Tag: security

MacOS: Add Message to Lock Screen

This is a really good idea about adding a message to your lock screen on MacOS with a note on how to contact you in the event your Mac is lost.

Overview of Apple’s iCloud Security & Encryption Features

A talk given at Blackhat conference this year explain how Apple ensure that their customer data is safe. You can download a PDF of the slides here.

MET Police Using Indian Hacking Agency

.@metpoliceuk used an Indian agency to hack activists and journalists in UK – then shredded the evidence. Just wow. https://t.co/g0Y4RD2SOn

— Matthew Butcher (@matthew1butcher) March 21, 2017

OSX – Disable Gatekeeper to Allow Installation of Unsigned Apps

Run this in your terminal to allow the option of selecting install from anywhere:

sudo spctl --master-disable

1	sudo spctl --master-disable

Clone a git repo using a specific SSH private key

If you wish to clone a repo using a set private key, you can use the following syntax to do just that and it won’t add the private key to your usual SSH settings:

ssh-agent bash -c 'ssh-add private.key; git clone git@server.com:user/repo.git'

1	ssh-agent bash -c 'ssh-add private.key; git clone git@server.com:user/repo.git'

Generating Public & Private Keys Using PHPSECLIB

A few tasks that I’ve been working on this weekend have needed public/private key pairs. The very useful phpseclib library provides the tools that you need to generate these within your application.

// Get a new RSA object and set the type, hash and comment
$rsa = new RSA;
$rsa->setPublicKeyFormat(phpseclib\Crypt\RSA::PUBLIC_FORMAT_OPENSSH);
$rsa->setHash('sha256');
$rsa->setComment('user@seccheck');

// Actually generate the key, change 4096 for the desired number of bytes
$keys 		= $rsa->createKey(4096);
$keyPrivate	= $keys["privatekey"];
$keyPublic	= $keys["publickey"];

// Get the fingerprint for this key
$rsa->loadKey($keyPrivate); 
$keyFingerprint = $rsa->getPublicKeyFingerprint();

// Get a new RSA object and set the type, hash and comment

$rsa = new RSA;

$rsa->setPublicKeyFormat(phpseclib\Crypt\RSA::PUBLIC_FORMAT_OPENSSH);

$rsa->setHash('sha256');

$rsa->setComment('user@seccheck');

// Actually generate the key, change 4096 for the desired number of bytes

$keys = $rsa->createKey(4096);

$keyPrivate = $keys["privatekey"];

$keyPublic = $keys["publickey"];

// Get the fingerprint for this key

$rsa->loadKey($keyPrivate);

$keyFingerprint = $rsa->getPublicKeyFingerprint();

Searching the Internet for Devices

This is a pretty nifty service I come across a few days ago. It’s called Shodan and searches then indexes internet connected devices around the world.

Jigsaw, by Google

Quite an interesting new project by Google. Helping victims survive digital attacks. You can find out more at https://jigsaw.google.com.

bcrypt Passwords for WordPress

Great development from the Roots team to make WordPress use bcrypt for it’s password hashing. You can read more on their blog post here.