Silverskin, WireGuard, GCF, SatNet, WinEvent, GPG2, Veracrypt

  • Had interesting talk with Silverskin. Operation and System security should be high priority in every software company, where problems can indirectly affect large number of other organizations and people more or less directly. Yet finding budget money for that might be hard.
  • Installed WireGuard on VPS, home server and on mobile. Works out great. See: WireGuard @ Wikipedia - Yet official Windows client isn't available just yet.
  • Studied and shortly played with Cloud Functions @ Google Cloud. Well, it's the same stuff that others are offering. Except it was strange that they recommended using SendGrid for email.
  • It's really interesting to see that OneWeb @ oneweb.world and OneWeb @ Wikipedia has already started launching satellites, which should ultimately provide high speed global satellite connectivity. There seems to be lot of competition in this sector, Iridium NEXT @ Wikipedia is already up there, and if the StarLink @ Wikipedia by SpaceX comes.
  • So traditional, first customer complains that process X stops. Sure, it stops because field Y doesn't contain mandatory data. Then they require that the integration must be made to work immediately. Ok, I'll drop the requirement for mandatory data in field Y. They're happy for a while. And then they start complaining that the next system in the processing chain indicates that my system is invalid data. Oh well, what did you expect? How about just adding the mandatory data at the source or earlier in the processing chain, which is up to them, instead all of this pointless software changes and email & complaint flood. - Business as usual.
  • Went through remote desktop audit authentication failure log and that's wayyyyy long as usual. It's just funny that how some credentials the attackers are using clearly indicate where the credentials were obtained from, because the company / domain is so clearly identifiable. Not going to mention any, but there are national and international large companies and medical & banking organizations and so on. As well as our competitors, which made me smile. Good thing is that the logs clearly indicate that using long random username + password + 2FA, is a combination that nobody is even willing to try. Because it would take ages, even if possible in theory. Also the automated scan / attack blocking system blocks the attempts network wide very quickly, even if unsuccessful.
  • Got super frustrated with Microsoft Windows EventLogs, those are so badly and messily designed, with inconsistent and non-logical naming. I've now spent two hours and still can't get the events I want from the log. Probably there's some undocumented trap hat trick, which makes this task again trivial when you know it. But this is exactly where bad design shows, it makes simple things very hard, unless you know all the required tricks to complete the task trivially. Total mess with provider name, source name, log name, event id, channel, and lack of proper (direct) filtration, without piping to extra filtration. Inherently broken system, or probably just tricky. Data is accessible via Show-EventLog but can't be read with Get-EventLog, so annoying. And now I know what the trap was, it needs to be accessed via Get-WinEvent. Yet it lags filtration options like InstanceId and After.
  • All this IoT craze and nobody manufactures dirt cheap USB 433 MHz transreceivers? Why? It's something which should be technically dirt cheap. USB stuff is ridiculously cheap, so is 433 MHz simple radios, but combination of those is not cheap, why?
  • What to know which GnuPG2 .key file in private-keys-v1.d contains which key actually? Nope, the files aren't named using finger-print. But instead something galled keygrip. using parameter gpg2 -K or gpg2 -k with --with-keygrip shows you which file contains which keys.
  • Veracrypt almost lead to data loss. Because the software / driver state got corrupted so badly that it couldn't mount volumes again, even after reboot. But as old school dude, I recommended uninstalling the software, rebooting machine, re-installing the software, booting again and seeing if it works. Yup, it worked. The client was really devastated because they had everything important in that encrypted file system container and of course they didn't have up to date backup. (Yeah, if it's important you've got a backup. If you don't have a backup, then it's not important. So stop whining.) But job done, everyone's happy and they had a little lesson about keeping backups up to date. And of course they didn't have header copy nor recovery keys. That's also a good idea just in case to have. I personally always prefer backups over recovery, because recovery is so unreliable. Veracrypt @ Wikipedia

2020-05-17