danieljon.es

normal light dark no css
index blog opinions interesting git

Blog

Rambles about programming, technology and life.

prev 1 2 3 4 5 6 7 8 next
direct link

Simple server in C++/Qt

5/6/2015

I've been using sockets lately for serial communication between C++/Qt and my arduino. I figured I may as well try out a TCP server using sockets. It's quick and dirty, but pretty cool and holds many possibilities for projects. I connect via telnet in a running bash terminal - it doesn't actually do anything other than connect and communicate with each other.
post7_1


direct link

Phone SIM cards are easily exploitable and overly intrusive

27/5/2015

Phone SIM cards are easy to exploit and are overly intrusive

The life of an individual in 2015 is vastly different to that of other decades in the fact that everyone is lazy in some way or form; whether it be for work related purposes, or easy access to your social media accounts we all have a mobile phone that contains a piece of technology that is easily exploitable (taking advantage of software/hardware bugs/issues) and overly intrusive. Within our mobile phones, whether it be a smart phone or not, we have all conveniently placed an extraordinarily powerful and smart device that can allow a hacker to take complete control of your phone, a SIM card. A SIM (subscriber identity module) card1 is a piece of technology that everybody knows exists, yet hardly anyone can define what it actually does or how it works, they just know you need one to get onto Facebook; believe it or not the humble SIM card in your phone is a fully fledged computer and can host and run applications without your phone, thus yourself ever knowing. The alarming facts do not however end there; your phone, whether it be a 2005 flip phone, or the latest product from Apple with finger print identification to stop hackers allows your telecommunication providers, or in the worrying case, a hacker to run applications on your SIM card potentially allowing them to spy on your GSM2 traffic which includes your phone calls, SMS messages and Internet usage.

An eye opening speech3 by Karl Koscher and Eric Butler performed at Defcon 214 (an American based hacking conference) displayed, for the first time, the power and pure horror of what a SIM card is intentionally capable of doing when in the hands of a hacker. A single generic SIM card has the power similar to that of a basic Arduino5, with an alarmingly larger range of nefarious uses. These pieces of hardware contain an 8-bit AVR (micro controller, similar to a computers central processing unit), 256KB of ROM (program memory), 72KB of non-volatile (doesn't require power to store any data) EEPROM (flash based storage, this is where the SIM cards programming is stored), 6KB of RAM and operate at 20-30 MHz. These specifications, to anyone that has knowledge around computers and hardware are, to put it simply, astonishing; the possibilities of these devices are endless, and I can not exactly fathom how and why they have not yet been exploited on a large scale - as far as we know. As explained by Karl and Eric to modify and flash (upload your own code) a SIM card you need physical access to your victims card, along with some easily obtainable hardware to communicate with the card. However the flash based storage on most newer SIM cards can not be modified - so how can these devices be hacked in present day 2015? They explained that you must start from the beginning. Karl and Eric purchased blank SIM cards and flashed their own code onto them and gave them out to willing citizens who amazingly accepted free SIM cards, this was of-course a proof of concept operation and any recorded data was destroyed.

Unknown to many a programming language known as Java6 is found within most everyday pieces of hardware we take advantage of, especially those that have one main function such as a DVD player or the computer that controls the ice in a modern day refrigerator. A SIM card is no exception; these pieces of hardware run a variation of Java known as 'Java Card7'. This programming language creates applets (the final compiled version of your code) that leave a small memory footprint; perfect for the specifications of a SIM card. Oracle, the current owners of this software have released a free SDK8 (software development kit) to those of whom are interested in developing applets - this in theory is great for those of whom are interested in the technology and do not have the funds to purchase licences; it however allows malicious hackers to develop their own firmware for SIM cards that are intended to be distributed for free. SIM cards are given permission by the end users mobile phone to run applications both on the SIM card and devices background without the consent of the owner - this however is not an exploit or mistake; this is how GSM phones are designed and you are expected to have a legitimate SIM card. Early mobile phones are considered 'non-smart', this means only one thread/process can be run at any given time - think back to playing Snake on an old Samsung dot matrix phone, you are about to beat your personal high score when somebody calls you; your game is closed and score is lost. Due to a phone then being only single threaded your SIM card was important for processing incoming data such as phone calls and SMS messages, which would then alert your phone - this required a high level of permission and trust; sadly the technology and single-threaded 'mind-set' is still around today, even in modern day 'smart phones'. Try it for yourself; if you own an iPhone locate the menu item: settings->phone->SIM applications, if you are using an Android phone head to your application list and select the item "SIM toolkit" - these are applications that are currently installed on your SIM card and are running without your knowledge or permission. Having a malicious SIM card inserted into your phone will allow a hacker to run their own applets and intercept any incoming GSM data. Once you have an exploited card there is nothing that can be done with the exception of getting a new card - do not accept SIM cards from anyone unless they are behind a cash register and chewing gum; but you can not really trust them either.

The story of the exploitable SIM card will however not come to an end any time soon; they are simply too convenient to swap and replace and work exceptionally. Even with the chillingly confronting information provided, you as the audience will not cease to use the seemingly humble SIM card and ironically I myself will not either: we are the problem and the solution, we must want things to change before they actually will. However lets be honest, who actually cares about the alarming state of SIM card hacking, our service providers do not as the technology has not changed since the mid 1990's, you probably wont tonight or tomorrow either - by the way, I have a few spare SIM cards with free unlimited data plans, would you like one?

1http://www.imore.com/what-is-sim-card

2http://studenttravel.about.com/od/globalcommunication/a/stayconnected_3.htm

3https://www.youtube.com/watch?v=31D94QOo2gY

4https://www.defcon.org/

5http://en.wikipedia.org/wiki/Arduino

6http://java.com/en/


direct link

CS:GO cross hair generator

25/5/2015

Recently I've been playing a lot of the game Counter Strike:GO.
This is a game that requires precise aim; and with aim comes a cross hair.
I was influenced by an on-line CS:GO cross hair generator (http://tools.dathost.net/) and decided to create my own.
I've got the basics sorted, I just need to work on the rendering of the on screen preview.
I'm using the Qt framework and C++ for this project.
post5_1
I hope to actually follow through with this project and complete it.
Stay tuned!
Update:
Only a few hours later and it's complete!
post5_2


direct link

Finally moved to GNU/Linux and am loving it.

22/5/2015

I made the decision to finally move to GNU/Linux a few months ago; and I haven't regretted it once.
I'm using Linux Mint 17.1 with KDE.
This is a current capture of my main monitor (I currently run dual 1920*180 monitors). It'll be interesting to see what it looks like in a year and if I'm still using GNU/Linux.
post4_1


direct link

Nearly a year has passed; it's time to try this again.

22/5/2015

It has been a whole year, a lot has happened, some I want you to know, some I certainly do not. The main thing that has occurred was a mistake I knew I'd regret; walking out of high school.
It just was not for me. There was nothing there that interested me, there were no classes relating to my aspiring career, there was no one I cared about. Just because I'd talk to you did not mean I liked you as a person nor considered you a friend. I didn't give a single shit about what you nor anyone had to say.
And now I'm doing something called 'FLC'.
This should really be called 'school for the troubled' because that is what it is. The students there have problems, socially and mentally and I, a perfectly capable student am being forced to do it. I am only doing it for the benefit of others; nothing will come from it other than a piece of paper saying I spent 12 years in school.
But I digress:
I've come to realise that the field of which I want to spend my professional life in is changing. Having an on line identity is important. This does not necessarily mean Facebook and Twitter; instead I'm making it this blog.
I plan to add media/posts here every day or two in hopes utilising it one day as a reference to my dedication to the field. I may talk about things that I feel strongly about, programming or just general rant subjects, like it or not my voice needs to be heard; even if it is just myself in a few years.
Here's to another shitty year.


direct link

Critical review of a Social App - Imgur

21/9/2014

imgur
Imgur (pronounced imager) is a website that allows people to share images as a community and comment/vote on pictures that interest them. This website is also the origin of many, many online 'memes' that seem to be 'the craze' of teenagers in 2014.
"Whoa, hold on a second; this isn't a website where one can share what they ate for lunch, how is this a social media application?"
Lets for a second imagine that is what you're thinking (I hope it isn't), then, lets get something out of the way; the definition of social applications: "A type of software or Web service that allows people to communicate and collaborate while using the application". This to me covers many areas; blogs, Facebook, Twitter etc, however, it also covers areas of which are often forgotten such ad YouTube, and in this case, Imgur. This service allows one to not only share pictures they find funny, but to also collaborate as a community, creating pieces of art and groups of which share specific genres of images (OK, let's forget the bad areas of social media for a second, such as images and memes only immature children could find amusing).
This particular web hosting service holds a user base of which is undeniably strong; over 100 million unique users. That being said, why would one actually use this service? This service provides the internet with many funny pictures, is another a purposes needed? Of-course it is, and one purpose is convenience. Have you ever been in a conversation online and wanted to share a picture with the person you are chatting to? Sure, you could use the file transfer feature found in many IM clients, that however requires you to have decent upload speeds, which not many have unfortunately (thanks NBN). Do not fret! Imgur is here to help you, simply upload an image and paste the URL into the chat, simple! However, this isn't exactly where the 'social' bit comes into play; the area it is used in the comment section of images. Similar to how Facebook allows one to insert comments about the supposed 'selfie' one media/posts online, Imgur allows you to comment on images allowing you to voice your opinion on the subject, or to simply splutter out 'AYY LMAO', whichever you fancy.
Getting onto a more serious note, Imgur as a web service doesn't exactly help one to connect with others in a professional sense, it does however allow people to congregate around subjects and topics that people may find interesting, thus I personally view this application as one that you may use as a form of entertainment instead of one used to promote yourself online.
The area of image sharing is 'big business' on the internet in the years prior to and including 2014; everyone seems to want to provide this type of service (heck, I've even created an image hosting service http://upload.awful.pictures) however only Imgur, in my opinion has done it successfully.
The process of creating an account on this particular application is quite painless; you simply provide a username, email and a password, then you are sneakily confronted with a captcha to solve, which is quite normal this day and age. You then activate your account via an email received; then, at this point you can begin uploading!
Avoiding the obvious joke one could make regarding the question revolving around the security of this particular application (" How much personal information do you need to volunteer to sue the App?" - this gave me a much needed laugh, would I have passed the course if I successfully sued Imgur for millions of dollars?), I personally find it to be literally as safe as it gets online anymore. Unlike other services you don't need to provide your real name, location, age etc, you just provide the basics Of-course requesting an email address a few years back would have been regarded a little much, however in the age of today, the age of spam; this is a much needed security feature.
Imgur is an interesting platform used by many people who frequent forums and instant messaging chat rooms as an easy way to share images, and has quite a significant place in the heart of myself and others alike. I personally hope services such as Imgur become more mainstream and develop further, allowing users to create and different features of which have not been thought of at this particular time.
References:
http://www.en.wikipedia.org/wiki/Imgur
http://www.imgur.com
http://upload.wikimedia.org/wikipedia/commons/thumb/e/e9/Imgur_logo.svg/800px-Imgur_logo.svg.png


direct link

My perception of Social Networking

21/9/2014

First of all, let's get the reason for not selecting the Mahara/LinkedIn assessment out of the way. I personally dislike social networking websites as a whole; I see it as a way for those too lazy to experience new things to communicate with each other. I am a personal fan of IRC (internet relay chat), an instant protocol designed to allow a group of people to chat simultaneously, instead of the alternative of posting a useless picture of yourself on Facebook and waiting an hour for someone to post some ridiculous comment. With saying that, via social networking one may acquire a positive presence on the blah blah blah. let's just begin.
Personal experiences
As you may have noticed via the introductory text above, my personal view on social media applications is quite poor; however my experiences are not negative. For the purposes of this text, lets stick to one social media application everyone knows; Facebook. Over the years I have personally made multiple Facebook accounts in the hopes of actually 'getting into it', yet, each and every time I just can't. The origins for creating these accounts was always the same; peer pressure. An apparent unwritten social rule of 2014 seemingly exists that states: "Thou shall only communicate through Facebook", which to someone who dislikes the idea, quite unfortunate. This has led me to have little to no communication with friends outside of school; which I have no issue with personally, however my peers dislike it. As for social mediums I enjoy and participate in often; only one exists, IRC (heck, I even run my own IRC server). Internet relay chat is an internet protocol designed in 1988 by a man known as Jarkko Oikarinen [1]. I could write thousands of words on this particular topic, however I am not going to; that might be another assessment one day.
How would one stay safe and secure online?
Keeping safe and secure is an important thing when accessing the internet; and will only grow in importance as we move on with our technological revolution.
With that being said, the steps required to keep ones information private and secure online could be etched into ones brain; most people still will not get the message. I feel that most people have the ideation that the biggest thing to keep safe and secure online is their passwords. Sure, keeping your password secure is important (keep it long, alphanumerical and not relating to personal names or dates), however other factors need to be considered and kept private online. One example of which is usually forgotten is that of your email address. A persons email address in 2014 is (hopefully) sacred, and should only be shared with those of whom you know and trust. Another key thing that should be protected is the access keys to ones bank accounts; especially considering the use of physical money is dropping, and the use of online banking is rising. A simple solution to keeping passwords and access keys etc secure is good anti-virus and spyware on ones computer; however, you must also be aware of phishing. Phishing is the act of creating false websites (for example a bank log in page) that are designed purely to record the numbers and passwords entered into an input field [2].
Promoting ones self online
Social media is an interesting new concept that is starting to be acknowledged by the professional community as a way to decipher the maturity of one and to help decide whether or not that person is worthy of being hired into a place of business. Almost everyone in today's society has a presence online (whether good or not) and that presence will one day either promote themselves as a valuable member of society; or demote them, which is likely to cause a negative ripple within their professional life. I myself have personally chosen to not participate in the anarchy of social media; I feel it (as previously stated) is the lazy mans way of getting noticed, I prefer to design my own ways of promotion; for example owning a domain with my name, a perfect place to, in the future hold my digital resume (which, in the future will be how resumes are distributed). With that being said promoting myself on a website such as Facebook would add additional promotional content, however I feel this to be unnecessary.
This, however is completely different for that of a business. Businesses in my point of view need a form of social media to keep in contact with their customers; their community, a way to promote deals and sales, and a way to pass critical information on. Personally, a business should own both a website and multiple social media accounts, just to be sure their user base is as large as it could be (for example, I wouldn't 'follow' 'Server Sellers Inc.' (made up business) on their Twitter account, I would however follow their website.
What is an 'RSS Feed'?
A portal for lazy people. RSS (rich Site Summary) feeds allow one to easily view recently published information from, for example a blog, or news website. These are presented in XML format and is parsed by an XML reader into human viewable content; perfect for lazy people, you don't even have to open your browser (assuming you have an RSS reader setup)! Boring yes, useful, well, kind of [3].
I've personally used RSS feeds before; specifically for a website i'm currently designing for a family friend (football club fan site; pulls an RSS feed from the clubs website), and personally, I find the idea to be over rated, what is wrong with just getting an email?

References
[1] http://en.wikipedia.org/wiki/Internet_Relay_Chat
[2] http://www.consumer.ftc.gov/articles/0272-how-keep-your-personal-information-secure
[3] http://en.wikipedia.org/wiki/RSS


prev 1 2 3 4 5 6 7 8 next


page generated 2018-05-23 05:47:49 using sitegenerator