Skip to content

FBI wants Congress to mandate backdoors in tech devices to facilitate surveillance

In response to announcements by Apple and Google that they would make the data customers store on their smartphones and computers more secure and safer from hacking by law enforcement, spies, and identity thieves, FBI director James Comey is asking Congress to order tech companies to build their devices with “backdoors,” making them more accessible to law enforcement agencies. Speaking at the Brookings Institution last Thursday, Comey said that police need new legislation to help them apprehend criminals who use encryption to hide incriminating evidence. “The FBI has a sworn duty to keep every American safe from crime and terrorism, and technology has become the tool of choice for some very dangerous people,” Comey said. “Unfortunately, the law hasn’t kept pace with technology, and this disconnect has created a significant public-safety problem.”

The 1994 Communications Assistance for Law Enforcement Act (CALEA) forces telephone companies to build surveillance technologies into their networks to allow law enforcement to install wiretaps. The law has not been updated and it does not apply to new technology including online forms of communication.

Privacy advocates predict that few in Congress will support Comey’s quest for greater surveillance powers. “I’d be surprised if more than a handful of members would support the idea of backdooring Americans’ personal property,” Senator Ron Wyden (D- Oregon) said.

In June, the House voted 293-123 to slash funds for National Security Agency projects that build vulnerabilities into security products, a sign that Congress is far from passing new legislation that makes U.S. tech products more vulnerable to hacking.


Take away Message:

* Backdoors in security will allow everyone to access your data, including journalists (Murdoch case) and divorce lawyers.

* Backdoors will destroy the US tech giants – and they know this.

* Google’s lobbying fund at Congress has just surpassed that of Goldman Sacks – which indicates a “fight to the death” by the Tech Giants.

* If the FBI win this debate – boycott all US products from Google, Apple, Microsoft, as you’re being wiretapped.

10 Minute Emails – How to get private emails

Have you ever given over your email address in a minute of lapsed judgement, and then the company has spammed your account with useless daily messages.  Soul destroying isn’t it!

Step 1 – Auto generate a 10 minute email

This will generate a fake email that works, for 10 minutes.

10 minute emails

Step 2 – Get an extra 10 minutes

Just in case the email “response” doesn’t come through, you can click to get another 10 minutes.

10 minute messages

Step 3 – Watch your email get Destroyed

10 minute email destructed

Poof!  No more junk email.

Take away message

Don’t give our your private email.  Use a junk email address that lasts 10 minutes.

It’s FREE!!


KALI – BASH Steampunk Scripting – How to automate Bash Scripts

BASH automates tasks, and Steampunk looks so cool, that we’re merging both together to get “Steampunk Scripting”.

Step 1 – Create the script

cat > steampunk

echo “Whatever text you feel like.”

Ctrl +d

bash cat steampunkNotice that wen you create the cat file, the cursor moves down to a new blank line, and that there is no prompt on that line.  Enter your echo “text” and then hit ctrl +d.

Think of ctrl +d as meaning “done!”.

Step 2 – Run the script

bash steampunk

kali bash scripting steampunkStep 3 – Add some commands to your script

You can easily “append” or “add to the end” of your script with the command >>

cat >> steampunk

Try adding these commands to your script, add each command one at a time.  End the script with ctrl + D, then run bash steampunk.


ncal -w


who -q

bash add to cat

You’ll quickly see why cat can’t be used for major automation….

So switch to nano or leafpad to correct any typos, as both are installed on Kali.

Step 4 – use nano to edit a script

nano steampunk

bash nano steampunk fileMake your edits… now these next 2 steps are really important.

To save a file in nano we use Ctrl + O

To quit = Ctrl + X


Here’s my amended steampunk script (viewed in nano).  I’ve hit ctrl +o to save.

bash nano amended fileHere’s the amended script when I run “bash steampunk”

bash nano amended steampunk outputwho -q = will tell you the number of users on a system…

That’s it.  That’s all automation starts with.  Shell programming can read input and prompt the user, as well as offering menu’s to the user.

But that’s for another lesson.  Oh, okay, lets do it now.

Step 3 – How to read input from a user

This reads the user input, secondly stores this input as a variable {users}, which thirdly, can be accessed using echo $users.

echo -n “Ask your prompt question?”

read users

echo $users

bash read script

The output looks like this

bash read values

Step 4 – Use a Prompt String

So what is this about?  Well with this format, we can read in multiple values from the user, save them into the default variable, called $REPLY.  We can then use echo $REPLY.

read -p “Prompt question to user? > “

echo “REPLY = ‘$REPLY’ “


Lets try it out.

bash prompt output

So we can read in single or multiple values.  We can save the input as a variable, and reuse that variable in our scripts.

Here’s the multiple values in action.

bash prompt multiple values

Bash Lesson 2 – How to create a timed lock out for a top secret password

Malta – Winner of Hackathon

Congratulations to David for winning the Hackathon.

I recently had the opportunity to participate in (and win as it turned out…) the Malta Information Technology Agency (MITA) Hackathon, organized by TrustedSec.

Here’s his suggested reading list.

Interesting Articles and Links:


Happy Reading!!

KALI – How to adjust Date, Time, Keyboard to British, European and Global Date Formats

American’s tend to forget that their date format is ONLY used in America, the rest of the world uses the British/European date formats. This could have serious repercussions for manufacturing or sales orders.  So how do we reset the Date format for the global community?

1. British / European / Global formatting for Dates

The date command displays or sets the system date and time.  If using a global system I would recommend the use of the three letter month to avoid any confusion.

date +%d = two digit day

date +%h = three letter month

date +%m = two digit month

date +%Y = four digit year

So the British date format would be:

date +”%d %h %Y”

kali European Date format

Step 2 – Change to UK British English Keyboard

Root (Far Right – at the Top)

System Settings (like control panel in Windows)

kali system settings


 kali keyboardLayout Settings

kali keyboard layout

Language Tab (the first tab) > British English

kali british englishFormats Tab (2nd tab)

UK English = this will set the £ characters etc for currency

kali uk formatIn order to prevent the US keyboard layout… I jettison the option and use

English UK with WinKeys

English UK

kali uk only keyboardHere’s the £ symbol and speech marks from a UK keyboard

kali uk with winkeys keyboardUnder root > system settings > Region

Select English UK

Date & Time

Kali defaults to EDT… set to European time.

Under root > system settings > Date and Time

Select Europe > Select city eg “London”


kali date and timeTest the date settings.

Enter date

Here we see “BST” or British Summer Time – you’ll note that date is still producing the US formatting, not the Global formatting… someone will have to write a note and explain to Americans that their date formatting does not apply to the rest of the global economy.

kali time set twice

Nasty SSL 3.0 vuln to be revealed soon – sources

Gird your loins, sysadmins: The Register has learned that news of yet another security vulnerability – this time in SSL 3.0 – is probably imminent.

Maintainers have kept quiet about the vulnerability in the lead-up to a patch release, which is expected in in the late European evening, or not far from high noon Pacific Time.

Details of the problem are under wraps, purportedly due to the severity of the vulnerability. El Reg cannot confirm whether or not it is indeed a serious bug as we have not received details of the vuln.

To that end, it is unknown what platforms were impacted, but as SSL is very widely used, any flaw will require plenty of urgent attention – and probably be unwelcome news to a tech community already reeling from the recent Shellshock vulnerability in Bash and the Heartbleed flaw.

The SSL flaw won’t be the only thing keeping security bods and system administrators busy. A dangerous worm has been discovered exploiting a zero-day flaw (CVE 2014-4114) in all versions of Microsoft Windows and Server 2008 and 2012.

VPN – Warrant Canary – How do you know if a warrant has been issued against your VPN?

In these dark days of government surveillance, kangaroo FISA court orders, and the Patriot Act, how can you trust your communications are not subject to a court order?  The answer lies in using a VPN.

Warrant Canary

Some VPN providers issue a “Warrant Canary”.  This means they will signal to you if a warrant has been issued.  Here we examine the “Warrant Canary” system of IVPN.  IVPN are a VPN provider who promise to shut down their services and relocate, rather than co-operating with surveillance.  This is their system.

Step 1 – IVPN will confirm that no warrants have been served or assets seized

ivpn warrant

Step 2 – Headlines from a Newspaper to “time” the message

ivpn warrant 2

Step 3 – EU Data Protection – No PII  – Personally Identifiable Information

ivpn warrant 3

IVPN promise to shut down and relocate if they are ever forced to log you.

That’s one heck of a commitment.

In addition they operate the “Warrant Canary”; if pressure is applied to them, you’ll know about it, as the “Canary in the Coalmine” will warn users.



Which is the safest VPN on the market? Who do I use for a VPN?


Japanese court orders Google to remove harmful search results – RT

The Tokyo District Court ordered Google Thursday to remove over 100 search results that had invaded a man’s privacy by alluding to crimes he may have been involved in and other criminal activity, in a similar verdict to Europe’s right to be forgotten.

Judge Nobuyuki Seki said in a document obtained by the Kyodo News Agency, a non-profit Japanese news agency, that some of the search results did “infringe” the man’s “personal rights” and that “Google, which manages the search engine, has the obligation to delete them.”

The man requested an injunction in June saying that information being trawled up in search results was related to events which took place more than ten years ago and that his life had been threatened as a result of the reports of his alleged inappropriate behavior.

Judge Seki said the man had suffered “actual harm” and an infringement of “personal rights” and ordered the web giant to remove about 120 of the 230 search results.

Although the judge did admit that Google “plays an important role so that the internet can be used effectively.”

The man’s lawyer, Tomohiro Kanda, said he thought this was the first time such a court ruling has been made in Japan.

Tomohiro said the case came under Japanese privacy and defamation law, but the ruling also considered the “right to be forgotten” ruling in Europe in May in which the Court of Justice of the European Union ordered Google to remove the personal data of a Spanish man so that it didn’t appear in web searches anymore.

Take Home Message

- The Right to be Forgotten (now called the Right to Erasure) is critical to the safety of the data subject

- Results that are kept “forever” are disproportionate and harmful to a data subject.

- In real life, if you go bankrupt, you are allowed a current account and credit card after so many years.. with the “forever” nonsense from Google, you’d never be given a second chance.  We all need to wipe the slate clean at some point… and the Right to be Forgotten allows you to move on from losing a job, bankruptcy, or some other traumatic event.  The person or “Data Subject” must come before the profits of Google.

How to repartition a USB stick on Windows 7 using Diskpart – The Visual Guide

Windows Diskpart will reformat a USB drive and repartition it.


Step1 – Open CMD with admin rights


list disk

(it is important that you find which disk is the USB drive – check the space)


select disk x (where x is the USB drive)


disk part 2

create part primary

select part 1


disk part 3

format fs=fat32 label=”SMILE USB”

It’s slow so just leave it run.

That’s it.

disk part 5


Get every new post delivered to your Inbox.

Join 160 other followers