Blog Archives

How To Deploy MVPS HOSTS File on an Android Phone

Confirming superuser

I have replaced the default HOSTS file on my Android device with the MVPS HOSTS file, a blacklist for blocking advertising, tracking and malware-distributing server names. Installing this blacklist confers the same browsing security, privacy, and performance benefits on my

Posted in Android, Mobile Security, Privacy

Checking in on the Performance of WordPress XML-RPC Attack Countermeasures

XML-RPC Attack Traffic

Following up on my deployment of WordPress XML-RPC attack countermeasures a few months ago, let’s have a look at how effectively the traps have performed in live operation in the intervening time.

Posted in Network Security, Web Security

Countering WordPress XML-RPC Attacks with fail2ban


In my last post I began inquiring into the WordPress XML-RPC attacks I’ve been sustaining here on the site. Since then I’ve been further studying the threat and experimenting with responses, and I have now developed working countermeasures and cast

Posted in Network Security, Web Security

Sustaining WordPress XML-RPC Attack Traffic

XML-RPC Attack Traffic

I’ve been experiencing the same increased frequency of attacks against WordPress’ integrated XML-RPC service in recent months as reported by many other site operators. The attacks have been covered well elsewhere, but I wanted to chronicle what I’m seeing and

Posted in Network Security, Web Security

Android Device Manager Does Not Work in Internet Explorer


[Edit: As of July 11th it looks like this has been fixed. Android Device Manager is working in Internet Explorer 11 again in my testing. Original discussion follows.] Last night I flashed my phone up to CyanogenMod 11 M8, and

Posted in Android, Mobile Security

TrueCrypt: What Happened, What It Means, and What Happens Now


Based on the sum of the evidence that’s now filtered in, and in the consensus view of experts, the primary cause of the TrueCrypt crisis of the last few days was developer fatigue. After 10 years of thankless work developing

Posted in Encryption

Something Rotten Has Occurred in TrueCrypt Land

An extremely significant event affecting TrueCrypt has occurred. It is not yet clear whether it is legitimate or a hoax, and if legitimate, what it means. The web site has been redirected to a sourceforge landing page advising that

Posted in Encryption

Process Explorer 16.0 Adds VirusTotal Integration


Author Mark Russinovich just dropped version 16.0 of Sysinternals procexp, an indispensable utility that displays a tree view of every process on a Windows system along with its resource consumption. Procexp’s visual representation of the activity on a system is

Posted in Host Security, Performance, Windows

CyanogenMod Breaks New Ground on Mobile Privacy


While Google, Microsoft, Apple and Facebook are busy bending knee to their government handlers and/or telling marketing departments what color underwear you have on, the incredibly smart and capable developers of the CyanogenMod aftermarket Android distribution are cooking up compelling

Posted in Android, Encryption, Mobile Security, Privacy

Windows XP End Of Support Life Coming Soon


As a reminder, Windows XP will officially reach EOSL (End Of Support Life) on April 8, 2014, a milestone in the making for over a decade, finally coming up a little over eight months from now. On this date, Microsoft

Posted in Windows