Are you over 18 and want to see adult content?
More Annotations
A complete backup of theraggedpriest.com
Are you over 18 and want to see adult content?
A complete backup of comofazercerto.blogspot.com
Are you over 18 and want to see adult content?
A complete backup of punchequipment.com
Are you over 18 and want to see adult content?
A complete backup of training-institute.com.ua
Are you over 18 and want to see adult content?
A complete backup of goodhaircaregold.com
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of www.gazzetta.it/Calcio/Serie-A/Lecce/15-02-2020/lecce-vittoria-che-vale-oro-majer-rovina-esordio-di-biagio-
Are you over 18 and want to see adult content?
A complete backup of www.theaustralian.com.au/nation/borce-ristevski-sorry-for-killing-mum-karen-says-daughter-sarah/news-story/
Are you over 18 and want to see adult content?
Text
amazing
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news. FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news. FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY This end-times posture is the result of a century of theological error, and has led the evangelical church into all kinds of misguided conspiracy theories. Visions of four horsemen riding across the world, a sudden secret rapture, and seven years of hell on Earth rest upon theological pillars of highly questionably origin. RECLASSIFYING SEMI-AUTOMATIC RIFLES UNDER THE NATIONAL Introduced in the National Firearms Act, this system applies to machine guns, short barrel rifles, silencers, sawed off shotguns, and other types of firearms that individuals can still legally own today, but with more than the casual regulation of AR-15s and other such firearms. It could be changed to include semi-automatic rifles.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
THE IMPORTANCE OF FORENSIC TOOLS VALIDATION The Importance of Forensic Tools Validation. I recently finished consulting on a rather high profile case, and once again found myself spending almost as much time correcting reports from third party forensic tools vendors as I did analyzing actual evidence. It’s even sadder that I charged less for my services than these toolsmanufacturers
HOW TO HELP SECURE YOUR IPHONE FROM GOVERNMENT INTRUSIONS Attack the Backup Encryption. There are two ways to get a copy of a backup: off of the subject’s desktop machine, or if the device is unlocked (or the passcode / fingerprint is compelled from the suspect), one can be made. If the user didn’t use a backup password, the backup gives up all of the user data on the iPhone. CRAFTING MACOS ROOT KITS Types of Root Kits: UserlandKit – Consist of userlandprograms (daemons, agents, startup programs) – Typically trojanizedbinaries replacing otherwise trusted tools(ps, netstat, etc.) – Can sometimes be a component of trojanizedsoftware (Transmission, Xcode, etc.) Detectable by AV software, after signatures are added Detectable by behavioral analysis (Little Snitch, Little Flocker, etc.) COUNTER-FORENSICS: PAIR-LOCK YOUR DEVICE WITH APPLE’S Last updated for iOS 8 on September 28, 2014. As it turns out, the same mechanism that provided iOS 7 with a potential back door can also be used to help secure your iOS 7 or 8 devices should it ever fall into the wrong hands. This article is a brief how-to on using Apple’s Configurator utility to lock your device down so that no other devices can pair with it, even if you leave your device DATA CENTER VULNERABILITIES DATA CENTER THREATS AND VULNERABILITIES Jonathan A. Zdziarski jonathan@zdziarski.com Abstract Data center facilities are at the heart of today's electronic infrastructure, giving life to a ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS One thing I am undeniably certain about is my faith. When I made the decision to become a Christian, my former interests paled in comparison. I’ve spent several years studying the Greek language, theology, and history, so I could read many manuscripts on parchment and see just how we derived theology.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
RECLASSIFYING SEMI-AUTOMATIC RIFLES UNDER THE NATIONAL Introduced in the National Firearms Act, this system applies to machine guns, short barrel rifles, silencers, sawed off shotguns, and other types of firearms that individuals can still legally own today, but with more than the casual regulation of AR-15s and other such firearms. It could be changed to include semi-automatic rifles. ASTROPHOTOGRAPHY TUTORIAL: NORTHERN LIGHTS CHASING IN Astrophotography Tutorial: Northern Lights Chasing in Iceland. There’s nothing quite as magical as seeing a bright green and pink Aurora Borealis dancing in the sky. One of the world’s most dazzling natural light displays, the Aurora is produced when charged particles from solar winds encounter our atmosphere, penetrating the Earth’s IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
THE IMPORTANCE OF FORENSIC TOOLS VALIDATION The Importance of Forensic Tools Validation. I recently finished consulting on a rather high profile case, and once again found myself spending almost as much time correcting reports from third party forensic tools vendors as I did analyzing actual evidence. It’s even sadder that I charged less for my services than these toolsmanufacturers
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices PRIVATE PHOTO VAULT: NOT SO PRIVATE Private Photo Vault: Not So Private. One of the most popular App Store applications, Private Photo Vault (Ultimate Photo+Video Manager) claims over 3 million users, and that your photos are “100% private”. The application, however, stores its data files without using any additional protection or encryption than any other filesstored on the
DATA CENTER VULNERABILITIES DATA CENTER THREATS AND VULNERABILITIES Jonathan A. Zdziarski jonathan@zdziarski.com Abstract Data center facilities are at the heart of today's electronic infrastructure, giving life to a ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS One thing I am undeniably certain about is my faith. When I made the decision to become a Christian, my former interests paled in comparison. I’ve spent several years studying the Greek language, theology, and history, so I could read many manuscripts on parchment and see just how we derived theology.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
RECLASSIFYING SEMI-AUTOMATIC RIFLES UNDER THE NATIONAL Introduced in the National Firearms Act, this system applies to machine guns, short barrel rifles, silencers, sawed off shotguns, and other types of firearms that individuals can still legally own today, but with more than the casual regulation of AR-15s and other such firearms. It could be changed to include semi-automatic rifles. ASTROPHOTOGRAPHY TUTORIAL: NORTHERN LIGHTS CHASING IN Astrophotography Tutorial: Northern Lights Chasing in Iceland. There’s nothing quite as magical as seeing a bright green and pink Aurora Borealis dancing in the sky. One of the world’s most dazzling natural light displays, the Aurora is produced when charged particles from solar winds encounter our atmosphere, penetrating the Earth’s IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
THE IMPORTANCE OF FORENSIC TOOLS VALIDATION The Importance of Forensic Tools Validation. I recently finished consulting on a rather high profile case, and once again found myself spending almost as much time correcting reports from third party forensic tools vendors as I did analyzing actual evidence. It’s even sadder that I charged less for my services than these toolsmanufacturers
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices PRIVATE PHOTO VAULT: NOT SO PRIVATE Private Photo Vault: Not So Private. One of the most popular App Store applications, Private Photo Vault (Ultimate Photo+Video Manager) claims over 3 million users, and that your photos are “100% private”. The application, however, stores its data files without using any additional protection or encryption than any other filesstored on the
DATA CENTER VULNERABILITIES DATA CENTER THREATS AND VULNERABILITIES Jonathan A. Zdziarski jonathan@zdziarski.com Abstract Data center facilities are at the heart of today's electronic infrastructure, giving life to a ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS One thing I am undeniably certain about is my faith. When I made the decision to become a Christian, my former interests paled in comparison. I’ve spent several years studying the Greek language, theology, and history, so I could read many manuscripts on parchment and see just how we derived theology.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
RECLASSIFYING SEMI-AUTOMATIC RIFLES UNDER THE NATIONAL Introduced in the National Firearms Act, this system applies to machine guns, short barrel rifles, silencers, sawed off shotguns, and other types of firearms that individuals can still legally own today, but with more than the casual regulation of AR-15s and other such firearms. It could be changed to include semi-automatic rifles. ASTROPHOTOGRAPHY TUTORIAL: NORTHERN LIGHTS CHASING IN Astrophotography Tutorial: Northern Lights Chasing in Iceland. There’s nothing quite as magical as seeing a bright green and pink Aurora Borealis dancing in the sky. One of the world’s most dazzling natural light displays, the Aurora is produced when charged particles from solar winds encounter our atmosphere, penetrating the Earth’s IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
THE IMPORTANCE OF FORENSIC TOOLS VALIDATION The Importance of Forensic Tools Validation. I recently finished consulting on a rather high profile case, and once again found myself spending almost as much time correcting reports from third party forensic tools vendors as I did analyzing actual evidence. It’s even sadder that I charged less for my services than these toolsmanufacturers
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices PRIVATE PHOTO VAULT: NOT SO PRIVATE Private Photo Vault: Not So Private. One of the most popular App Store applications, Private Photo Vault (Ultimate Photo+Video Manager) claims over 3 million users, and that your photos are “100% private”. The application, however, stores its data files without using any additional protection or encryption than any other filesstored on the
DATA CENTER VULNERABILITIES DATA CENTER THREATS AND VULNERABILITIES Jonathan A. Zdziarski jonathan@zdziarski.com Abstract Data center facilities are at the heart of today's electronic infrastructure, giving life to a ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACYSEE MORE ONZDZIARSKI.COM
IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! FREE DOWNLOAD: IOS FORENSIC INVESTIGATIVE METHODS Free Download: iOS Forensic Investigative Methods. Given the vast amount of loose knowledge now out there in the community, and the increasing number of commercial tools available to conduct both law enforcement and private sector acquisition of an iOS device, I’ve decided to make my law enforcement guide, “iOS ForensicInvestigative
HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS One thing I am undeniably certain about is my faith. When I made the decision to become a Christian, my former interests paled in comparison. I’ve spent several years studying the Greek language, theology, and history, so I could read many manuscripts on parchment and see just how we derived theology.DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
RECLASSIFYING SEMI-AUTOMATIC RIFLES UNDER THE NATIONAL Introduced in the National Firearms Act, this system applies to machine guns, short barrel rifles, silencers, sawed off shotguns, and other types of firearms that individuals can still legally own today, but with more than the casual regulation of AR-15s and other such firearms. It could be changed to include semi-automatic rifles. ASTROPHOTOGRAPHY TUTORIAL: NORTHERN LIGHTS CHASING IN Astrophotography Tutorial: Northern Lights Chasing in Iceland. There’s nothing quite as magical as seeing a bright green and pink Aurora Borealis dancing in the sky. One of the world’s most dazzling natural light displays, the Aurora is produced when charged particles from solar winds encounter our atmosphere, penetrating the Earth’s IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
THE IMPORTANCE OF FORENSIC TOOLS VALIDATION The Importance of Forensic Tools Validation. I recently finished consulting on a rather high profile case, and once again found myself spending almost as much time correcting reports from third party forensic tools vendors as I did analyzing actual evidence. It’s even sadder that I charged less for my services than these toolsmanufacturers
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices PRIVATE PHOTO VAULT: NOT SO PRIVATE Private Photo Vault: Not So Private. One of the most popular App Store applications, Private Photo Vault (Ultimate Photo+Video Manager) claims over 3 million users, and that your photos are “100% private”. The application, however, stores its data files without using any additional protection or encryption than any other filesstored on the
DATA CENTER VULNERABILITIES DATA CENTER THREATS AND VULNERABILITIES Jonathan A. Zdziarski jonathan@zdziarski.com Abstract Data center facilities are at the heart of today's electronic infrastructure, giving life to a ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and TRUTH IS NOT PARTISAN Zdziarski's Blog of Things. DFIR, security, reverse engineering, photography, funky bass guitar. All opinions are my own. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news. AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.” IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and TRUTH IS NOT PARTISAN Zdziarski's Blog of Things. DFIR, security, reverse engineering, photography, funky bass guitar. All opinions are my own. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news. AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.” IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots andJUNE 4, 2021
I originally published this in 2016, and dust it off every time there’s a mass shooting in the news. This has been far too often. I’ve been a long time responsible gun owner, by the old definition of what that used to mean. QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.”JOINING APPLE
Joining Apple. I’m pleased to announce that I’ve accepted a position with Apple’s Security Engineering and Architecture team, and am very excited to be working with a group of like minded individuals so passionate about protecting the security and privacy ofothers.
PROTECTING YOUR DATA AT A BORDER CROSSING The key to mastering the art of protecting your data at a border is to forward plan for continuity of access outside of the constraints of the border crossing, while positioning yourself as if you were the adversary during this encounter. Think of it as pulling in a secondary payload once you pass a security boundary. PRIVATE PHOTO VAULT: NOT SO PRIVATE Private Photo Vault: Not So Private. One of the most popular App Store applications, Private Photo Vault (Ultimate Photo+Video Manager) claims over 3 million users, and that your photos are “100% private”. The application, however, stores its data files without using any additional protection or encryption than any other filesstored on the
DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion COUNTER-FORENSICS: PAIR-LOCK YOUR DEVICE WITH APPLE’S Last updated for iOS 8 on September 28, 2014. As it turns out, the same mechanism that provided iOS 7 with a potential back door can also be used to help secure your iOS 7 or 8 devices should it ever fall into the wrong hands. This article is a brief how-to on using Apple’s Configurator utility to lock your device down so that no other devices can pair with it, even if you leave your device ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and TRUTH IS NOT PARTISAN Zdziarski's Blog of Things. DFIR, security, reverse engineering, photography, funky bass guitar. All opinions are my own. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news. AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.” IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and TRUTH IS NOT PARTISAN Zdziarski's Blog of Things. DFIR, security, reverse engineering, photography, funky bass guitar. All opinions are my own. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news. AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.” IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots andJUNE 4, 2021
I originally published this in 2016, and dust it off every time there’s a mass shooting in the news. This has been far too often. I’ve been a long time responsible gun owner, by the old definition of what that used to mean. QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.”JOINING APPLE
Joining Apple. I’m pleased to announce that I’ve accepted a position with Apple’s Security Engineering and Architecture team, and am very excited to be working with a group of like minded individuals so passionate about protecting the security and privacy ofothers.
PROTECTING YOUR DATA AT A BORDER CROSSING The key to mastering the art of protecting your data at a border is to forward plan for continuity of access outside of the constraints of the border crossing, while positioning yourself as if you were the adversary during this encounter. Think of it as pulling in a secondary payload once you pass a security boundary. PRIVATE PHOTO VAULT: NOT SO PRIVATE Private Photo Vault: Not So Private. One of the most popular App Store applications, Private Photo Vault (Ultimate Photo+Video Manager) claims over 3 million users, and that your photos are “100% private”. The application, however, stores its data files without using any additional protection or encryption than any other filesstored on the
DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion COUNTER-FORENSICS: PAIR-LOCK YOUR DEVICE WITH APPLE’S Last updated for iOS 8 on September 28, 2014. As it turns out, the same mechanism that provided iOS 7 with a potential back door can also be used to help secure your iOS 7 or 8 devices should it ever fall into the wrong hands. This article is a brief how-to on using Apple’s Configurator utility to lock your device down so that no other devices can pair with it, even if you leave your device ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and TRUTH IS NOT PARTISAN Zdziarski's Blog of Things. DFIR, security, reverse engineering, photography, funky bass guitar. All opinions are my own. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news. AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.” IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots and TRUTH IS NOT PARTISAN Zdziarski's Blog of Things. DFIR, security, reverse engineering, photography, funky bass guitar. All opinions are my own. ABOUT ME – ZDZIARSKI'S BLOG OF THINGS Who Am I? “Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field, Jonathan’s research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States’ National Institute of HOW JUICE JACKING WORKS, AND WHY IT’S A THREAT How ironic that only a week or two after writing an article about pair locking, we would see this talk coming out of Black Hat 2013, demonstrating how juice jacking can be used to install malicious software. The talk is getting a lot of buzz with the media, but many security guys like myself are scratching our heads wondering why this is being considered “new” news. AL CAPONE’S ORIGINAL THOMPSON MACHINE GUN Al Capone’s Original Thompson Machine Gun. Just when I thought my trip to Chicago would be average, some of the sergeants at the Chicago Police Training Academy, whom I’m training in iPhone forensic investigative methods, took me to the firing range in the basement and brought out an old dusty case. What came out of that case was anamazing
MY TAKE ON FBI’S “ALTERNATIVE” METHOD My Take on FBI’s “Alternative” Method. FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. Before I get into which method I think is being used here, here are some QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.” IOS FORENSIC INVESTIGATIVE METHODS 2 technical draft – do not distribute foreword’ 11! fromthe’book’iphone’forensics’ 11! preface’ 13! audience’ 14! online’file’repository’ 14! acknowledgments’ 15! organization’ofthe’material’ 15! IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE Identifying back doors, attack points, and surveillance mechanisms in iOS devices Jonathan Zdziarski article info Article history: Received10 December 2013
IDENTIFYING BACK DOORS, ATTACK POINTS, AND SURVEILLANCE JONATHAN ZDZIARSKI JONATHAN@ZDZIARSKI.COM @JZDZIARSKI Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices ZDZIARSKI'S BLOG OF THINGS The Biden administration is having a little Twitter fight about whether or not to reset the followers of the @potus account. While followers were rolled over from the Obama administration to Trump’s, the Trump administration, who views Twitter followers as if they represented actual voters-who-love-Donald, doesn’t think the incoming president should get to inherit all of those bots andJUNE 4, 2021
I originally published this in 2016, and dust it off every time there’s a mass shooting in the news. This has been far too often. I’ve been a long time responsible gun owner, by the old definition of what that used to mean. QANON, MODERN CHRISTIANITY AND END-TIMES CONSPIRACY “If the feeble mind of man did not presume to resist the clear evidence of truth, but yielded its infirmity to wholesome doctrines, as to a health-giving medicine, until it obtained from God, by its faith and piety, the grace needed to heal it, they who have just ideas, and express them in suitable language, would need to use no long discourse to refute the errors of empty conjecture.”JOINING APPLE
Joining Apple. I’m pleased to announce that I’ve accepted a position with Apple’s Security Engineering and Architecture team, and am very excited to be working with a group of like minded individuals so passionate about protecting the security and privacy ofothers.
PROTECTING YOUR DATA AT A BORDER CROSSING The key to mastering the art of protecting your data at a border is to forward plan for continuity of access outside of the constraints of the border crossing, while positioning yourself as if you were the adversary during this encounter. Think of it as pulling in a secondary payload once you pass a security boundary. PRIVATE PHOTO VAULT: NOT SO PRIVATE Private Photo Vault: Not So Private. One of the most popular App Store applications, Private Photo Vault (Ultimate Photo+Video Manager) claims over 3 million users, and that your photos are “100% private”. The application, however, stores its data files without using any additional protection or encryption than any other filesstored on the
DIDACHE - ZDZIARSKI
DIDACHE 1 Didache INTRODUCTION About This Book The Didache is an early Christian composition containing instruction for early Christianchurches.
GENERAL MOTORS 2015-2016 SAFETY ISSUE W/CRUISE CONTROL I’ve filed the following safety issue with the NHTSA, after spending considerable time attempting to explain this safety issue to Chevrolet only to get incoherent answers by people who don’t appear competent enough to understand the problem. WHY YOU SHOULD UNINSTALL FIREFOX AND DO SOME SOUL By changing Mozilla’s direction to pander to the political and social pressure ignited by a small subset of activists, Mozilla has now joined the ranks of many large organizations in adopting what once was, and should be considered taboo: lack of corporate neutrality. It doesn’t matter what those positions are, or what the popular opinion COUNTER-FORENSICS: PAIR-LOCK YOUR DEVICE WITH APPLE’S Last updated for iOS 8 on September 28, 2014. As it turns out, the same mechanism that provided iOS 7 with a potential back door can also be used to help secure your iOS 7 or 8 devices should it ever fall into the wrong hands. This article is a brief how-to on using Apple’s Configurator utility to lock your device down so that no other devices can pair with it, even if you leave your deviceSkip to content
ZDZIARSKI'S BLOG OF THINGS DFIR, security, reverse engineering, photography, funky bass guitar. All opinions are my own. Scroll down to contentPOSTS
Posted on March 22, 2020April 10, 2020 ON THE PSYCHOLOGICAL DEMANDS OF WORKING FROM HOME As the angst and stir-craziness start to set in from the world suddenly being forced into lockdown, I’ve seen a lot of articles about working from home, by people in all walks of life, from programmers to astronauts. Most of them offer practical beginner advice, like go outside, plan a schedule, etc. etc. That’s all good advice to take in, but after a few weeks, you’re probably realizing there’s a lot more to making this work _well_. As the reality of our predicament is starting to sink in, it’s important to start thinking about the psychological demands of working from home. I’ve spent the better part of my 25 year career working from home, and when I started thinking about what, if any, wisdom I could share on how to make it work well, found that I’d come up with a lot of the same things I’d already shared in a post two years ago, Living With Depression in Tech . Working at home has some fantastic benefits, but also challenges that go far beyond basic discipline development. Being productive and successful at home comes down to changing your perspective – focusing on the impacts you’re having, believing in what you’re doing, and finding ways to grow and thrive on your own so that you can maintain your drive over the longhaul.
Continue reading “On the Psychological Demands of Working FromHome”
Posted on September 26, 2019October 8, 2019 PRESIDENTIAL POLICY DIRECTIVE 19 Is anyone surprised the Obama-era whistleblower directive put into place actually worked? I bet Edward Snowden is. Not only did it work, but Congress wouldn’t have given it such weight had the information been otherwise leaked in a Snowden or Manning-esque style, nor would the IG have had the chance to acknowledge the information as “credible and urgent”. Historical treatment of whistleblowers has been deplorable, but we also didn’t have these protections in the 70s, when Ellsberg or others could have used them, so the comparison is also irrelevant. Congress, the IC, and the press are taking “extreme measures” to protect the anonymity (and safety) of the whistleblower, and most acknowledge how crucial it is to do so in order to keep a democracy. This is a very different outcome than what Snowden predicted would happen if he’d made an attempt at the proper channels first. While the jury is still out on the hero vs. traitor debate, the fact that these whistleblower procedures undeniably succeeded in bringing things to light can’t be helping Snowden’simage.
Posted on August 13, 2019August 23, 2019 RECLASSIFYING SEMI-AUTOMATIC RIFLES UNDER THE NATIONAL FIREARMS ACT I originally wrote this post in 2016, and dust it off every time there’s a mass shooting in the news. This has been far too often. I’ve been a long time responsible gun owner, by the old definition of what that used to mean. Like a majority of them, I’ve wanted more controls on semi-automatic rifles – particularly, assault rifles, for a long time. There’s idiocy on both sides of this debate, and both have some questionable notions about them. The extreme left seems to have developed an irrational fear and hatred of all guns and the extreme right believes the only solution to guns are more guns. Consider this more realistic perspective from someone who spent over a decade shooting and working on guns, held NRA certifications to supervise ranges and carry concealed weapons, and up until some years ago – when I sold the rights to it – produced the #1 ballistics calculator in the App Store. What much of the nation does not know is that there is already a system in place to perform strict checks of individuals looking to own firearms categorized as highly lethal. Introduced in the National Firearms Act, this system applies to machine guns, short barrel rifles, silencers, sawed off shotguns, and other types of firearms that individuals can still legally own today, but with more than the casual regulation of AR-15s and other such firearms. It _could_ be changed to include semi-automatic rifles. Continue reading “Reclassifying Semi-Automatic Rifles under the National Firearms Act” Posted on August 1, 2019October 29, 2019 DECULTIFYING CHRISTIANITY Joshua Harris, the author of “I Kissed Dating Goodbye”, recently renounced his faith and apologized for his awful book. I remember when it came out in the late 90’s, and still see the lasting damage it inflicted on two generations of young men and women. Harris ended up creating a toxic culture inside the mainstream church that would take two generations of Christian men back into the dark ages of devaluing women based on their level of sexual indiscretion, and helped fan the flames of homophobia and exclusion. His “sexual prosperity gospel”, as it’s been called, led to a life of guilt and shame for many, and created lasting scars that caused some to abandon their faith or their marriages later on in life. Christianity teaches that a person’s worth has nothing to do with their sexual history (or orientation), but from Jesus, who was willing to die to reconcile humanity to God. We’re not defined by our sins, and we’re not defined by our past; we are defined by Christ. This is a far cry from the cultish fundamentalist legalism that Harris’s church taught for decades; the purity movement amounted to nothing more than a way for Christians to measure themselves and others up. It’s no surprise that Harris renounced his faith; if the faith he was practicing was grounded in such a flawed understanding of grace and intrinsic human worth, then by any measurement it was not Christianity. The truly sad part is that he convinced millions of Christians to adopt this same world view for more than 20 years, allowing it to hurt a lot of people before it became popular for leaders to finally speak out against it. But this failure wasn’t just of Harris’s own making: It was the complete failure of church leaders everywhere in elevating Harris’s status to a Christian leader. Harris was a mere 21 years old, and hadn’t even been to seminary yet when he wrote the book. Rather than rightfully dismissing his book as yet more of the trash writing of that era, the inexperienced youth leaders of that time (many of whom also lacked formal training) saw a way to get kids to act responsibly, without considering the consequences of his legalism. From piecing together accounts online, Harris’s own church reeked of a world of deep-seated problems, including sexual abuse coverup, leadership abuses of power, control and manipulation of their congregation, and overt legalism running rampant. The church had become so damaging, much of his congregation ended up leaving, and there’s an entire blog dedicated to victims trying to recover from Harris and the rest of his church’s leaders. Indeed, it’s very telling to see the kind of culture his book came out of, and the horrifying fruits of it. When you read that Josh Harris has departed Christianity, this appears by all accounts to be a very good thing for Christianity. Continue reading “Decultifying Christianity” Posted on November 10, 2018March 25, 2019 ICELAND’S OVER-TOURISM IS CHANGING THE COUNTRY There’s a long held belief in the concept of “leave no trace” when visiting a place, but there’s one very noticeable artifact western tourists have been leaving on Iceland that you unfortunately can’t simply pick up and throw away. With tourism growing 500% in Iceland over the past decade, western tourists have placed higher demands on the country than it’s been capable of adsorbing without affecting the country’s foundations. While the economy in Reykjavik has no doubt experienced a boost, this has come at the expense of cultural and geographical changes that are not necessarily welcome bymany Icelanders.
In 2010, the number of international visitors to Iceland was 488,600. As of 2017, that number swelled to 2,224,600. As a result, Iceland built out infrastructure. Significant infrastructure including large excavation efforts to build attractions, tour bus companies, and expansion of roads and bridges. During this period, local economies also adapted by building out their own tourist infrastructure within previously rural, untouched cities. The end result has been a very large tourist industry that has both changed the culture and the face of Iceland to conform more closely to western tourist ideals. Much of this change has been driven from the western sense of tourist entitlement which has changed local economies in many ways that are foreign to Icelanders. Money is a powerful thing, and because the economy has become so dependent on tourism, rather than the fishing and farming industry that Iceland used to depend on, it’s become easy to manipulate a country into change that many otherwisewouldn’t want.
Continue reading “Iceland’s Over-Tourism is Changing TheCountry”
Posted on October 21, 2018January 26, 2020 TUTORIAL: NORTHERN LIGHTS CHASING IN ICELAND There’s nothing quite as magical as seeing a bright green and pink Aurora Borealis dancing in the sky. One of the world’s most dazzling natural light displays, the Aurora is produced when charged particles from solar winds encounter our atmosphere, penetrating the Earth’s magnetic field, exciting Oxygen and Nitrogen to produce green and pink Auroras, respectively. It’s not only amazing to look at, but occasionally you can even hear it’s static-like pulses. There’s nothing quite like observing the Northern Lights in person, so of course you’re going to want to capture some amazing memories of it. One of the neat things about Aurora photography is that it’s always changing; there’s always a new dance to capture, and plenty of foregrounds to shoot from. My wife and I have been Aurora chasing for several years now, and have captured her over many trips to Norway, Iceland, and New England, with trips to Labrador, Finland, and more of the world on our short list. Along the way, we’ve picked up a few tricks, and gotten some practice in taking astrophotography inbetween.
We’ve spent the past two years raising our little girl, Lily, so we hadn’t been traveling internationally for while. This past October, we got back out chasing again (with a junior explorer), so I’ve been brushing up on my skills including my skills at developing these photos, which I’ve updated. Continue reading “Tutorial: Northern Lights Chasing in Iceland” Posted on August 22, 2018September 1, 2018 LIVING WITH DEPRESSION IN TECH I’ve been trying to avoid writing about depression for a while now. Almost nobody in tech wants to talk about things like this. A stigma still very much exists around mental illness, and in tech with all its flaming, trolling, and fragile manhood egos, people have learned to be thick-skinned. It’s taken me years to realize that I never stopped struggling with depression throughout my dysfunctional childhood, and I’ve carried it through my teens and adult life with me. I was diagnosed and medicated as a teen, but didn’t fully understand that it still haunted me, playing the same old record grooves in my brain in adulthood. As my thyroid disease began accelerating, I needed to work even harder to maintain balance or the world would come crashing in. Struggling through my career and relationships, things became easier after I understood what was going on inside of me. I feel a certain responsibility to bring to light what is likely a widespread issue in the tech community. Depression can manifest itself in various forms for different people, and my story isn’t “everyone’s” story. I can only write from my own personal experiences. Most of this has had lifelong personal struggles unrelated to work, and while one can probably deduce this, the focus of _this_ post is handling professional challenges. You might identify with some of these issues, and that’s great if this post helps, but it also shouldn’t be used for self-diagnosis. Depression has been far worse than the details I’m willing to share publicly, and if you think you may be depressed, you should seek professional counseling. I have no background in psychology; I’m just sharing what works for me. I have no background in medicine either, and having been on and off medication, I can’t recommend one way or the other. I do know that all medication has its limits, so learning how to cope is an important part to having a complete life plan. At the end of the day, I can’t solve your depression (or mine), but I can share how I’ve coped with it, and won some victories. This is a survival story that hopefully might have some meaningful advice for others. Continue reading “Living with Depression in Tech” Posted on March 23, 2018August 17, 2018 HOW SOCIAL MEDIA CHANGED US The current young generation will soon have grown up without ever knowing what it’s like to not have social media. They’re also growing up without a sense of how society was before social media came into play. Whether you use social media or not, it’s likely affected your life because it’s changed how people relate to one another – including you. While there are many good aspects of social media and the concept of bringing people together, there are also many negative changes it’s had on how we relate to one another. I’ve spent a lot of time observing others and how social media has affected them online over time, and seen the problems it can create. For me personally, I’ve never been happier to be off of social media than the past year or so when I finally ditched Twitter for good. Twitter is a creepy and toxic place, which seems to be exactly what their CEO wants it to be. I found that I didn’t like the person I had to become in order to stay on it. Most social media is a dumpster fire, but Twitter was a particularly awful experience. It simply isn’t worth the stress and distraction in order to relate to a bunch of randos on the Internet whose only goal in life is to cause misery. Social media doesn’t deserve to have the power to change you, but they do. Getting back to the humanity of relationships is almost like waking up from a bad dream: you’d almost forgotten the goodness in what normal relationships with others (professional, friendships,etc.) feels like.
So at the risk of the next generation never knowing what it’s like to have a normal relationship with others, I’ve written down just a few of the things that are important in building friendships and other types of relationships – things social media seems to have endangered… at least, from the perspective of this old Gen-X’er. Writing all of this makes me really miss how people were before socialmedia existed.
Continue reading “How Social Media Changed Us” Posted on March 14, 2017June 18, 2019JOINING APPLE
I’m pleased to announce that I’ve accepted a position with Apple’s Security Engineering and Architecture team, and am very excited to be working with a group of like minded individuals so passionate about protecting the security and privacy of others. This decision marks the conclusion of what I feel has been a matter of conscience for me over time. Privacy is sacred; our digital lives can reveal so much about us – our interests, our deepest thoughts, and even who we love. I am thrilled to be working with such an exceptional group of people who share a passion to protect that. Posted on February 16, 2017February 16, 2017 ATTACKING THE PHISHING EPIDEMIC As long as people can be tricked, there will always be phishing (or social engineering) on some level or another, but there’s a lot more that we can do with technology to reduce the effectiveness of phishing, and the number of people falling victim to common theft. Making phishing less effective ultimately increases the cost to the criminal, and reduces the total payoff. Few will argue that our existing authentication technologies are stuck in a time warp, with some websites still using standards that date back to the 1990s. Browser design hasn’t changed very much since the Netscape days either, so it’s no wonder many people are so easily fooled by website counterfeits. You may have heard of a term called the _line of death_. This is used to describe the separation between the trusted components of a web browser (such as the address bar and toolbars) and the untrusted components of a browser, namely the browser window. Phishing is easy because this is a farce. We allow untrusted elements in the trusted windows (such as a favicon, which can display a fake lock icon), tolerate financial institutions that teach users to accept any variation of their domain, and use a tiny monochrome font that can make URLs easily mistakable, even if users were paying attention to them. Worse even, it’s the _untrusted_ space that we’re telling users to conduct the _trusted_ operations of authentication and credit card transactions – the untrusted website portion of the webbrowser!.
Our browsers are so awful today that the very best advice we can offer everyday people is to try and memorize all the domains their bank uses, and get a pair of glasses to look at the address bar. We’re teaching users to perform trusted transactions in a piece of software that has no clear demarcation of trust. The authentication systems we use these days were designed to be able to conduct secure transactions with anyone online, not knowing who they are, but most users today know exactly who they’re doing business with; they do business with the same organizations over and over; yet to the average user, a URL or an SSL certificate with a slightly different name or fingerprint means nothing. The average user relies on the one thing we have no control over: What the contentlooks like.
I propose we flip this on its head. Continue reading “Attacking the Phishing Epidemic” Posted on February 9, 2017February 13, 2017 PROTECTING YOUR DATA AT A BORDER CROSSING With the current US administration pondering the possibility of forcing foreign travelers to give up their social media _passwords_ at the border, a lot of recent and justifiable concern has been raised about data privacy. The first mistake you could make is presuming that such a policy won’t affect US citizens. For decades, JTTFs (Joint Terrorism Task Forces) have engaged in intelligence sharing around the world, allowing foreign governments to spy on you on behalf of your home country, passing that information along through various databases. What few protections citizens have in their home countries end at the border, and when an ally spies on you, that data is usually fair game to share back to your home country. Think of it as a backdoor built into your constitutional rights. To underscore the significance of this, consider that the president signed an executive order just today stepping up efforts at fighting international crime, which will likely result in the strengthening of resources to a JTTFs to expand this practice of “spying on my brother’s brother for him”. With this, the president also counted the most common crimes – drugs, gangs, racketeering, etc – as matters of “national security”. Once policies that require surrendering passwords (I’ll call them _password policies_ from now on) are adopted, the obvious intelligence benefit will no doubt inspire other countries to establish reciprocity in order to leverage receiving better intelligence about their own citizens traveling abroad. It’s likely the US will inspire many countries, including oppressive nations, to institute the same password policies at the border. This will ultimately be used to skirt search and seizure laws by opening up your data to forensic collection. In other words, you don’t need Microsoft to service a warrant, nor will the soil your data sits on matter, because it will be a border agent connecting directly your account with special software throug the front door. I am not a lawyer, and I can’t provide you with legal advice about your rights, or what you can do at a border crossing to protect yourself legally, but I can explain the technical implications of this, as well as provide some steps you can take to protect your data regardless of what country you’re entering. Disclaimer: You accept full responsibility and liability for taking any of this informationand using it.
Continue reading “Protecting Your Data at a Border Crossing” Posted on February 2, 2017February 2, 2017 SLIDES: CRAFTING MACOS ROOT KITS Here are the slides from my talk at Dartmouth College this week; this was a basic introduction / overview of the macOS kernel and how root kits often have fun with the kernel. There’s not much new here, but the deck might be a good introduction for anyone looking to get into develop security tools or conduct security research in macOS. Note: Root kits aren’t exploits; there’s no exploit code in this deck.Sorry!
Crafting macOS Root Kits Posted on February 2, 2017October 21, 2019 RESOLVING KERNEL SYMBOLS POST-ASLR There are some 21,000 symbols in the macOS kernel, but all but around 3,500 are opaque even to kernel developers. The reasoning behind this was likely twofold: first, Apple is continually making changes and improvements in the kernel, and they probably don’t want kernel developers mucking around with unstable portions of the code. Secondly, kernel dev used to be the wild wild west, especially before you needed a special code signing cert to load a kext, and there were a lot of bad devs who wrote awful code making macOS completely unstable. Customers running such software probably blamed Apple for it, instead of the developer. Apple now has tighter control over who can write kernel code, but it doesn’t mean developers have gotten any better at it. Looking at some commercial products out there, there’s unsurprisingly still terrible code to do things in the kernel that should never be done. So most of the kernel is opaque to kernel developers for good reason, and this has reduced the amount of rope they have to hang themselves with. For some doing really advanced work though (especially in security), the kernel can sometimes feel like a Fisher Price steering wheel because of this, and so many have found ways around privatized functions by resolving these symbols and using them anyway. After all, if you’re going to combat root kits, you have to act like a root kit in many ways, and if you’re going to combat ransomware, you have to dig your claws into many of the routines that ransomware would use – some of which are privatized. Today, there are many awful implementations of both malware and anti-malware code out there that resolve these private kernel symbols. Many of them do idiotic things like open and read the kernel from a file, scan memory looking for magic headers, and other very non-portable techniques that risk destabilizing macOS even more. So I thought I’d take a look at one of the good examples that particularly stood out to me. Some years back, Nemo and Snare wrote some good in-memory symbol resolving code that walked the LC_SYMTAB without having to read the kernel from disk, scan memory, or do any other disgusting things, and did it in a portable way that worked on whatever new versions of macOS came out. Continue reading “Resolving Kernel Symbols Post-ASLR” Posted on January 26, 2017January 26, 2017 TECHNICAL ANALYSIS: MEITU IS JUNKWARE, BUT NOT MALICIOUS Last week, I live tweeted some reverse engineering of the Meitu iOS app, after it got a lot of attention on Android for some awful things, like scraping the IMEI of the phone. To summarize my own findings, the iOS version of Meitu is, in my opinion, one of thousands of types of crapware that you’ll find on any mobile platform, but does not appear to be malicious. In this context, I looked for exfiltration or destruction of personal data to be a key indicator of malicious behavior, as well as performing any kind of unauthorized code execution on the device or performing nefarious tasks… but Meitu does not appear to go beyond basic advertiser tracking. The application comes with several ad trackers and data mining packages compiled into it – which appear to be primarily responsible for the app’s suspicious behavior. While it’s unusually overloaded with tracking software, it also doesn’t seem to be performing any kind of exfiltration of personal data, with some possible exceptions to location tracking. One of the reasons the iOS app is likely less disgusting than the Android app is because it can’t get away with most of that kind of behavior on the iOS platform. Continue reading “Technical Analysis: Meitu is Junkware, but notMalicious”
Posted on January 17, 2017January 18, 2017 CONFIGURING THE TOUCH BAR FOR SYSTEM LOCKDOWN The new Touch Bar is often marketed as a gimmick, but one powerful capability it has is to function as a lockdown mechanism for your machine in the event of a physical breach. By changing a few power management settings and customizing the Touch Bar, you can add a button that will instantly lock the machine’s screen and then begin a countdown (that’s configurable, e.g. 5 minutes) to lock down the entire system, which will disable the fingerprint reader, remove power to the RAM, and discard your FileVault keys, effectively locking the encryption, protecting you from cold boot attacks, and prevent the system from being unlocked by a fingerprint. One of the reasons you may want to do this is to allow the system to remain live while you step away, answer the door, or run to the bathroom, but in the event that you don’t come back within a few minutes, lock things down. It can be ideal for the office, hotels, or anywhere you feel that you feel your system may become physically compromised. This technique offers the convenience of being able to unlock the system with your fingerprint if you come back quickly, but the safety of having the system secure itself if you don’t. Continue reading “Configuring the Touch Bar for System Lockdown” Posted on January 13, 2017January 18, 2017 BACKDOOR: A TECHNICAL DEFINITION Original Date: April, 2016 A clear technical definition of the term backdoor has never reached wide consensus in the computing community. In this paper, I present a three-prong test to determine if a mechanism is a backdoor: “intent”, “consent”, and “access”; all three tests must be satisfied in order for a mechanism to meet the definition of a backdoor. This three-prong test may be applied to software, firmware, and even hardware mechanisms in any computing environment that establish a security boundary, either explicitly or implicitly. These tests, as I will explain, take more complex issues such as disclosure and authorization into account. The technical definition I present is rigid enough to identify the taxonomy that backdoors share in common, but is also flexible enough to allow for valid arguments and discussion. Continue reading “Backdoor: A Technical Definition” Posted on January 11, 2017March 14, 2017ON CHRISTIANITY
I’ve often been asked why an intellectual type guy such as myself would believe in God – a figure most Americans equate to a good bedtime story, or a religious symbol for people who need that sort of thing. Quite the contrary, what I’ve discovered in my years of being a Christian is that it is highly intellectually stimulating to strive to understand God, and that my faith has been a thought-provoking and captivating journey. I wasn’t raised in a Christian home, nor did I have any real preconceived notions about concepts such as _church_ or _the Bible_. Like most, I didn’t really understand Christianity with anything other than an outside perception for the first part of my life – all I had surmised was that he was a religious symbol forreligious people.
Today’s perception of Christianity is that of a hate-filled, bigoted group of racists, a title that many so-called Christians have rightfully earned for themselves. This doesn’t represent Christianity any more than the other stereotypes do, and even atheists know enough about the Bible to know that such a position is hypocritical. Since 1993, I’ve been walking in the conviction that God is more than just a story, that he’s nothing like the stereotypes, and that it takes looking outside of typical American culture to really get an idea of what God is about. In this country, I’ve seen all of the different notions of what a church should be; I think most people already know in their heart who God is, and that’s why they’re so averse to the church. Continue reading “On Christianity” Posted on January 6, 2017January 10, 2017 ON NCCIC/FBI JOINT REPORT JAR-16-20296 Social media is ripe with analysis of an FBI joint report on Russian malicious cyber activity, and whether or not it provides sufficient evidence to tie Russia to election hacking. What most people are missing is that the JAR was not intended as a presentation of evidence, but rather a statement about the Russian compromises, followed by a detailed scavenger hunt for administrators to identify the possibility of a compromise on their systems. The data included indicators of compromise, not the evidentiary artifacts that tie Russia to the DNC hack. One thing that’s been made clear by recent statements by James Clapper and Admiral Rogers is that they don’t know how deep inside American computing infrastructure Russia has been able to get a foothold. Rogers cited his biggest fear as the possibility of Russian interference by injection of false data into existing computer systems. Imagine the financial systems that drive the stock market, criminal databases, driver’s license databases, and other infrastructure being subject to malicious records injection (or deletion) by a nation state. The FBI is clearly scared that Russia has penetrated more systems than we know about, and has put out pages of information to help admins go on the equivalent of a bug bounty. Continue reading “On NCCIC/FBI Joint Report JAR-16-20296” Posted on November 2, 2016January 10, 2017 SAN BERNARDINO: BEHIND THE SCENES I wasn’t originally going to dig into some of the ugly details about San Bernardino, but with FBI Director Comey’s latest actions to publicly embarrass Hillary Clinton (who I don’t support), or to possibly tip the election towards Donald Trump (who I also don’t support), I am getting to learn more about James Comey and from what I’ve learned, a pattern of pushing a private agenda seems to be emerging. This is relevant because the San Bernardino iPhone matter saw numerous accusations of pushing a private agenda by Comey as well; that it was a power grab for the bureau and an attempt to get a court precedent to force private business to backdoor encryption, while lying to the public and possibly misleading the courts under the guiseof terrorism.
Continue reading “San Bernardino: Behind the Scenes” Posted on October 3, 2016November 20, 2016 ON THE STATE OF OPEN SOURCE I was just a teenager when I got involved in the open source community. I remember talking with an old bearded guy once about how this new organization, GNU, is going to change everything. Over the years, I mucked around with a number of different OSS tools and operating systems, got excited when symmetric multiprocessing came to BSD, screwed around with Linux boot and root disks, and had become both engaged and enthralled with the new community that had developed around Unix over the years. That same spirit was simultaneously shared outside of the Unix world, too. Apple user groups met frequently to share new programs we were working on with our ][gs’s and Macs, exchange new shareware (which we actually paid for, because the authors deserved it), and to buy stacks of floppies of the latest fonts or system disks. We often demoed our new inventions, shared and exchanged the source code to our BBS systems, games, or anything else we were working on, and made the agendas of our user groups community efforts to teach and understand the awful protocols, APIs, and compilers we had at the time. This was my first experience with open source. Maybe it was not yours, although I hope yours was just as positive. It wasn’t open source that people were excited about, and we didn’t really even call it open source at first. It was computer science in general. Computer science was a brand new world of discovery for many of us, and open source was merely the bi-product of natural curiosity and the desire to share knowledge and collaborate. You could call it hacking, but at the time we didn’t know what the hell we were doing, or what to call it. The environment, at the time, was positive, open, and supportive; words that, unfortunately, you probably wouldn’t associate with open source today. You could split hairs and call this the “computing” or “hacking” community, but at the time all of these things were intertwined, and you couldn’t tease them apart without destroying them all: perhaps that’s what went wrong, eventually we did. Continue reading “On the State of Open Source”POSTS NAVIGATION
Page 1 Page 2 … Page 8Next page
LINKS
* 500px
* GitHub
PAGES
* About Me
* Books
* Papers
* Photography
CATEGORIES
* Christianity
* Essays
* Forensics
* General
* iPhone
* Machine Learning
* Music
* Photography
* Politics
* Security
May 2020
M
T
W
T
F
S
S
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Mar
Reluctantly powered by WordPressDetails
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0