I developed an openvpn flasheable installer package for android. This OpenVPN, unlike others in the play store, have the capability to run entirely from a command line based interface. This option was included on CM10.2 but they have dropped it on CM11. Now you can use it again:
Penetration testing and vulnerability assesment is a practice that every day becomes more important to our businesses. Today we need to make security stress tests in order to discover potential vulnerabilities that may exist in our systems.
Android is weak by nature… If you want to keep your android secured, you should take a lot of considerations. Every day, the software is designed to be more and more intrusive, however, such level of intrusion could expose yourself to hackers.
Many people wanted, many times without success, criminalize any researcher investing time in bug hunting, specially in security related applications.
In many societies, this is a TABU, some people think that found a vulnerability and develop a proof of concept, is the equivalent of making a weapon. They argue that such exploits could be used to carry attacks, at the end of day, that could affect the property and life.
After many years in the area, I decided to write this article for beginners in the field.
How to become a real hacker?
In the past few years Diffie-Hellman has become unsupported in the main internet websites, do you know the implications?
But this is not the only thing happening, many reputable websites, including banks, social networks and search engines have chosen to continue to support for TLSv1.0 and SSLv2 “for compatibility reasons”
Suppose that you are away from your home or work, and some issue happens suddenly with your server, or you want to test something on your server right now. You can use your blackberry device to reach your server from anywhere.
Continue reading SSH: A path from linux to linux using blackberry
Now Fedora comes with “PackageKit”, a graphical tool for automated updates. However, the packagekit updates need the approval from the user and also a graphical interface.
Continue reading How to activate automatic updates on Fedora 9-17
Fedora, and some others Linux distributions doesn’t provide you any simple way to setup the cypher properties on root filesystem.
Here, we will provide you enough information about the cypher process on fedora and one technique to speed up and/or secure up the cypher using XTS instead CBC-ESSIV
Continue reading Speeding up or Securing up the Encrypted Root Filesystem on Fedora 10
Based in my securityfocus topic responce, and also in some information security audits that i’ve done, i think in the idea to statistical prove the attack risk level at some organization.
| Number of accounts | Having almost one weak key probability |
| 10 | 0.401 – 40.1% |
| 25 | 0.722 – 72.2% |
| 50 | 0.923 – 92.3% |
| 100 | 0.994 – 99.4% |