Dan [the] Salmon

#FuckStalkerware pt. 3 - ownspy got, well, owned

Part 3 of a series of hacktivist posts examining stalkerware apps from the inside out.

The Chronicles of a New York Locksmith | Keys to the City | The New Yorker Documentary

DEF CON 31 - The Art of Compromising C2 Servers A Web App Vulns Perspective - Vangelis Stykas

Vangelis does a fantastic job walking through the exploitation of a half dozen malware C2 systems.

Fu-Go balloon bomb

This is one of 2 stories covered in the linked Radiolab episode - a very elegant method of attack the Japanese employed against the US in WWII. The most surprising thing to me was is that most people have never heard of it at all.

How I hacked chess.com with a rookie exploit

Social Security Numbers

I have heard a lot of rumours and tidbits about how SSNs are not random and that you can narrow down a person’s social by knowing some details about them. This is the first post I’ve found that lays out the How and Why. Just more confirmation that we should either not treat SSNs as secrets or we should only ever provide them to the government.

Fixing Macs Door to Door

A fascinating first-person account of Mac repair person who worked under a now-forgotten program called AppleCare Dispatch.

Picking the Widevine Locks: Acquiring and Using an L3 CDM

How to download and decrypt online video ‘protected’ by Widevine DRM.