Tag

howto

Browsing

Food Hacks on eight reasons why you should never throw away eggshells, primarily because they have additional uses you probably never thought about:

2. Make Your Coffee More Drinkable< Do you hate how bitter your morning cup of coffee is? Here are two pieces of advice: read our coffee primer, and add crushed up eggshells to the grounds when you brew your cuppa.

I know, I know: it sounds weird and gross. But the eggshells serve to clarify the coffee, which helps reduce the bitter taste (and they add no taste of their own). However, make sure that you’re using eggshells that have been washed (note: in America, all eggs are washed before being sold).

なるほど. Who knew?

This is more as a reminder for myself than anything, but if you want to know howto opt-out of Tynt, a crappy piece of advertising and tracking technology, then this is how you can turn that shit off. If you use multiple browsers, you will have to hit the site in each one to turn tracking off.

Not sure what Tynt is? Chances are you have run across it in your travels on the internets but just never realized or recognized Tynt. If you have ever copy-and-pasted content from the web and seen the “if you would like to read the full article, visit {link}”, that is Tynt. It is a method for publishers to track visitors, and simultaneously annoy the hell out of people by adding unnecessary poop to the clipboard.

Tent looks something like this when you copy-and-paste from a web-based publisher using their crappy Javascript application:

Tynt is the worst piece of web software on the market today.

Read more: http://jark.us/1BzTXIt/#abcde01234

Another simple, system-wide method to turn off tracking is to modify your hosts file so the important Tynt host is no longer reachable. You can do that by adding this simple line:

127.0.0.1 tcr.tynt.com

Theoretically, this should prevent Tynt from working on your system no matter which browser you use. It is probably a good idea to add this hosts file entry and use the aforementioned opt-out method.

I had been meaning to turn Tynt off for quite some time but was just plain lazy until recently. Now that I know how, I wanted to both put this here as a reminder for myself for the future, as well as help anyone else in need of this information.

SANS explains hands-on hacking industrial control system protocol Modbus/TCP and its use with traffic lights as part of a hands-on lab experiment during the Kinetic Cyber Range class:

Part of our goals in writing the SEC562 course is to provide hands-on experience understanding the security of ICS protocols such as Modbus/TCP, CIP, PROFINET, DNP3 and others. This is done through the completion of several missions, where the team of analysts has a defined goal, and has to use offensive or defensive skills to achieve the stated goal. In the case of the traffic light mission, the team has to hack their way into the CyberCity Department of Transportation (DoT) network, pivot from publicly accessible systems to restricted access systems, and use the compromised host to deliver custom a Modbus/TCP exploit that manipulates the traffic light patterns.

I’m biased, but I think these missions are SUPER FUN. Challenging, for sure, but a great opportunity to learn about a whole new realm of interesting protocols (ICS and related technology) that allow you to use hacking to interact with the kinetic world, manipulating systems that move or control things that move (like…traffic lights!). The class itself is 80% hands-on, 20% lecture, so you spend much more time DOING than listening…and falling asleep after eating too much lunch (been there).

In this article, we’ll take a peek at the Traffic Control CyberCity mission. I’m not going to give away everything, but we’ll take a look at how we can combine useful reconnaissance and information gathering, web attacks, privilege escalation, pivoting, and Modbus/TCP exploits effectively.

A very exciting article eloquently explaining the process so just about anyone can understand what is happening. This should be useful for both IT and OT personnel.

If you ever need to know, or ever have to help someone else, here is a list of steps to take to delete old iCloud backups and free up space on your various Apple mobile devices:

When a device is set to backup to iCloud, Apple automatically backs up data and settings stored locally on the particular device; it does not create a backup of data already stored in an iCloud account via Mac or iOS apps (as of iOS 8.1, that includes iCloud Photo Library, shared photo albums, My Photo Stream, documents, contacts, calendars, mail, bookmarks, and notes). iCloud backups include purchase history from the iTunes or App Store, app data, home screen and app organization, iMessage/SMS/MMS text messages, device settings, and visual voicemail on an iOS device.

The problem is, if users have multiple devices, old iCloud back-ups can quickly fill up their storage — particularly if they’re on the free 5-gigabyte tier.

This is a good link to keep handy just in-case. I have used this so many times that at this point the steps are committed to memory.

I recently ran across this article discussing how to make the perfect salad dressing and decided I need to give this a shot because it seems just way too stupid easy:

Let’s be honest here, the only thing many of us really care about when it comes to salad is the dressing. That’s where all the flavor is, and that’s what makes a salad memorable. Heck, that’s often what makes salads edible.

But if you don’t make your own dressings, you’re stuck with the store-bought versions that are full of unnecessary sugar, cost way more than they should, and aren’t even that good. What’s a salad eater to do? The answer is easy: Learn how to make dressing. It’s way easier than you think.

Basically, a homemade dressing is just a mixture of oil, acid (such as vinegar or citrus), and flavor in the form of fresh herbs or spices. It’s really that simple. But don’t take our word for it, let the infographics below walk you through the process of becoming a dressing-mixing genius.

What is awesome about this approach is it both saves money and you get a much better tasting, fresher, and chemical-free salad dressing. Nothing compares to homemade food, and apparently salad dressing is no exception.

Here is an example of one of the few infographics explaining how easy it is to make great homemade salad dressing:

ACN_Salad-Dressing_Infographic

Looks easy enough, right?

I am going to give this a shot because I am quite positive I can make a decent tasting homemade dressing using some balsamic vinegar. “Change your salad life” is the motto I plan to follow.

Asher DeMetz of Forbes on the three best hacking techniques to create a security breach:

I find that good, law-abiding citizens are fascinated by what I do. I’m a penetration tester, a.k.a. “white hat” or “ethical” hacker. In other words, companies hire me to break into their systems for a living to demonstrate where there are vulnerabilities. (I can’t believe I get paid for doing this!) If you want to avoid a cyber security breach at your company, I recommend that you understand – and guard against – three hacking techniques that your enemies (the “black hat” hackers) use every day.

First, let’s set the stage. Let’s say that your company is Big Boxes 4U, a major mass-market retailer with more than 1,500 locations in the United States. Your innovative designer partnerships, high-quality product mix, and great customer service have earned you a loyal customer following.

You capture customer information every day at the point of sale, including both in-store and online purchases. The result is a central database that houses a collection of valuable customer information that gives insight into how your customers shop, what they buy, and what products and services they prefer. Just as you value this information, so do hackers. Here’s how they create a cyber security breach.

This is a good, quick read for those who do not really understand hacking techniques and how malicious actors perform some of their cyber operations. It is fairly standard fare if you already are in the industry, but educational if you are unaware of the simple tradecraft.

Dann Albright of MakeUseOf explains how DNS leaks can destroy anonymity when using a VPN, how to diagnose such leaks, and what you can do to prevent DNS leaks:

Usually, DNS servers are assigned by your internet service provider (ISP), which means that they can monitor and record your online activities whenever you send a request to the server. When you use a virtual private network (VPN), the DNS request should be directed to an anonymous DNS server through your VPN, and not directly from your browser; this keeps your ISP from monitoring your connection.

Unfortunately, sometimes your browser will just ignore that you have a VPN set up and will send the DNS request straight to your ISP. That’s called a DNS leak. This can lead to you think that you’ve stayed anonymous and that you’re safe from online surveillance, but you won’t be protected.

Obviously this is not good. So let’s take a look at diagnosing and stopping it.