depicus

changing the digital world one bit at a time...

Blants (noun) the rants of a blogger

  1. Funny Spam Emails

    January 15, 2019 by The Man

    Sometimes they are just so funny and I copy/paste so anybody can Google the Bitcoin address if they aren’t sure, yes it’s a scam and a poor one at that.

    Dear Diane Regnier

    Yоu mаy not knоw mе and yоu аre prоbablу wоndеring why yоu are gеtting this е mаil, right?
    I’m a hacker who сrасkеd yоur dеvices а few mоnths ago.
    I sent you аn еmаil frоm YOUR hаcked accоunt.
    I setup а malwаre оn thе аdult vids (pоrno) web-sitе аnd guess whаt, уou visited this sitе tо havе fun (уou know what I meаn).
    While уou wеrе wаtching vidеos, your internet browsеr stаrtеd out functioning as а RDP (Rеmotе Cоntrol) hаving a keуloggеr whiсh gаvе mе acсеssibility to уоur sсrеen аnd web cam.
    aftеr that, my sоftwаrе program obtаined аll of yоur сontacts аnd files.

    Yоu enterеd а pаsswords оn the websites yоu visited, аnd I intercеpted it.

    Of coursе yоu can will сhаngе it, or аlrеady changed it.
    But it doesn’t matter, mу malwarе updated it evеry time.

    Whаt did I do? 
    I crеаtеd a doublе-sсrееn videо. 1st pаrt shоws thе video you were watсhing (уоu’ve gоt a goоd tаste hahа . . .), аnd 2nd pаrt shows the reсording оf уоur web cam.
    Dо nоt trу tо find аnd dеstroy my virus! (All your datа is аlrеadу uploаded to a rеmote server)
    – Dо nоt try tо contаct with me
    – Vаrious sеcurity sеrviсes will not help уоu; fоrmаtting а disk оr destrоying a dеviсе will not hеlp еither, sincе уоur datа is alrеаdу оn а remоtе server.

    I guаrantee yоu thаt I will nоt disturb уou аgain аftеr paуmеnt, аs you are nоt my singlе viсtim. This is а hасker соde of hоnоr.

    Dоn’t be mаd at mе, еverуonе hаs their own wоrk. 
    еxactlу what should уou do?

    Well, in mу оpinion, $795 (USD) is a fair priсе for оur littlе seсret. Yоu’ll makе the paуment bу Bitсoin (if уou dо not know this, searсh “hоw to buy bitcоin” in Goоgle).

    Mу Bitcоin wallеt Address:
    1KpioVDQJ47uQ8vepwwtaKDwUpyWLXV8cJ

    (It is сAsE sеnsitive, so соpy and pаstе it)

    Importаnt:
    You hаvе 48 hоur in order tо make thе pауment. (I’ve a facеbооk piхel in this mаil, аnd at this momеnt I know thаt you have reаd thrоugh this еmаil mеssage).
    To track thе reаding of а messаgе аnd thе actiоns in it, I usе the fасeboоk piхel.
    Thаnks tо them. (Everything that is usеd for thе authоritiеs сan hеlp us.)
    If I do not get the BitCoins, I will cеrtаinlу send out your vidео reсоrding to аll of yоur cоntасts inсluding rеlatives, соworkers, аnd sо оn. Hаving said thаt, if I receive thе paymеnt, I’ll dеstrоy the videо immidiatеly.
    If yоu nеed evidenсe, rеply with “Yes!” аnd I will сеrtainlу send out your vidеo rеcording tо your 6 cоntaсts. It is a non-nеgоtiаble оffеr, that being said don’t waste my personаl time and уours by respоnding to this messаge.


  2. Joint Waste Solutions – Piss Poor Security & Why Amey Nor Surrey Heath Borough Council Care

    June 14, 2018 by The Man

    I come across a few web sites with errors or issues and normally I’ll eventually find somebody to report those errors to and some are great, will fix and thank you, others will just fix and some never bother and their sites still have issues but the vast majority are not so piss poor secure I just move on. I don’t need to be thanked just for them to fix their sites.

    So over a month ago (may 2018) I came to https://www.jointwastesolutions.org so I could sign up for green waste collection, all pretty mundane until I tried to register on the redirect at https://jointwastesolutions.amcsgroup.com and it threw an error. Of course anybody who has ever worked with Windows, IIS and ASP.NET the first thing you should do is make sure custom errors are turned on, indeed they are now by default so somebody has gone out of their way to make the site less secure.

    The main reason for turning on custom errors is that without your site exposes information. In this case we can see that the site is running ASP.NET v4.6.1 which is currently 4 version out of date. It also shows that the server is using Windows 2012 which is “End of Life” in October 2018. So outdated software on a server running a nearly EoL operating system. A quick scan of the server shows it may not have been rebooted for over 400 days – so no Windows Updates !!!

    Well then let’s just hope it was set up securely….

    Nothing has been done to even remotely secure the server which leaves it open to all sorts of compromises e.g. cross site scripting. As you can see this cloud based server fails miserably.

    https://securityheaders.com/?q=jointwastesolutions.amcsgroup.com&followRedirects=on

    But at least it’s using SSL I hear you cry…. yes but much like the proverbial chocolate fireguard it’s so poorly configured as to make it almost pointless. It still uses SSL v3, is vulnerable to DROWN and POODLE, supports piss weak encryption. Now I never got as far as being able to put in credit card details or even bank details but this is clearly not PCI-DSS compliant.

    https://www.ssllabs.com/ssltest/analyze.html?d=jointwastesolutions.amcsgroup.com&latest

    You’d think that a company would be happy for somebody to quietly point out their errors but so far other a month I’ve been told by Amey’s social media team that they would pass on the information, and when nothing happened they just ignored me. Surrey Heath Borough Council originally told me as this was reported before 25th May 2018 it was not covered by the GDPR !!! So I emailed both data protection officers with the information and Amey have yet to reply and SHBC have sent two holding emails.

    I’m still trying to get to the ICO https://ico.org.uk but they seem very busy – let’s hope somebody else doesn’t or hasn’t found this childishly comically configured server. Personally I’d treat the server as compromised but then I’m averagely good at my job.


  3. Carphone Warehouse Review

    June 11, 2017 by The Man

    I wonder why Craphone Warehouse wouldn’t publish my review ?


  4. depicus is https now thanks to letsencrypt.org

    December 3, 2015 by The Man

    If you haven’t heard of letsencrypt.org they are “Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open”

    Basically they will issue ssl certs for web sites free and in milliseconds, and here’s how.

    1. Get hold of the letsencrypt program

    git clone https://github.com/letsencrypt/letsencrypt
    cd letsencrypt
    ./letsencrypt-auto --help

    Then for me it was just a question of running

    ./letsencrypt-auto --apache -d depicus.com -d www.depicus.com

    And within seconds we are https – cool as <3


  5. Delete Metro Apps from Windows 10

    November 9, 2015 by The Man

    If you work in a SME and have had the pleasure of Windows 10 you’ll know that Metro (yes I know it’s not called Metro anymore) apps can be a pita and seem to have huge updates at regular intervals. 120+ mb per machine (no WUS for these apps yet) can take up a lot of valuable bandwidth and let’s not even get started about the security concerns. Indeed these apps seem to be designed with individuals in mind but not companies, I don’t want to log in with a Microsoft account just to update and secure these apps. So let’s just delete them.

    That should fix at least one of the problems with Windows 10.


  6. Change Postfix port number

    March 31, 2015 by The Man

    Sometimes you want to send out but not have every spammer try and send you rubbish on port 25 so changing to a non standard port helps with automated spammers.

    First edit the config file

    sudo nano etc/postfix/master.cf

    and find the line

    smtp inet n – n – – smtpd

    and change to

    9876 inet n – n – – smtpd

    and then save and restart Postfix

    sudo service postfix restart

    then if you need to check simply grep

    netstat -tanp | grep 9876

    which should give you at least a line like this

    tcp 0 0 0.0.0.0:9966 0.0.0.0:* LISTEN