News items for tag english - Koos van den Hout

2022-08-11 The summer bitcoin extortion scam
Cybercriminal Summertime is also time for some extortion scamming... this one just in:
Hi. How are you?

I know, it’s unpleasant to start the conversation with bad news, but I have no choice.
Few months ago, I have gained access to your devices that used by you for internet browsing.
Afterwards, I could track down all your internet activities.

Here is the history of how it could become possible:
At first, I purchased from hackers the access to multiple email accounts (nowadays, it is a really simple thing to do online).
As result, I could easily log in to your email account

One week later, I installed Trojan virus in Operating Systems of all devices of yours, which you use to open email.
Frankly speaking, it was rather straightforward (since you were opening the links from your inbox emails).
Everything ingenious is quite simple. (o_0)!

..

Here is my bitcoin wallet provided below: bc1q82tvkvmzjzyqf60guqpxhcn2tuapqup35a9ldr

You should complete the abovementioned transfer within 48 hours (2 days) after opening this email.

The following list contains actions you should avoid attempting:
#Do not try calling police as well as other security forces. In addition, abstain from sharing this story with your friends.
After I find out (be sure, I can easily do that, given that I keep complete control of all your devices) – your kinky video will end up being available to public right away.
#Do not try searching for me – there is absolutely no reason to do that. Moreover, all transactions in cryptocurrency are always anonymous.
#Do not try reinstalling the OS on your devices or throwing them away. It is pointless as well, since all your videos have already been uploaded to remote servers.
As always: don't fall for these scams.

Earlier items about bitcoin extortion scams: Earlier, earlier, earlier, earlier, earlier, earlier, earlier, earlier, earlier (although I think bitcoin is generally a really bad idea and a huge scam)

Tags: , ,
2022-08-06 PGP key needs fetching from time to time
PGP lock logo Someone reported to me my PGP key was expired and whether I was still using it or I gave up on PGP/GPG.

I have an expiry date on my key, but I do update it from time to time when expiry nears. I now notice just doing a gpg --refresh doesn't update the expiry moment. The solution is to hard fetch the key. In the case of my home pgp key:
$ gpg --keyserver pgp.surf.nl --receive-keys 0x5BA9368BE6F334E4
This updates the expiry date(s) and the uids. If you have my key and it looks expired and/or still has an old e-mail address with kzdoos in it please do this now. Complete data at pgp.surf.nl: Search results for '0x5BA9368BE6F334E4' where you can see all the details including the revoked bits. Those revoked bits won't show up in normal use.

I know gpg and other pgp related software has to be designed to be really really secure up to the last bit, but some attention to user friendlyness could be a good idea if it's possible to confuse even experienced pgp users.

Tags: ,
2022-07-27 I was at May Contain Hackers MCH2022
Logo MCH2022 May Contain Hackers After I visited earlier Dutch hacker events HEU, HIP97, HAL2001, WTH2005 I missed HAR2009, OHM2013 and SHA2017. I can only say 'life happened' because my son was born in the interim and my interests changed.

In the beginning of this year I heard about the new planning for May Contain Hackers as the original plan was for 2021 and it was postponed due to covid-19. I started thinking about attending and when the opportunity to get a free ticket arose due to my links with Surf I got serious.

Life is still happening so I coordinated with the rest of the family whether I could be missed at home and for how long. The result was that I would go Friday evening until Tuesday afternoon and I would go there by recumbent bicycle with the luggage trailer so the rest of the family could use the car.

The people from Surf set up our own village Village:SMRF next to Village:OS3. I slept in my own tent because I really want my rest at night and I want that rest at a somewhat normal schedule (not really a hacker schedule). I brought a 1-person tent, a sleeping bag, clothes, gear to make breakfast with tea and coffee, a smartphone with charger and a handheld radio with charger. Having to move all my luggage myself on the recumbent bicycle made me very selective in what to bring.

Aerial picture of MCH2022 from water, credit donar on twitter
Aerial picture of MCH2022, links to larger version
I went to several talks spoke a number of well-known people, got to know new ones, saw people there I didn't expect and had a good time.

What I really enjoyed was the friendly atmosphere. One aspect of that caught my attention: besides people with non-traditional clothing and hairstyles I saw several people who looked like they were somewhere in a gender transitioning process. They felt free at MCH to be themselves. One person responded to me when I shared this observation: "I saw more LGTB flags here than at Pride in Amsterdam".

Also MCH was really non-commercial. Mentions of the sponsors were minimal and never in-your-face.

The weather cooperated a lot! It might have been quite different with bad weather. There was some rain before Friday so I saw mentions of "Mud Contains Hackers" on twitter. Saturday and Sunday were hot, Monday was cooler. Tuesday started with rain and some more showers, so my tent wasn't completely dry when I packed.

Cycling the 45 kilometers was fine. I used google maps for navigation (but with the smartphone not visible, just the instructions on my earbuds). I had to stop several times to check the screen to check the instructions and sometimes google came up with weird things. I had it set up for cycle navigation but it still said to take three-quarters of a roundabout to go left while the roundabout allowed me to go from one cycling path on the left of the road to the other. It took me about 2 hours 45 minutes including stops for navigating and stops for drinking, eating and adding some water to nearby trees.

All in all I had a great time. I had my moment of "I am getting too old for this" but that faded and I really enjoyed myself.

List of talks I attended, with links to the place to view it online:

Tags: , ,
2022-07-20 I redid my 'recent QSO map' with leafletjs and openstreetmap tiles
Screenshot pe4kh qso map faroer island My todo-list for hobby projects has had an entry 'redo maps in sites using leaflet' for a while and on an otherwise calm evening I got around to it. The first thing to upgrade was the recent contact map for PE4KH which shows an overview of places where I had the last 150 contacts plotted on a map, with some details per contact.

I'm not good at javascript programming at all so I just look for examples that come close to what I want and I adjust them until they do what I want. Luckily I found some good geojson examples and I managed to get the points on the map. After a bit of massaging, trying and reading I managed to add the popup with the location. The next and harder bit was adding default and non-default icons. Eventually I got my brain wrapped around the bits needed for that too. After that the test version got deployed to production and you can look at it now.

Documentation and code snippets used: The main reasons for switching to leaflet are that google maps was limiting free access to maps although they seem to have mostly reverted this plan and I wanted to promote openstreetmap.

The general conclusion is that sites with maps do need regular maintenance, if hosted leaflet goes away or stops this version, if the rules for using hosted openstreetmap tiles change or if something else happens I have to adapt the site, maybe even quite fast.

Tags: , ,
2022-07-16 Trintelhaven revisited
Friday I had the day off and a plan together with Kees PA5Z to visit the location Trintelhaven again, just like we visited the location Trintelhaven in the summer of 2019.

This time the plan was to test some different antennas and make morse contacts. Driving there wasn't too big of a problem although you really have to use navigation to get through Lelystad, it's like through-traffic from the main highway (A6) to Enkhuizen isn't really promoted.

We got there fine, looked for a nice spot, found all the work machines we saw on the previous visit gone so there was a nice spot again. We selected a secluded field not to close to someone working on a boat, far away from everything else.

Endfed antenna set up at Trintelhaven
Endfed antenna set up at Trintelhaven
We set up my endfed antenna with one end up in the trees and the other end supported by a metal pole. On testing this antenna worked fine again. I redid all the soldered connections in it after it failed me a few weeks ago.

I called CQ in the 20 meter band in a spot where one can usually find slow morse and got some contacts with nice people in the log. One with SM6RWJ in Sweden, one with WB2YVY Kurt in the state of New York in the US and one with LA9FG Nol in Norway near Aalesund.

Kees PA5Z en Koos PE4KH behind the radio
Kees PA5Z en Koos PE4KH behind the radio
Kees also made some contacts. His nicest contact was with SK6SAQ the amateur radio station at the World Heritage Grimeton radio station. After a few morse contacts the radio Kees brought stopped working, it switched off and restarted when trying to transmit morse. It wasn't very clear what caused this.

As planned we took turns on the antenna sending morse, while both listening for answers and writing down the callsigns and the replies that came, including first names and weather reports: it was cloudy in Norway.

A nice day out. Sending standard messages and writing down what was coming back is getting easier after all our morse training!

Tags: ,
2022-07-14 Don't use mifare classic cards for stored value
More than 11 years ago I wrote about the Magna Carta card systems for access / payment and the use of the mifare classic (in Dutch). I found a strong statement on the Magna Carta website back then that using mifare classic for stored value was a really bad idea, since the encryption on the card is broken.

It's now 2022 and I read MIFARE Cracking about a company using a mifare classic for stored value which shows the steps from discovering what type of card that company uses to the option of manipulating the stored monetairy value on the card.

Found via Travis Goodspeed on twitter - A practical article on cloning a Mifare Classic employee badge to tamper with the snack machine.

Tags: , ,
2022-07-13 Adding pictures to the reports of our trip to Iceland
I created a flickr album Iceland 2022 - Our trip to Iceland in April/May 2022 and linking to the pictures from the right report was still kind of hard because it's a complicated bit of html with repetitions and chances of errors.

The solution: make the computer help me. The flickr API allows me to fetch data about an album and about the pictures in that album, so I spent an evening writing some perl to get links to all the pictures in the album with thumbnails.

Now most days of Complete reports of our trip to Iceland have been enhanced with pictures.

Tags: , , ,
2022-07-10 I participated in the IARU HF contest
CW contest filling the bands on a websdr This weekend was the IARU HF World Championship contest and I participated after fully planning this in advance. I made sure my contest logger was set up and communicating with the remote radio and its morse keyer in advance.

I participated on the 10, 15 and 20 meter bands. The original plan was to also include 40 and maybe 80 but there was enough to contact on 10 and 15 on Saturday evening, so I only got around to the 20 meter band on sunday. In total 182 contacts: 20 in SSB (speech) and 162 in CW (morse).
Band   160   80   40   20   15   10
QSO's    0    0    0   58   83   41
Mult     0    0    0   24   33   16
                                   
Pts: 586  Mul: 73 Score: 42778     
I managed to make a few contacts outside Europe, not a lot of real DX.

Calculation when entering the log: Raw Score: 453 Qpts x 73 Mults = 33,069 (181 QSOs) so there is a difference in opinion between TLF and the ARRL contest website. The difference in number of contacts is due to one duplicate. The difference in Qpts (QSO points) is due to a difference in the scoring rules. As the ARRL contest website is up to date with the current rules I think they are right and I need to have a look at the TLF ruleset.

Hearing and understanding the morse went ok, I don't think I have a high number of errors.

Tags: , ,
2022-07-07 First signals on the logic analyzer circuit
The logic analyzer circuit I ordered came in today with the test leads. Both the circuit and the test leads have pins so I need something to connect those two. So the crate with PC cables was ransacked and a floppy drive cable is now connecting the logic analyzer and the test leads.

The logic analyzer shows up in linux as usb device:
Bus 002 Device 008: ID 1d50:608c OpenMoko, Inc. Fx2lafw
Finding software was quite easy: pulseview indeed works out of the box, complete with support for this logic analyzer.

I had a look around for something to analyze and finally settled on the ESP32 based NTP clock because that's still on a breadboard and signals are available. I can see the bits flowing between the ESP32 microcontroller and the display module.

I'm still seeing some bits come in on unconnected testleads so I'm not sure I am doing everything right. But it's a start!

Tags: ,
2022-07-07 Upgraded the homeserver OS to devuan beowulf and replaced the UPS battery
A few days ago I noticed some interesting messages in the apcupsd log:
2022-07-04 10:14:15 +0200  Battery disconnected.
2022-07-04 10:16:24 +0200  Battery reattached.
2022-07-04 10:19:53 +0200  Battery disconnected.
2022-07-04 10:20:40 +0200  Battery reattached.
Checking the UPS statistics showed me the battery charge was dropping to about 7 % of the capacity while the mains power was available. Since the battery was over 5 years old I ordered a new one to replace it.

This battery was scheduled to arrive Wednesday at the start of the afternoon and I wanted to do an upgrade of the Linux distribution on the main homeserver conway anyway because devuan ascii is already 'oldoldstable' (but still getting updates).

The homeserver uses 2 disks with the main lvm volume in a raid-1. The /boot and /boot/efi filesystems are mirrored by hand with the idea to end with a working boot even when 1 disk is missing.

After the shutdown and replacing the UPS battery I switched the server on again and I was greeted by a grub prompt and nothing to boot. After a few tries I got the system booting again, after that I went searching for what went wrong. Eventually I found out the file /boot/efi/EFI/devuan/grub.cfg pointed at a missing filesystem. I found out the best way to fix this is with
# dpkg-reconfigure grub-efi-amd64
both with /dev/sda and /dev/sdb filesystems on /boot and /boot/efi.

I was hoping the complete upgrade made my rcu_sched problems go away which have caused serious problems before but they haven't gone away.

Again I see this in a virtual machine:
[62988.027890] rcu: INFO: rcu_sched detected stalls on CPUs/tasks:
[62988.036492] rcu:     0-...!: (1 GPs behind) idle=656/1/0x4000000000000002 softirq=592140/600579 fqs=0
[62988.036943] rcu:     (detected by 0, t=2 jiffies, g=2877673, q=701)
[62988.037327] NMI backtrace for cpu 0
But this time I see on the hardware:
[63178.224120] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x6 frozen
[63178.224211] ata1.00: failed command: FLUSH CACHE EXT
[63178.224255] ata1.00: cmd ea/00:00:00:00:00/00:00:00:00:00/a0 tag 3
                        res 40/00:01:06:4f:c2/00:00:00:00:00/00 Emask 0x4 (timeout)
[63178.224351] ata1.00: status: { DRDY }
[63178.224379] ata1: hard resetting link
[63183.576100] ata1: link is slow to respond, please be patient (ready=0)
[63183.696118] ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300)
[63183.696333] ACPI BIOS Error (bug): Could not resolve [\_SB.PCI0.SAT1.SPT0._GTF.DSSP], AE_NOT_FOUND (20180810/psargs-330)
[63183.696400] ACPI Error: Method parse/execution failed \_SB.PCI0.SAT1.SPT0._GTF, AE_NOT_FOUND (20180810/psparse-516)
[63183.696597] ACPI BIOS Error (bug): Could not resolve [\_SB.PCI0.SAT1.SPT0._GTF.DSSP], AE_NOT_FOUND (20180810/psargs-330)
[63183.696634] ACPI Error: Method parse/execution failed \_SB.PCI0.SAT1.SPT0._GTF, AE_NOT_FOUND (20180810/psparse-516)
[63183.696717] ata1.00: configured for UDMA/133
[63183.696732] ata1.00: retrying FLUSH 0xea Emask 0x4
[63183.696772] ata1: EH complete
which suggests to me I should try whether using a different channel from SATA1 would change things.

Tags: , ,

IPv6 check

Running test...
, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

RSS
Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: newstag.cgi,v 1.37 2022/02/15 21:48:19 koos Exp $ in 0.024777 seconds.