How I (cheated and) won a quiz

The quiz in question. In case anyone is not familiar with it. (attractive?) prizes to be won. A quick packet capture revealed that the questions could be found here in JSON format. This is what is looked like. Interesting that the answers were included even through "marking" was done only ...

Immigration checks

Earlier today, some MD of a security firm on channel new asia commented that it is impossible to check every single passport against the list of stolen passports due to the time needed to search the database. Such stringent checks would result in massive holdups at checkpoints. Therefore, apart from ...

Encryption and blackmailing

Just read something quite interesting here. Apparently, all the research put into mathematical algorithms is a double edged sword. Encryption can be used to deny the rightful owner access to his data. Fortunately, the attacker in this case made a mistake resulting in a 128 bit key that was easily ...

Singtel's 5012NV-002 vulnerability

Type: Open port Affects: Singtel's firmware on 2wire 5012NV-002 Version: (HW version: 2701-000808-004, SW version: 9.3.1.29) (Unable to ascertain if other versions are affected as I do not have access to the firmware) Severity: High Ease of exploit: Low Impact: Allows an attacker to gain access ...

bitcoin mining

Sometimes I just wonder if all the computing power put into mining bitcoins could instead have been put to better use crunching data for projects such as folding@home or seti@home. Instead, these complex calculations to mine bitcoins serve no practical purpose. While I understand the rationale behind these ...

new server!

Recently, my server has been overloaded quite badly (load avg averages at 1.5) due to the amount of services I am running on it. (unbound, cron, lcd, apache, git, motion, mysql, lighttpd, minidlna, samba, deluge, openvpn, owncloud, squid). The torrent daemon and web interface along with streaming 1080p over ...