Root for HDD: expanding the HDD standard capabilities

The high fidelity positioning, data density and such other intricacies characteristic of modern HDD can be the subject matter for a great many articles, but we are not going to explore the disk mechanics or process physics profoundly, let’s focus on the most interesting component for us — electronics, instead.

Read full article →


In the Depths of iCloud Keychain

 iCloud 101

In fact, the iCloud is not a single service but general marketing name for a number of cloud-based services from Apple. These include the syncing of settings, documents and photos, Find My Phone to locate lost or stolen devices, iCloud Backup to backup your data to the cloud, and now it’s also iCloud Keychain for secure syncing of passwords and credit card numbers between iOS- and OS X-based devices.

Read full article →


Tails, invisible Linux distributive

At first, it is worthwhile to give a brief list of main software components included in the kit:

  • core 3.12 — it is rather fresh, even though new core versions are being coined now nearly every month;
  • Vidalla 0.2.21 with Tor 0.2.4.21 — it is also the latest product;
  • GNOME 2.30.2 — yes, Tails still has not abandoned the old good second GNOME;
  • as a browser, Iceweasel is used with standard plugins for anonymity — Torbutton, FoxyProxy, Adblock Plus, and NoScript.

Read full article →


Getting started with Foreman

Today, there is a great number of available tools allowing quick OS deployment and configuration, status monitoring and maintenance of the desired configuration. Here, the absolute leader for Win is SCCM. While full-featured analogues for *nix have just started to take on momentum. Nowadays, an administrator has to cope with a variety of tools and each of them performs its own role. This is convenient for development, but greatly complicates the support, while the results are not quite obvious. Foreman project, to be more precise, The Foreman is, in fact, an add-on for some open source solutions, which provides system management throughout system lifecycles from deployment and configuration to monitoring (Provisioning, Configuration, Monitoring). With it you can easily automate any repetitive tasks, manage changes on thousands of servers located on bare hardware or in the cloud, monitoring their status. The concept of server groups “config group” allows giving commands to multiple systems regardless of their location.

Read full article →


Let’s code for Leap Motion!

After the release of Kinect sensor, in the wake of its success, other non-contact motion control devices began to appear. Kinect was the basis for the growth and development of the market for such devices: Investors have seen the prospects and understood the value of investing into gesture control devices. However, the most significant and successful was the Leap Motion Controller. As its prototype, the latter version is based on motion capture technology. This device connects to the USB port; in size, it is like two flash drives put together. Technically, there is Leap device that captures the projection of the user’s hands in space by using two optical sensors (cameras) and an infrared light source (the developers do not exclude the possibility that the future versions of the device will have a different number of cameras).

Read full article →


Malware oddball: key aspects of atypical malware

If you think that the only possible variant for such a malware is a classic school-based .bat file with ‘format c:’ string inside, then you’re mistaken. The opportunity to automate various routine operations within the system with the help of .bat scripts has long grown into a full-scale trend for malware coding, for which almost all the anti-virus companies have rendered a special segment in their malware specifications.

Read full article →


Stuxnet DIY: malware for industrial automation concepts

I’d like to make a reservation right away that the vulnerabilities considered in the paper are typical virtually for all PLC types rather than only for PLC Delta DVP–14SS211R, which we will study. And these are not misses of a certain particular manufacturer but it is a sort of fundamental problem being the heritage of the time when the simplicity of implementation and economic expediency dominated rather than information safety and a threat of tampering.

Read full article →