Error in Tor Documentation for Bridge Configuration

I seem to have run into a problem using Tor’s documentation for Tor bridge configuration on FreeBSD.
According to mentioned documentation, you install the following software:

pkg install obfs4proxy-tor tor ca_root_nss

This works perfectly.

However, later in the documentation it says, that you will need to add the following line to torrc configuration file:

ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy

Unfortunately, there is no file called obfs4proxy in the directory /usr/bin/.
The file is installed into directory /usr/local/bin/.
So the correct line to add should read:

ServerTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy

The idea of a Tor bridge is that it’s IP address is not entered into the public database but remains hidden. With this wrong configuration line, the Tor node starts “normally” as a Tor exit node and publishes the IP address to the system in the public database.

Source of documentation: https://community.torproject.org/relay/setup/bridge/freebsd/

Follow-Up on Swiss Customers’ Revolut Allegedly Hacked

This is an update to yesterday’s article on allegedly hacked Revolut accounts.

Swiss Newspaper Tages-Anzeiger ran an new story today offering details on what allegedly happened. The article is behind I pay wall, so I can’t read it, but there seems to be a synopsis on Reddit and I am going to take this as the basis for some comments.

Most importantly, there are currently eight customers – all of them Swiss – that claim to have had their accounts hacked. Six of them indeed have receive a text message (sms) and where victims of a phishing attack. Two claim that that wasn’t the case for them.
So, after the current description of events, it was not Revolut that was hacked, but some of its Swiss customers.

However, there are a couple of strange things going on here.

Continue reading Follow-Up on Swiss Customers’ Revolut Allegedly Hacked

Tesla as a Surveillance Platform

I ran into this nice little story on Schneier on Security blog, describing how to transform a Tesla into an surveillance platform, using its cameras that give a 360° view of the car’s environment.
The article is a synopsis of a more detailed description on Wired describing the Tesla modifications.
In fact, it is quite easy to turn your Tesla into your own private surveillance platform. Everything you need is already there, you just need to plug in a notebook running the right (open-source) platform and your set.

Now we can understand why the Basle Police might find it interesting to own and run a few Teslas in the city of Basel. Not that I want to claim they actually used the car in this way, I would have no knowledge of that. Just saying it is a possibility that it will be used in this way, either by them or any other entity.

I can also imagine it would be very interesting to have access to all data from all Tesla cars in your fleet and record was going on around them – even if parked.
In fact, since the car already is a surveillance platform when you buy it, and you can use it as such with a few modifications, why not use it as such for your own purposes? Distributing your cars strategically in an area will give on traffic flow and where people go.

Note that while I write here specifically about Tesla, this holds true for any car from any manufacturer that produces similar cars and it will especially be true for self-driving cars.

Revolut Accounts Allegedly Hacked

It all started yesterday, with an article on Swiss daily news Tages Anzeiger in which a Revolut customer claimed to have had CHF 30,000 booked of his Revolut account. The article was not particularly clear about what had actually happened, but trying to puzzle together from other news sources the claim seems to be that “Revolut allowed CHF 30,000 to be booked off a (UBS) Credit Card via Revolut’s Top-Up feature, and this despite the credit card limit being only CHF 15,000.

This claim seemed dubious to me, and still does, so I decided to dig a bit further. Today, the Swiss financial news site Inside Paradeplatz was writing of more cases, but they seem to be limited to Swiss customers.

Continue reading Revolut Accounts Allegedly Hacked

Switching to Pixelfed

Decided today to ditch Instagram and start using Pixelfed more often. It’s quite a good alternative, and offers what I need. Though on pixelfed.social the storage is limited to 5GB, this seems enough for me for now.

One challenge, however, is to embed or publish Pixelfed stuff in or to other social media, like Mastodon or Twitter. There doesn’t seem an automated way to do that, but maybe I missed something…

Anyawy, you can find my stuff on Pixelfed at pixelfed.social/ofehrmedia and on Mastodon bne.social/@ofehrmedia

Re-visiting my LHC@Home Configuration

I have been using BOINC software to participate in scientific computing projects for around four years and contributed to several projects such as Einstein@Home, SETI@Home, Asteroids@Home and my personal favourite LHC@Home.

Starting with getting LHC@Home projects directly from LHC@Home, I switched to a pool with Gridcoin. I am now switching back and let my boxes crunch exclusively for LHC@Home.

My Boinc four clients now use a local SQUID proxy especially configured for LHC@Home and CERNVM-FS. While the number of machines probably does not do much to cut down on network usage, it’s something I tried some years ago and had abonded it. Apparently, LHC@HOme is now recommending you run a local proxy if you have several crunchers in your network.

I am happy to oblige!

First CernVM Steps

As per documentation “CernVM 4 is a virtual machine image based on Scientific Linux 7 combined with a custom, virtualization-friendly Linux kernel”. It’s base image is very small, which means currently around 20MB. The rest of the OS and applications is downloaded on demand via CernVM-FS.

I learned a lot in the recent CernVM/CernVM-FS workshop at CERN in Geneva (actually in the part in France). It offered interesting approaches and insights in how to work with bigdata in complex environments, where almost every user has her own requirements and software setup.

The current CernVM image can be downloaded from here. There are images for different virtual environments available. I chose the VirtualBox version as I have worked with VirtualBox for quite a while using it with BOINC and LHC@Home, but you can chose another environment, for example on AWS, Azure or Docker image.

So far so good. The next step is getting an CERN account. This is needed to access CernVM Online to create a CernVM Context. Once the context is created online, the CernVM on the desktop needs to be paired with the online context. This will automatically configure the CernVM for your needs.

This is simple enough. A few difficulties arise, however. First, for the un-initiated like me, identifying the resources – i.e. the software and data – needed to work with CernVM. Is quite a challenge. Second, I to identify the account and determining the permissions needed is also challenging. While you can register for the Cern website with, say, your Google account, this will give you access to some resources but apparently not CernVM Online. A Cern light-weight account gives access to CernVM but so far, while I got CernVM running and associated it successfully with a online context, I so far get ‘access denied’ on underlying resources.

While CernVM is still work in progress, it inspired me to look a bit closer into VirtualBox and its possibilities and I am currently in the process of moving the development environment of my sun.spaceobservatory.ru (a.k.a sun.ofehr.space) website onto a VM.

Blogging from Phone

This a test I want to try to block for my phone North by typing but speaking into the microphone. This works remarkably well how to have some problems sweets new paragraphs and carriage return!

Not bad for a first test at least the phone understands my English!!!

Welcome – Привет

First post I write on this blog. It is hosted in Russia, and accessible only under a Cyrillic domain name. The purpose of this is to test internationalization of content and of legal requirements (as far as I can understand them).

The site’s name is : https://слипстрим.офермедия.рф
or if that doesn’t work try: https://xn--h1aahgngddj.xn--d1abanrkp4a9h.xn--p1ai

Basically, my immediate realization is that data is stored in Russia, but exchanged partially, at least, with other sites in the United States and United Kingdom, because WordPress and Google Analytics is used. It thus becomes very difficult to make any guarantees about the privacy of users data. Of course we use cookies and tracking. But since this is a blog, we refrain from collecting personally identifiable data apart form the IP-address – except if you choose to comment.
In any case you may want to read our privacy policy before engaging with or commenting on this site.