following the “S/MIME” standard rather than PGP standard. You might consider learning the ‘pgp’ command-line tools, or the open-source ‘gpg’ or ‘gpg2’ tools as well.

You should learn how to use the “openssl s_client” feature to establish SSL connections, as well as the “openssl s_server” feature to create an SSL proxy for a server that doesn’t otherwise support SSL.

Learning all the ways of using the ‘openssl’ tool to do useful things will go a long way in teaching somebody about crypto and cybersecurity. I can imagine an entire class consisting of nothing but learning ‘openssl’.

netcat (nc, socat, cyptocat, ncat)

A lot of Internet protocols are based on text. That means you can create a raw TCP connection to the service and interact with them using your keyboard. The classic tool for doing this is known as “netcat”, abbreviated “nc”. For example, connect to Google’s web server at port and type the HTTP HEAD command followed by a blank line (hit [return] twice):

$ nc www.google.com 80

HTTP/1.0 200 OK
Date: Tue, 17 Jan 2017 01:53:28 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP=”This is not a P3P policy! See https://www.google.com/support/accounts/answer/151657?hl=en for more info.”
Server: gws
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: NID=95=o7GT1uJCWTPhaPAefs4CcqF7h7Yd7HEqPdAJncZfWfDSnNfliWuSj3XfS5GJXGt67-QJ9nc8xFsydZKufBHLj-K242C3_Vak9Uz1TmtZwT-1zVVBhP8limZI55uXHuPrejAxyTxSCgR6MQ; expires=Wed, 19-Jul-2017 01:53:28 GMT; path=/; domain=.google.com; HttpOnly
Accept-Ranges: none
Vary: Accept-Encoding

Another classic example is to connect to port 25 on a mail server to send email, spoofing the “MAIL FROM” address.

There are several versions of ‘netcat’ that work over SSL as well. My favorite is ‘ncat’, which comes with ‘nmap’, as it’s actively maintained. In theory, “openssl s_client” should also work this way.


At some point, you’ll need to port scan. The standard program for this is ‘nmap’, and it’s the best. The classic way of using it is something like:

# nmap –A scanme.nmap.org

The ‘-A’ option means to enable all the interesting features like OS detection, version detection, and basic scripts on the most common ports that a server might have open. It takes awhile to run. The “scanme.nmap.org” is a good site to practice on.

Nmap is more than just a port scanner. It has a rich scripting system for probing more deeply into a system than just a port, and to gather more information useful for attacks. The scripting system essentially contains some attacks, such as password guessing.

Scanning the Internet, finding services identified by ‘nmap’ scripts, and interacting with them with tools like ‘ncat’ will teach you a lot about how the Internet works.

BTW, if ‘nmap’ is too slow, using ‘masscan’ instead. It’s a lot faster, though has much more limited functionality.

Packet sniffing with tcpdump and tshark

All Internet traffic consists of packets going between IP addresses. You can capture those packets and view them using “packet sniffers”. The most important packet-sniffer is “Wireshark”, a GUI. For the command-line, there is ‘tcpdump’ and ‘tshark’.

You can run tcpdump on the command-line to watch packets go in/out of the local computer. This performs a quick “decode” of packets as they are captured. It’ll reverse-lookup IP addresses into DNS names, which means its buffers can overflow, dropping new packets while it’s waiting for DNS name responses for previous packets (which can be disabled with -n):

# tcpdump –p –i eth0

A common task is to create a round-robin set of files, saving the last 100 files of 1-gig each. Older files are overwritten. Thus, when an attack happens, you can stop capture, and go backward in times and view the contents of the network traffic using something like Wireshark:

# tcpdump –p -i eth0 -s65535 –C 1000 –W 100 –w cap

Instead of capturing everything, you’ll often set “BPF” filters to narrow down to traffic from a specific target, or a specific port.

The above examples use the –p option to capture traffic destined to the local computer. Sometimes you may want to look at all traffic going to other machines on the local network. You’ll need to figure out how to tap into wires, or setup “monitor” ports on switches for this to work.

A more advanced command-line program is ‘tshark’. It can apply much more complex filters. It can also be used to extract the values of specific fields and dump them to a text files.


These are some rather trivial commands, but you should know them.

The ‘base64’ command encodes binary data in text. The text can then be passed around, such as in email messages. Base64 encoding is often automatic in the output from programs like openssl and PGP.

In many cases, you’ll need to view a hex dump of some binary data. There are many programs to do this, such as hexdump, xxd, od, and more.


Grep searches for a pattern within a file. More important, it searches for a regular expression (regex) in a file. The fu of Unix is that a lot of stuff is stored in text files, and use grep for regex patterns in order to extra stuff stored in those files.

The power of this tool really depends on your mastery of regexes. You should master enough that you can understand StackExhange posts that explain almost what you want to do, and then tweek them to make them work.

Grep, by default, shows only the matching lines. In many cases, you only want the part that matches. To do that, use the –o option. (This is not available on all versions of grep).

You’ll probably want the better, “extended” regular expressions, so use the –E option.

You’ll often want “case-insensitive” options (matching both upper and lower case), so use the –i option.

For example, to extract all MAC address from a text file, you might do something like the following. This extracts all strings that are twelve hex digits.

$ grep –Eio ‘[0-9A-F]{12}’ foo.txt

Text processing

Grep is just the first of the various “text processing filters”. Other useful ones include ‘sed’, ‘cut’, ‘sort’, and ‘uniq’.

You’ll be an expert as piping output of one to the input of the next. You’ll use “sort | uniq” as god (Dennis Ritchie) intended and not the heresy of “sort –u”.

You might want to master ‘awk’. It’s a new programming language, but once you master it, it’ll be easier than other mechanisms.

You’ll end up using ‘wc’ (word-count) a lot. All it does is count the number of lines, words, characters in a file, but you’ll find yourself wanting to do this a lot.

csvkit and jq

You get data in CSV format and JSON format a lot. The tools ‘csvkit’ and ‘jq’ respectively help you deal with those tools, to convert these files into other formats, sticking the data in databases, and so forth.

It’ll be easier using these tools that understand these text formats to extract data than trying to write ‘awk’ command or ‘grep’ regexes.


Most files are binary with a few readable ASCII strings. You use the program ‘strings’ to extract those strings.

This one simple trick sounds stupid, but it’s more powerful than you’d think. For example, I knew that a program probably contained a hard-coded password. I then blindly grabbed all the strings in the program’s binary file and sent them to a password cracker to see if they could decrypt something. And indeed, one of the 100,000 strings in the file worked, thus finding the hard-coded password.

tail -f

So ‘tail’ is just a standard Linux tool for looking at the end of files. If you want to keep checking the end of a live file that’s constantly growing, then use “tail –f”. It’ll sit there waiting for something new to be added to the end of the file, then print it out. I do this a lot, so I thought it’d be worth mentioning.

tar –xvfz, gzip, xz, 7z

In prehistorical times (like the 1980s), Unix was backed up to tape drives. The tar command could be used to combine a bunch of files into a single “archive” to be sent to the tape drive, hence “tape archive” or “tar”.

These days, a lot of stuff you download will be in tar format (ending in .tar). You’ll need to learn how to extract it:

$ tar –xvf something.tar

Nobody knows what the “xvf” options mean anymore, but these letters most be specified in that order. I’m joking here, but only a little: somebody did a survey once and found that virtually nobody know how to use ‘tar’ other than the canned formulas such as this.

Along with combining files into an archive you also need to compress them. In prehistoric Unix, the “compress” command would be used, which would replace a file with a compressed version ending in ‘.z’. This would found to be encumbered with patents, so everyone switched to ‘gzip’ instead, which replaces a file with a new one ending with ‘.gz’.

$ ls foo.txt*
$ gzip foo.txt
$ ls foo.txt*

Combined with tar, you get files with either the “.tar.gz” extension, or simply “.tgz”. You can untar and uncompress at the same time:

$ tar –xvfz something .tar.gz

Gzip is always good enough, but nerds gonna nerd and want to compress with slightly better compression programs. They’ll have extensions like “.bz2”, “.7z”, “.xz”, and so on. There are a ton of them. Some of them are supported directly by the ‘tar’ program:

$ tar –xvfj something.tar.bz2

Then there is the “zip/unzip” program, which supports Windows .zip file format. To create compressed archives these days, I don’t bother with tar, but just use the ZIP format. For example, this will recursively descend a directory, adding all files to a ZIP file that can easily be extracted under Windows:

$ zip –r test.zip ./test/


I should include this under the system tools at the top, but it’s interesting for a number of purposes. The usage is simply to copy one file to another, the in-file to the out-file.

$ dd if=foo.txt of=foo2.txt

But that’s not interesting. What interesting is using it to write to “devices”. The disk drives in your system also exist as raw devices under the /dev directory.

For example, if you want to create a boot USB drive for your Raspberry Pi:

# dd if=rpi-ubuntu.img of=/dev/sdb

Or, you might want to hard erase an entire hard drive by overwriting random data:

# dd if=/dev/urandom of=/dev/sdc

Or, you might want to image a drive on the system, for later forensics, without stumbling on things like open files.

# dd if=/dev/sda of=/media/Lexar/infected.img

The ‘dd’ program has some additional options, like block size and so forth, that you’ll want to pay attention to.

screen and tmux

You log in remotely and start some long running tool. Unfortunately, if you log out, all the processes you started will be killed. If you want it to keep running, then you need a tool to do this.

I use ‘screen’. Before I start a long running port scan, I run the “screen” command. Then, I type [ctrl-a][ctrl-d] to disconnect from that screen, leaving it running in the background.

Then later, I type “screen –r” to reconnect to it. If there are more than one screen sessions, using ‘-r’ by itself will list them all. Use “-r pid” to reattach to the proper one. If you can’t, then use “-D pid” or “-D –RR pid” to forced the other session to detached from whoever is using it.

Tmux is an alternative to screen that many use. It’s cool for also having lots of terminal screens open at once.

curl and wget

Sometimes you want to download files from websites without opening a browser. The ‘curl’ and ‘wget’ programs do that easily. Wget is the traditional way of doing this, but curl is a bit more flexible. I use curl for everything these days, except mirroring a website, in which case I just do “wget –m website”.

The thing that makes ‘curl’ so powerful is that it’s really designed as a tool for poking and prodding all the various features of HTTP. That it’s also useful for downloading files is a happy coincidence. When playing with a target website, curl will allow you do lots of complex things, which you can then script via bash. For example, hackers often write their cross-site scripting/forgeries in bash scripts using curl.


As mentioned above, bash is its own programming language. But it’s weird, and annoying. So sometimes you want a real programming language. Here are some useful ones.

Yes, PHP is a language that runs in a web server for creating web pages. But if you know the language well, it’s also a fine command-line language for doing stuff.

Yes, JavaScript is a language that runs in the web browser. But if you know it well, it’s also a great language for doing stuff, especially with the “nodejs” version.

Then there are other good command line languages, like the Python, Ruby, Lua, and the venerable Perl.

What makes all these great is the large library support. Somebody has already written a library that nearly does what you want that can be made to work with a little bit of extra code of your own.

My general impression is that Python and NodeJS have the largest libraries likely to have what you want, but you should pick whichever language you like best, whichever makes you most productive. For me, that’s NodeJS, because of the great Visual Code IDE/debugger.

iptables, iptables-save

I shouldn’t include this in the list. Iptables isn’t a command-line tool as such. The tool is the built-in firewalling/NAT features within the Linux kernel. Iptables is just the command to configure it.

Firewalling is an important part of cybersecurity. Everyone should have some experience playing with a Linux system doing basic firewalling tasks: basic rules, NATting, and transparent proxying for mitm attacks.

Use ‘iptables-save’ in order to persistently save your changes.


Similar to ‘iptables’, ‘mysql’ isn’t a tool in its own right, but a way of accessing a database maintained by another process on the system.

Filters acting on text files only goes so far. Sometimes you need to dump it into a database, and make queries on that database.

There is also the offensive skill needed to learn how targets store things in a database, and how attackers get the data.

Hackers often publish raw SQL data they’ve stolen in their hacks (like the Ashley-Madisan dump). Being able to stick those dumps into your own database is quite useful. Hint: disable transaction logging while importing mass data.

If you don’t like SQL, you might consider NoSQL tools like Elasticsearch, MongoDB, and Redis that can similarly be useful for arranging and searching data. You’ll probably have to learn some JSON tools for formatting the data.

Reverse engineering tools

A cybersecurity specialty is “reverse engineering”. Some want to reverse engineer the target software being hacked, to understand vulnerabilities. This is needed for commercial software and device firmware where the source code is hidden. Others use these tools to analyze viruses/malware.

The ‘file’ command uses heuristics to discover the type of a file.

There’s a whole skillset for analyzing PDF and Microsoft Office documents. I play with pdf-parser. There’s a long list at this website:

There’s a whole skillset for analyzing executables. Binwalk is especially useful for analyzing firmware images.

Qemu is useful is a useful virtual-machine. It can emulate full systems, such as an IoT device based on the MIPS processor. Like some other tools mentioned here, it’s more a full subsystem than a simple command-line tool.

On a live system, you can use ‘strace’ to view what system calls a process is making. Use ‘lsof’ to view which files and network connections a process is making.

Password crackers

A common cybersecurity specialty is “password cracking”. There’s two kinds: online and offline password crackers.

Typical online password crackers are ‘hydra’ and ‘medusa’. They can take files containing common passwords and attempt to log on to various protocols remotely, like HTTP, SMB, FTP, Telnet, and so on. I used ‘hydra’ recently in order to find the default/backdoor passwords to many IoT devices I’ve bought recently in my test lab.

Online password crackers must open TCP connections to the target, and try to logon. This limits their speed. They also may be stymied by systems that lock accounts, or introduce delays, after too many bad password attempts.

Typical offline password crackers are ‘hashcat’ and ‘jtr’ (John the Ripper). They work off of stolen encrypted passwords. They can attempt billions of passwords-per-second, because there’s no network interaction, nothing slowing them down.

Understanding offline password crackers means getting an appreciation for the exponential difficulty of the problem. A sufficiently long and complex encrypted password is uncrackable. Instead of brute-force attempts at all possible combinations, we must use tricks, like mutating the top million most common passwords.

I use hashcat because of the great GPU support, but John is also a great program.

WiFi hacking

A common specialty in cybersecurity is WiFi hacking. The difficulty in WiFi hacking is getting the right WiFi hardware that supports the features (monitor mode, packet injection), then the right drivers installed in your operating system. That’s why I use Kali rather than some generic Linux distribution, because it’s got the right drivers installed.

The ‘aircrack-ng’ suite is the best for doing basic hacking, such as packet injection. When the parents are letting the iPad babysit their kid with a loud movie at the otherwise quite coffeeshop, use ‘aircrack-ng’ to deauth the kid.

The ‘reaver’ tool is useful for hacking into sites that leave WPS wide open and misconfigured.

Remote exploitation

A common specialty in cybersecurity is pentesting.

Nmap, curl, and netcat (described above) above are useful tools for this.

Some useful DNS tools are ‘dig’ (described above), dnsrecon/dnsenum/fierce that try to enumerate and guess as many names as possible within a domain. These tools all have unique features, but also have a lot of overlap.

Nikto is a basic tool for probing for common vulnerabilities, out-of-date software, and so on. It’s not really a vulnerability scanner like Nessus used by defenders, but more of a tool for attack.

SQLmap is a popular tool for probing for SQL injection weaknesses.

Then there is ‘msfconsole’. It has some attack features. This is humor – it has all the attack features. Metasploit is the most popular tool for running remote attacks against targets, exploiting vulnerabilities.

Text editor

Finally, there is the decision of text editor. I use ‘vi’ variants. Others like ‘nano’ and variants. There’s no wrong answer as to which editor to use, unless that answer is ‘emacs’.


Obviously, not every cybersecurity professional will be familiar with every tool in this list. If you don’t do reverse-engineering, then you won’t use reverse-engineering tools.

On the other hand, regardless of your specialty, you need to know basic crypto concepts, so you should know something like the ‘openssl’ tool. You need to know basic networking, so things like ‘nmap’ and ‘tcpdump’. You need to be comfortable processing large dumps of data, manipulating it with any tool available. You shouldn’t be frightened by a little sysadmin work.

The above list is therefore a useful starting point for cybersecurity professionals. Of course, those new to the industry won’t have much familiarity with them. But it’s fair to say that I’ve used everything listed above at least once in the last year, and the year before that, and the year before that. I spend a lot of time on StackExchange and Google searching the exact options I need, so I’m not an expert, but I am familiar with the basic use of all these things.

2016-12-29 33c3 – малко лекции

Post Syndicated from Vasil Kolev original https://vasil.ludost.net/blog/?p=3332

Тази година гледам 33c3 от вкъщи, и май гледам по-малко лекции. Ето какво съм гледал до тук:
(обработените лекции са на media.ccc.de, ако ги няма тук може да се търсят на relive)

What could possibly go wrong with <insert x86 instruction here>? беше описание и демонстрационен код как може да чрез ползване на кеша (flush-ване, напълване и т.н.) да се комуникира между несвързани процеси или дори виртуални машини, които се schedule-ват на същия процесор (т.е. и между core-ове, които споделят кеш).

How Do I Crack Satellite and Cable Pay TV? беше за reverse-ване на чиповете, които декриптират сателитна телевизия, прилично интересно.

Building a high throughput low-latency PCIe based SDR са хора, които разработват software-defined radio на mini PCIe карта, което може да се използва за всякакви по-сериозни цели (има включително синхронизация на часовника от GPS), като за момента са до средата (не са си постигнали целта за скорост на устройството), и ако постигнат прилична цена, това може да се окаже идеалното устройство за правене на софтуерни GSM/LTE неща.

Shut Up and Take My Money! беше за как са счупили на някакви хора мобилното приложение, което се занимава с потребителски транзакции. Звучеше като да трябва да затворят тия, дето са го мислили/писали.

What’s It Doing Now? беше доста интересна лекция за автопилоти по самолети, как тоя тип автоматика трябва да се следи внимателно и като цяло, че нещата не са толкова автомагически, колкото ни се иска. Лекциите за самолетни проблеми винаги са интересни 🙂

Nintendo Hacking 2016 описа какво са счупили по разлините nintendo устройства, exploit-и по boot loader-и и всякакви такива неща. Това беше една от лекциите, в която се споменаваше техниката с glitching – да се подаде по-нисък волтаж за малко, така че дадена инструкция да се намаже и да има шанс да се JMP-не някъде в наш код в някакъв момент, така че да можем да dump-нем нещо.

Where in the World Is Carmen Sandiego? беше лекция за чупенето на системите за резервиране на самолетни билети и като цяло пътувания. Силно тъжно, казаха си в началото, че няма много хакване в лекцията, понеже нещата са твърде счупени и лесни за атака. Кратък съвет – не си публикувайте снимка на boarding pass-а.

You can -j REJECT but you can not hide: Global scanning of the IPv6 Internet е разработка с DNS за сравнително лесно сканиране на всички съществуващи IPv6 DNS PTR записи, та да се намерят повечето съществуващи сървъри. Доста идейно и вероятно ще го тествам някъде 🙂

Tapping into the core описва интересно устройство за дебъгване/слушане на intel-ски процесори през USB и вероятно и мрежа, т.е. дебъгер, който може директно да пипа процесора. Звучи многообещаващо (лекцията гледаше основно на това като начин за правене на rootkit-ове).

Recount 2016: An Uninvited Security Audit of the U.S. Presidential Election беше много празни приказки за изборите в щатите, за пре-преброяване, в което не са открили проблем, и като цяло за счупената им система.

The Untold Story of Edward Snowden’s Escape from Hong Kong разказваше за двете седмици на Edward Snowden в Хонг Конг и бежанците, при които са го крили, преди да отлети, заедно с призив за fundraiser за тях.

State of Internet Censorship 2016 беше нормалното описание, заедно с проектите, чрез които се изследва. В общи линии изводът беше, че вече цензурирането е узаконено почти навсякъде, където се случва и става все по-често явление някоя държава да си спре internet-а за малко, около разни събития.

Million Dollar Dissidents and the Rest of Us описа какви таргетирани методи се използват от различни правителства (и кой им ги продава и учи) за hack-ване и вадене на данни от всякакви устройства на неприятни за тях хора. Нещата са прилично напреднали и е все по-ясно как повечето ни софтуер не става за secure дейности.

On Smart Cities, Smart Energy, And Dumb Security беше за колко са счупени “smart” електромерите и как сигурността на тия неща никой не и обръща сериозно внимание.

Dissecting modern (3G/4G) cellular modems беше интересно описание на съществуващ хардуер, който може да се използва за 3g/4g модем (който се използва в единия iPhone даже), и който накрая се оказа, че търкаля android/linux в себе си (т.е. може спокойно да се каже, че в iPhone 6 (ако не се лъжа) има един linux/adroid).

Тия дни ще догледам още някакви от записи и каквото остава утре и ще пиша пак. Много ми се иска да изгледам повечето неща за random генераторите и лекцията за HDMI.

UK Government Spied on BitTorrent Users – in Planes

Post Syndicated from Andy original https://torrentfreak.com/uk-government-spied-bittorrent-users-planes-161209/

spyPrivacy ( or the lack of it) is one of the enduring hot topics of recent years and something which most acutely affects those who spend a lot of time online.

For the average Internet user sitting at home or work, this roughly means that little to no privacy can be counted upon unless encryption is deployed, and even then there are no guarantees.

Largely thanks to the revelations of Edward Snowden, it is now broadly confirmed that if governments can spy on our communications, they will do so, no matter where they take place. Of course, that’s no surprise to generally better informed BitTorrent users, but even they might be shocked to learn where file-sharers have been monitored.

This week, The Intercept and Le Monde published details of “Southwinds”, a UK-government program used to gather all the cellular activity, voice calls and data transfers onboard commercial aircraft.

In a 2012 presentation, Government Communications Headquarters (or GCHQ as it’s better known) mentioned the capabilities of the program.

“The data was collected ‘in near real time’ and an aircraft could be ‘tracked’ every two minutes,” the publication revealed.

“To spy on a telephone, all that was required was that the aircraft be cruising at an altitude above 10,000 feet. Secret aerial stations on the ground could intercept the signal as it transited through a satellite.”

According to GCHQ, it was able to track telephones that were merely switched on. This, combined with flight lists and airline data, was enough to identify the passenger with the phone.

One of the surveillance programs (called “Thieving Magpie”) was accompanied by a presentation. One slide showed how the GSM system works on an Air France flight while another revealed that GCHQ was able to identify Blackberry PIN numbers from captured data. But that’s not all.

“If [passengers] use data, we can also recover email addresses, Facebook IDs, Skype addresses etc,” one slide reads.

GCHQ noted that data usage on planes was largely as expected but with a few notable exceptions. Apparently, as they were sweeping for information, the UK government’s top snoopers came across BitTorrent users more than 10,000ft up in the air.


Approached for comment, GCHQ gave little away.

“It is long standing policy that we do not comment on intelligence matters. Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee.

“All our operational processes rigorously support this position. In addition, the UK’s interception regime is entirely compatible with the European Convention on Human Rights,” GCHQ said.

The legality of Britain’s spying will be of little comfort to the millions of innocents caught up in the dragnet. However, for those paying extortionate rates to torrent from planes that are literally in the cloud, it might be cheaper (and less conspicuous) to do so from home in future.

The full slideshow is available here.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

A new high-altitude ballooning record

Post Syndicated from Liz Upton original https://www.raspberrypi.org/blog/new-high-altitude-ballooning-record-dave-akerman/

Liz: As some of you clever people have pointed out, the new Pi Zero with camera connector might have been designed with one person very much in mind. That person’s Dave “high-altitude ballooning” Akerman. We got one to him before they went on shelves so he could schedule a flight for launch day. Here’s Dave to tell you what happened (spoiler: he’s got another record for the highest amateur live-transmitted pictures). Thanks Dave!

As many reading this will know, I flew the new Pi Zero on the day it was announced, in order to test a prototype of our new PITS-Zero tracker board.  I’d been pleading with Eben since I first saw a prototype of the original Pi Zero, that its low weight would be ideal for live-imaging HAB applications, if only it had a camera port.  The camera is much the entire reason for using a Pi for HAB – if you don’t want pictures then a smaller/lighter/simpler AVR or PIC microcontroller will easily do the job (and with less battery power) – so I felt that the CSI-less Pi Zero was a missed opportunity. Eben agreed, and said he would try to make it happen.


So, when I received a sample Pi Zero with CSI port, I was keen to try it out.  However launching an unreleased device, to possibly parachute down in front of a curious Pi fan, might not be the best idea in the world, so I had to wait.  Fortunately the wind predictions were good for a balloon launch on the Pi Zero CSI launch day, and the flight went well albeit the burst was rather lower than predicted (balloons vary).

Sony Camera

I had hoped to fly the new Sony camera for the Pi, but in testing the camera would become invisible to raspistill after about 2 hours and roughly 2-300 photos.  2 hours isn’t long enough for a regular flight, and mine was expected to take more than 3 hours just to ascend, so this wasn’t good.  I searched the Pi forum and found that a couple of people using time-lapse photography had found the same issue, and as it was a new issue with no fix or workaround yet, I had to opt for the Omnivision camera instead.  This of course gave me a reason to fly the same tracker again as soon as there was a solution for the Sony firmware issue; once there was I tested it, and planned my next flight.

Waiting For Baudot

"It's currently a problem of access to gigabits through punybaud"

I’ve written previously about LoRa, but the key points about these Long Range Radio Modules when compared to the old (first used from the air in 1922) RTTY system are:

  • Higher data rates
  • Longer range with the same rate/power
  • Can receive as well as transmit
  • Low host CPU requirements even for receiving

The higher data rates mean that we can send larger images more quickly (throughput is up to 56 times that of 300 baud RTTY), and the receiving capability makes it easy to have the payload respond to messages sent up from the ground.  For this flight, those messages are used to request the tracker to re-send any missing packets (ones that the receiving stations didn’t hear), thus reducing the number of annoying missing image sections down to about zero.  To give you an idea of the improvement, the following single large picture was sent in about a quarter of the time taken by the inset picture (from my first Pi flight, and at the same pixel scale):



LCARS Chase Car Computer

For this flight, I tried out my new chase-car computer.  This has a Pi B V2, Pi touchscreen, LoRa module, GPS receiver and WLAN (to connect to a MiFi in the chase car).  The user interface mimics the Star Trek LCARS panels, and was written in Python with PyQt.  It receives telemetry both locally (LoRa, or RTTY via a separate PC) and also from the central UKHAS server if connected via GSM.

The Flight

As per the previous Pi Zero flight, this was under a 1600g balloon filled with hydrogen.  Predicted burst altitude was 42km, and I hoped that this time it might achieve that!  The payload was the same as last time:



except of course for the new Sony camera (manually focused for infinity, but not beyond) and a new set of batteries.

On the launch day the weather was overcast but forecast to improve a little, so I decided to wait for a gap in the clouds.  When that came, the wind did too (that wasn’t forecast!), which made filling the balloon interesting.

No, my head hasn't turned into a giant clove of garlic.

No, my head hasn’t turned into a giant clove of garlic.

Fortunately, the wind did drop for launch, and the balloon ascended towards the gap I’d mentioned in the clouds:



The LoRa system worked well (especially once I remembered to enable the “missing packet re-send” software!), with the new camera acquitting itself well.  I used ImageMagick onboard to apply some gamma to the images (to replace contrast lost in the atmosphere) and to provide a telemetry overlay, including this one, which I believe is the highest image sent down live from an amateur balloon.


Burst was a few metres later, comfortably beating my previous highest live-image flight.

And this was the last image it sent.  I guessed why.  Remember the camera stuck to the outside?  My guess was that after burst – when the payload suddenly finds itself without support – the line up to the balloon found its way behind the camera which it then removed as the balloon remnants pulled on it.  So, I can’t show you any images from the descent, but I can show you this shot of the Severn Estuary (processed to improve contrast) from the ascent:



In the chase car, I stopped at a point with a good view towards the landing area, so I could get the best (lowest) last position I could.  With the payload transmitting both LoRa and RTTY, I had my LCARS Pi receiving the former, and a Yaesu 817 with laptop PC receiving the latter.  With no images, the LoRa side dropped to sending telemetry only, which was handy as I was able to receive a lot of packets as the balloon descended. Overall LoRa seemed to be much more reliable from the car than RTTY did, despite the much higher data rate, and I now would be quite happy to chase a balloon transmitting high bandwidth LoRa and nothing else.

With the final position logged, I carefully tapped that into the car sat nav and then drove off to get the payload back.  10 minutes later I remembered that I’d coded exactly that function into my LCARS program!  2 screen-taps later, I had on-screen navigation (via Navit); I would also have had voice navigation but I hadn’t connected a speaker yet.

Both Navit and the car sat nav took me to a hill with the payload about 300 metres away.  I waited for another HABber to arrive – his first time chasing – and meantime I updated the other enthusiasts online, and took some photographs of the scenery; Shropshire is very pretty.


Once Andy arrived, we walked down to the payload, watched (as often the case) by the local populace:

Ewe looking at me?

Ewe looking at me?

As expected, the camera was missing, so if anyone wants a free Sony Pi camera, I can give you a 5-mile radius area to search.


You don’t need CSI to see what went wrong here …

A lot of the balloon was still attached, which helps to explain how the camera was forcibly removed:



So, a nice flight and recovery.  The Sony camera worked well; 868 LoRa worked well; the LCARS chase car tracker worked well.  Next time, more duct tape!

The post A new high-altitude ballooning record appeared first on Raspberry Pi.

Busy 2016 for Yate SDMN products

Post Syndicated from Yate Team original http://blog.yate.ro/2016/01/21/busy-2016-for-yate-sdmn-products/

Stepping into 2016, we have exciting news. Through 2015 we continued to develop the GSM/GPRS SatSite base station, as well as our main core network products: the ​2G/2.5G/4G YateUCN core network and the ​2G/3G/4G YateHSS/HLR. We start 2016 with the release of the LTE SatSite Model 142, with software-selectable LTE or GSM/GPRS operation, generating 10-20 […]

YateUCN – the redundant MSC/VLR

Post Syndicated from Yate Team original http://blog.yate.ro/2015/11/10/yateucn-the-redundant-mscvlr/

Traditionally, the redundancy of the Mobile Switching Center / Visitor Location Register (MSC/VLR) is obtained through redundant dedicated hardware and software. The problem lies in the Abis + A interfaces (BSSAP protocol) which do not allow a base station to move easily to another MSC/VLR. To overcome this problem, we decided to use the SIP protocol (with […]

Modernizing GSM networks – an ever difficult feat

Post Syndicated from Yate Team original http://blog.yate.ro/2015/10/21/modernizing-gsm-networks-an-ever-difficult-feat/

GSM has turned 24 this year and throughout this time showed that it is invaluable for telephone calls and M2M applications. Many industry observers estimate that 2G will continue to be in use even after 3G is discontinued. But GSM networks are confronted with the difficult task of adapting to the new operating environments. The […]

GSM and LTE, 2 technologies in 1 base station

Post Syndicated from Yate Team original http://blog.yate.ro/2015/10/06/gsm-and-lte-2-technologies-in-1-base-station/

LTE for bandwidth and GSM for voice are a match made in heaven for subscribers. The roll-out however, not so much. Running them both from the same radio equipment (BTS) can be the answer. SatSite can run both YateBTS (GSM) and YateENB (LTE) at the same time, in the same spectrum, using the same radio […]

A forecast on the evolution of radio access networks

Post Syndicated from Yate Team original http://blog.yate.ro/2015/09/22/a-forecast-on-the-evolution-of-radio-access-networks/

This month we participated at an active antenna workshop in Warsaw. The event was well attended by many RAN managers, strategists and planners from various mobile operators around the world. There were also a large number of radio head and eNodeB, antenna, semiconductors and materials and test equipment vendors. Crowded towers There was a lot […]