Hacker   11323

« earlier    

Binder: an awesome tool for hosting Jupyter notebooks - Julia Evans
Binder is a tool that lets other people easily launch an interactive copy of your Jupyter notebooks
python  jupyter  notebook  hacker  tools  webdev 
5 days ago by yorksranter
Exec Commands Via Mshta.exe - Evi1cg's blog
看用“世界上最好的编程语言”制作的敲诈者木马揭秘的时候发现,攻击者使用mshta来执行命令,之前没怎么接触过,查了查资料也不是很多,mshta是用来执行hta文件的,经过测试发现,其实没有hta...
mshta  php  vbscript  javascript  hacker  exec  system  commands  cmd 
7 days ago by primathon
MantisTek GK2's keylogger is a warning against cheap gadgets (updated) • Tom's Hardware
Lucian Armasu:
<p>Multiple online user reports claim that the MantisTek GK2 mechanical keyboard's configuration software is sending data to an Alibaba server. One of the reports even includes an analysis of the software’s traffic, which seems to include how many times keys have been pressed.

The MantisTek GK2 is a cheap RGB mechanical keyboard from China that costs half as much (or less) as the mechanical keyboards from better known companies. Multiple gadgets that come from China seem to have either poor security or privacy issues caused by collecting user data without consumers' explicit permission. The MantisTek GK2 seems to be one of those products.

The main issue seems to be caused by the keyboard’s “Cloud Driver,” which sends information to IP addresses tied to Alibaba servers. Alibaba sells cloud services, so the data isn’t necessarily being sent to Alibaba, the company, but to someone else using an Alibaba server.

The data being sent—in plaintext, no less— has been identified as a count on how many times keys have been pressed.

The first way to stop the keyboard from sending your key presses to the Alibaba server is to ensure the MantisTek Cloud Driver software isn’t running in the background.

The second method to stop the data collection is to block the CMS.exe executable in your firewall. You could do this by adding a new firewall rule for the MantisTek Cloud Driver in the “Windows Defender Firewall With Advanced Security.”</p>


"Yeah, just updating my firewall rules to stop it telling China what I type." The update does point out that it's only sending *how many* times the key was pressed - maybe to see key lifetimes or durability. But even so. Shouldn't do, especially not without very explicit permission.
hacker  keylogger  china 
10 days ago by charlesarthur
MantisTek GK2's Keylogger Is A Warning Against Cheap Gadgets
The first way to stop the keyboard from sending your key presses to the Alibaba server is to <strike>ensure the MantisTek Cloud Driver software isn’t running in the background</strike> hurl it out of a window and set it on fire
keyboard  keylogger  hacker  security  internet_of_shit 
12 days ago by yorksranter
NARKOZ/hacker-scripts: Based on a true story
Someone has scripted their entire work life.
hacker  funny  scripting 
13 days ago by ebel

« earlier    

related tags

/  -  11/9/2017  138  2017-09-18  2017-09-20  2017-09-22  2017-09-24  2017  a/b  a  aggregator  ai  algorithm  algorithms  amazon  and  api  app  architecture  article  articulos  audio  audioapi  avast  awesome  bad  badbot  behörde  best  bestpractices  bitcoin  blockchain  blog  book  books  bundle  campaignfinance  capitalism  carr  catch  cctv  checklist  china  circleci  clickman  clone  cloud  cloudfare  cloudflare  cmd  collecting  commands  comparison  computing  corpus  cracking  crime  custom  cyberpunk  cybersecurity  cypherpunk  d-link  daily_read?  data  datascience  day  dccc  democratic  denver  details  development  didway  digital  diy  dnc  doj  donaldtrump  dvr  eap  ebooks  editor  education  election2016  electricity  electronics  email  encryption  energy  esr  estatística  example  exec  facebook  farming  fb  fbi  fear  feed  feedly  felon  female  feminismo  flir  folklore  framework  fun  funny  gabriellacoleman  gadget  games  ge  github  gizmodo.com  google  gop  graham  graphql  growth  guide  guideline  hack  hacker-news  hacker  hacker_news  hackernews  hackers  hacking  hardware  hat  history  hn  hollywood  honeypot  how  hrc  https://sites.google.com/view/clickmanllc/  humor  ifttt  improv  influence  insidertrading  interesting  internet  internet_filter  internet_of_shit  ips  ipv6  it  itsfoss  jaredkushner  jargon  javascript  jeffsessions  js  jupyter  karl  keyboard  keylogger  king  knowhow  knowledge  kubernetes  lawyers  licensing  links  linux  list  llc  malware  metaballs  metadaten  microservices  ml  movie  movies  mshta  nc  network  networking  news  nmap  notebook  nymag  of  ontrustingtrust  painter  painters  painting  password  patent  patents  paul  paulmanafort  peerproduction  pentesting  phd  php  pinterest  pivot  pocket  politico  politics  portland  portsmouth  power  predictable  prepare  print  privacy  process  profiling  programming  progressive  project  putin  pwa  python  qualitative  quiet  react  read  recommendations  reference  repeatable  republican  research  richard  rms  robert  robertmuller  rss  russia  scandals  scripting  sec  security  seguridad  server  shapiro  shaving  shenzhen  shopping  software  solar  song  south…  spy  ssh  staffers  stallman  statistics  strongman  structure  structures  stuff  style  suck  sudduth  supremacy  surveillance  sys  sysadmin  system  systems  tech  technology  teen  terminal  test  text  tips  to  tool  tools  top  torrent  transformation  trezor  trojaner  tutorial  tutorials  twitter  uproxx.com  vanityfair.com  vbscript  verschlüsselung  vf.com  video  vogue  vpn  wallstreet  wapo  web  webaudio  webdev  white  whitehat  wikileaks  wilfried  writing  wsj  yak  youtube  zero  zitis  | 

Copy this bookmark:



description:


tags: