Author Archives: scriptjunkie

Record numbers of people have been in the market for a house this past year. Now working at home, I also bought a house, with an office. Finding one in this market was frenzied, but I spent as much time trying to figure out the best financing arrangement as picking the house. Every mortgage calculator […] Continue reading Covert credit calculation communications→

Not long ago, a well-known games developer posted the following horror story: I have used and been burned by a number of Google services over the years but certainly didn’t think that attitude would extend to GMail. Yet it apparently has, and even to high profile users, which I am not. I’m also a bit […] Continue reading Moving Off Google→

While stuck at home I wrote a simple Linux tunnel (“VPN” but not encrypted/authenticated) in 100 lines of Rust. This is a PoC, not an OpenVPN replacement; just sending the IP layers and above over UDP. Specifically, it creates a tun device, enables the device, sets the device’s IP and netmask, and forwards packets in […] Continue reading rustun – Virtual Not Private Network in 100 Rust lines→

Cell phone video has been a major game changer for society as a whole. While the vast majority of uses have been mere conveniences, and some have been negative, some have also been critical as evidence to document acts of aggression, violence, and other abuses. Innumerable attempts to cover up despicable behavior would never have […] Continue reading Stream Securely: Simply and Privately Preserving Live Video Evidence→

Recently at the 36th CCC, Moxie Marlinspike gave a talk claiming decentralized systems are unable to adapt and succeed and that centralized systems can meet the same goals better. Here’s why he’s wrong. Continue reading Dispelling Decentralization Doubts→

This is a text outline of the interactive version available here 1.1. No. Authors of such software should decide for themselves what the best release policy should be 1.1.1. Pro: Authors of security tools are in the best position to make judgements on whether to share and how much, and routinely do 1.1.2. Pro: Pissing […] Continue reading Should there be restrictions on the release of hacking tools?→

Interface Identifiers (IID’s) are used to obtain function tables to call most methods of COM objects. In source code, a name like IID_Column will be used, but when this is compiled, the binary will only have the corresponding GUID like {FD1C5F63-2B16-4D06-9AB3-F45350B940AB} embedded in the binary. When reverse engineering it is often unclear what IID a […] Continue reading Interface Identifier (IID) list→

I recently saw a quote on Twitter along the lines of “I couldn’t be in threat intel because I’d get too carried away, go too far, and end up calling some hacker’s mom.” I had to laugh since I can relate. It is easy to get carried away and you can find a lot of […] Continue reading Signed Malware→

ProtonMail just recently (yet briefly) bragged about shutting down a phishing campaign that it was the target of by hacking back the phishing server… Earlier this year, a member of the US Congress (Rep. Tom Graves) proposed the “Active Cyber Defense Certainty Act (ACDC)” to amend US law to allow private entities, with mandatory reporting requirements to law enforcement, to conduct certain forms of hack-back… Following this proposal, discussion online exploded… My timeline was filled with “If people tried hack-back, this would happen!” but you don’t have to hypothesize. You can see what did happen in the myriad examples of hack-back in the real world. So below I assembled a list of publicly recorded hack-backs, with the results of each and reference to original sources. Continue reading Hack-back in the Real World→