Author Archives: scriptjunkie

In the past few days Signal groups exploded in the news with revelations that Signal groups are the primary “ICE tracker” channels, may have dispatched Alex Pretti to his fatal encounter with DHS, and are under investigation by the FBI. As groups frequently hit the 1000-member capacity, concern about infiltration is rampant. Key facets of […] Continue reading Tracking Signal Identifiers→

You’ll be happy when they can’t spy on you. ? ? ?‍?‍?‍? ? ? ? ? ? Schadnfreude is a new end-to-end encrypted, anonymous ID and IP-hiding, decentralized, audio/video/file sharing/offline messaging multi-device platform built for both communications and application security and performance. What does all that mean? Well what if you didn’t just hope your […] Continue reading schadnfreude→

Record numbers of people have been in the market for a house this past year. Now working at home, I also bought a house, with an office. Finding one in this market was frenzied, but I spent as much time trying to figure out the best financing arrangement as picking the house. Every mortgage calculator […] Continue reading Covert credit calculation communications→

Not long ago, a well-known games developer posted the following horror story: I have used and been burned by a number of Google services over the years but certainly didn’t think that attitude would extend to GMail. Yet it apparently has, and even to high profile users, which I am not. I’m also a bit […] Continue reading Moving Off Google→

While stuck at home I wrote a simple Linux tunnel (“VPN” but not encrypted/authenticated) in 100 lines of Rust. This is a PoC, not an OpenVPN replacement; just sending the IP layers and above over UDP. Specifically, it creates a tun device, enables the device, sets the device’s IP and netmask, and forwards packets in […] Continue reading rustun – Virtual Not Private Network in 100 Rust lines→

Cell phone video has been a major game changer for society as a whole. While the vast majority of uses have been mere conveniences, and some have been negative, some have also been critical as evidence to document acts of aggression, violence, and other abuses. Innumerable attempts to cover up despicable behavior would never have […] Continue reading Stream Securely: Simply and Privately Preserving Live Video Evidence→

Recently at the 36th CCC, Moxie Marlinspike gave a talk claiming decentralized systems are unable to adapt and succeed and that centralized systems can meet the same goals better. Here’s why he’s wrong. Continue reading Dispelling Decentralization Doubts→

This is a text outline of the interactive version available here 1.1. No. Authors of such software should decide for themselves what the best release policy should be 1.1.1. Pro: Authors of security tools are in the best position to make judgements on whether to share and how much, and routinely do 1.1.2. Pro: Pissing […] Continue reading Should there be restrictions on the release of hacking tools?→

Interface Identifiers (IID’s) are used to obtain function tables to call most methods of COM objects. In source code, a name like IID_Column will be used, but when this is compiled, the binary will only have the corresponding GUID like {FD1C5F63-2B16-4D06-9AB3-F45350B940AB} embedded in the binary. When reverse engineering it is often unclear what IID a […] Continue reading Interface Identifier (IID) list→