Low-cost 3D printers and crowdfunding suicide – 3D Prototypes and Models

3D printing, IoT, big data. These are buzzwords of the day. 3D printing projects, especially, is extremely popular on crowdfunding sites such as KickStarter. The following article talks about the surge of non-viable 3D printing projects on crowdfunding sites, and the problems they face and poses to legitimate projects. I like the systematic way the author analyzes about the problem and how he presents it.

Line of Viability

Low-cost 3D printers and crowdfunding suicide – 3D Prototypes and Models.

Read this if you are planning to fund a 3D printing project.


IPViking map – real-time visualization of cyber attacks

This is a cool real-time visualization of cyber attacks that is happening right. Ok it’s not exactly monitoring the entire Internet. The attacks shown are based on honeypots set up by the company Norse. They claimed to “emulate over 5m users, severs, infrastructures on the Internet” in various countries and the visualization is only based on a small subset of the live flows. I guess this can be taken to mean the real number of attacks is much larger and probably won’t run as smoothly on a web-powered application in real-time. It is still quite impressive and can be strangely mesmerizing to watch.

Incidentally, the application is powered by D3 and it runs best on Chrome.

IPViking map: Cybercrime hunting just got real-time – Real Business:

Unsurprisingly, IPViking has been likened with 1983 movie WarGames starring Matthew Broderick and Introversion’s classic game called Defcon. It’s true, the map is simply astonishing to behold – and slightly unnerving – when activity starts happening.


Remote code execution on Android devices | Bromium Labs

Remote code execution on Android devices | Bromium Labs.

This is surely something of concern for Android users. My advice is don’t use public Wifi. Yes it can be difficult sometimes, especially if you are overseas, but would you rather pay the risk of having your phone rooted and its contents stolen?


Why the Security of USB Is Fundamentally Broken | Threat Level | WIRED

Why the Security of USB Is Fundamentally Broken | Threat Level | WIRED.

On some levels this is one of the scariest vulnerability of recent times. Just think of how many things are at risk if exploitation becomes prevalent. Your usual anti-virus is useless against this type of attacks. It’ll be interesting to know if Stuxnet is using this delivery mechanism.

More detailed info can be found here.


M1 routers misbehaving

Was doing a routine scan when I spotted an unfamiliar address on the network: Strangely arp doesn’t reveal its MAC address, which seems odd given that this is a private IP address used internally.

Traceroute reveals the truth:

> tracert

Tracing route to over a maximum of 30 hops

1 3 ms 4 ms 3 ms
2 * * * Request timed out.
3 213 ms 5 ms 5 ms []
4 3 ms 3 ms 3 ms []
5 104 ms 4 ms 5 ms []
6 88 ms 5 ms 22 ms []
7 25 ms 5 ms 14 ms

Trace complete.

It seems someone has a misconfigured or misbehaving router that’s exposing private IP addresses. Let’s hope it is not storing something incredibly important.


Microsoft takes on global cybercrime epidemic in tenth malware disruption – The Official Microsoft Blog – Site Home – TechNet Blogs

Microsoft targets

Microsoft takes on global cybercrime epidemic in tenth malware disruption – The Official Microsoft Blog – Site Home – TechNet Blogs.


Announcing IPv6 Support in Singapore | DigitalOcean

Great that DigitalOcean now has IPv6 support. Another reason for moving from Amazon. Not to mention that it’s cheaper in most usage.

Announcing IPv6 Support in Singapore | DigitalOcean.

diy sysadmin

systemcall dot org » Trashing Chromebooks

An article on repurposing Chromebooks as build agents. The more interesting parts of the article are on hardware related issues such as overheating, comparison of hobby-grade hardware vs product hardware etc.

Server rack of Chromebooks

systemcall dot org » Trashing Chromebooks.



The fate of TrueCrypt hangs in the balance, now that the main site has been shut down and redirects to its SourceForge page, which displays the following ominous notice.

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

Many conspiracy theories abound for the reasons behind the abrupt ending of the popular project. Among them:

  • the site has been hacked, and the signing key stolen
  • the secret authors are under duress, and this is a warrant canary
  • it’s a form of Dead-man’s-switch
  • the authors are plain tired of the project after 10 years and want out
  • the authors are disheartened about the crowdfunded effort to pick apart their work

TrueCrypt was started in 2004 to fulfill a basic but critical need for secure storage of on-disk files. Why use encrypted containers when you could have used encrypted zip files? Well, for one, you will have to remember to keep unzipping and zipping up files whereas TrueCrypt was designed to make all that transparent by mounting the encrypted contents as another drive. That makes it easy to work with and inter-operate with practically any application.

TrueCrypt is certainly not the only encryption solution, though many of them are platform-specific, do not integrate as nicely into the OS, isn’t as feature-rich, or are just plain proprietary. The problem with proprietary solutions is that you never know just what went into the encryption, whether there are deliberate or undiscovered vulnerabilities or weaknesses in the algorithm used for encryption etc. This is especially important with the recent disclosure on NSA’s effort to weaken encryption.

There has been competing open-source solutions such as PGPDisk, FreeOFTE, and so on, but none of them are as polished and feature complete as TrueCrypt. For many users who require an easy to use encryption solution, TrueCrypt is a no-brainer over other existing non-paid choices.

Another plus point of TrueCrypt is that it works on multiple platforms. That makes it convenient as you could store an encrypted volume in say Dropbox, and be able to work on the files on your Mac OS, Windows or Linux.

Although TrueCrypt is open-source, there are worries that its binaries may be tampered with – that is, it is not compiled result of its published source. The secret identity of its creators does nothing to relieve this concern. Some even speculate that it may be a FBI honeypot. This point has always been a pain point of its users and especially critics. One particularly staunch critic even started a crowd-funding effort to audit the source code to discover if there are unintended or deliberate security loopholes. A recent effort to match the source against its binaries helped to alleviate some fears, though it will still require a full audit to know if there are loopholes in the software.

For now, before the dust settles, existing users of TrueCrypt might want to start looking at alternative solutions for their encryption needs.


Hackers raid eBay in historic breach, access 145 million records | Reuters

Hackers raid eBay in historic breach, access 145 million records | Reuters.