The Golden Key - TSA Locks and Encryption

Earlier this year, TSA master keys were leaked and ordinary folks were supposedly able to 3D print these keys and open any luggage with a TSA lock. Despite the huge uproar, I personally feel that it is not that big of a deal because Valuables go in hand carry, clothes go in luggage. Few people ...

Xenserver V2P Migration

I have using xenserver as my hypervisor for the past 6 months and have run a number of VMs on it. However, there were some deal breakers which led me to migrate back to running Ubuntu as the base OS and running the VMs in VirtualBox on top of Ubuntu. Lack of USB passthrough support - Can only ...

Verifying JS Integrity

Yesterday, a CDN was hacked and malicious JS was served to a number of domains. Most websites make use of CDNs to serve up JS so as to reduce page load time. How do we protect ourselves from such attacks? I posed a similar question on Sec.SE some time back. Subresource Integrity is a new ...

Adding hostnames or PTR records to piwik

If you are using piwik and desire to know exactly where your website visitors come from, this hack will allow you to display the hostname or PTR record beside the IP addresses on the piwik dashboard. The Ip2Hostname plugin logs down the visitor's hostname in an additional column but provides no ...

Negative space

Sometimes, the lack of information is valuable information. The Washington Post reports that according to unnamed current and former US officials, the CIA pulled "a number of officers" from the US Embassy in Beijing as a precautionary measure following the breach — precisely because their names ...

Hacking Dropbox Space Race (NUS Style)

Disclaimer This post is for educational purposes only. If you succeed in getting NUS banned from future Dropbox space races, you will singlehandedly incur the wrath of all current and future NUS students. Honestly, I couldn't care less. In 2012, students from MIT hacked dropbox space race by ...