Author: Dave VR

Locked out of a Tesla

A neighbour was locked out of their Tesla. I’m not exactly sure how that happened. They were trying to explain that their phone died and they didn’t have their “card” on them.

Apparently, realising their phone battery was about to die they ran to their car in order to charge it only to fail to reach it in time. The phone won’t turn on and therefore they can’t unlock their car. WTF? Unlike old school vehicles that have a mechanical backup key for getting inside your vehicle if the battery dies, this Tesla owner was out of luck. Unless she could charge her phone she wasn’t getting into her car anytime soon.

OSINT yourself

When learning anything new, knowing where to start can prove a challenge. Do you pay for a course, buy a book, or maybe look online?

With OSINT I recommend starting with yourself. Imagine you are an in-house digital private detective hired by yourself to investigate, well, yourself. Maybe you are about to apply for a high-profile job or are about to be security vetted for some reason. Either way, the client, you, wants to know what information is out there in the wide world about you.

OSINT stands for Open Source INTelligence and relates to the accessing of freely available information sources in order to process the data retrieved in order to obtain some form of intelligence, in this case learning what information is available about your subject online. The subject being you.

It’s a great way to learn OSINT techniques and it can be both fun and illuminating. Good or bad, whatever you find will be useful. If you find good things that you are happy to be out there then great. If you find bad things then at least you now know about them and can do something about them.

Start with search engines like Google. Search for all variations of your name. If you find images of yourself, paste them into reverse image search engines to see where else they may appear. Log and record everything you find. URLs, images, text, everything. Map out your findings and follow every lead. Leave no stone unturned. Your job as an OSINT investigator is to find everything about your client that is publicly available.

Carry out web searches for OSINT tools and techniques. Have a play with the tools as part of your endeavour. Note what is useful and what is not. Start creating your own playbook and make lots of notes. The deeper you dive the more you learn.

Take your time, don’t rush things. Learn how to look up company information, property details, employment history, social network accounts, and so on.

Search for report templates and create something that suits you. Write up your findings with recommendations.

Congratulations! You just got started in OSINT and you had fun doing it. You learned new tools and techniques and you also learned what information about you is freely available. Now action any recommendations and run a periodic check. Plus sign up to OSINT groups, newsletters, and websites and keep learning!

Hack your home network

A great way to learn ethical hacking in the comfort of your own home, is to hack your own home.

When asked how I got started and which courses I recommended, I always suggest to start at home.

Most people have internet access served by a home router, with at least one computer, maybe some tablets, mobile phones, smart TVs, set-top boxes, and possibly some IoT devices connected in order to receive updates and serve content.

Why not learn the tools and techniques of hacking by running a security test on your own home network? Start by using a tool like nmap to scan your network and see what devices you can find. Map out the connected devices by IP address and try to fingerprint each. Look at open ports. Is the device located at a particular IP address a printer or mobile phone? How can you tell? Probe the device further. Is the operating system and software being reported out dated? Are there known vulnerabilities and exploits for your device? Google the versions being reported by nmap.

Once you have mapped out your network, run periodic scans to see if new devices connect. Walk around your house and turn things on that you know will connect to the home network or wait for other occupants of your household to enable their devices. Let them know what you are doing. Remember, you are scanning not exploiting!

Next use a packet sniffer like Wireshark to inspect the traffic between your devices and the router and the internet. Are there any security holes you can see? Use an application programming interface (API) tool to try to communicate with your devices. Understand how they work. Probe for weaknesses.

Once you are done write a report for yourself on your findings along with recommendations. Look online for vulnerability analysis or penentration test report templates. What could you do to improve the security of your home network and home devices? Maybe change some settings on the router? Remove permissions granted to devices that you no longer own. Maybe you added a port-forwarding rule for a games console that is long gone. Delete the rule if still present.

Congratulations. You have learned how to scan a network, probe for weaknesses, and compose a report on your findings with recommendations, and all from the comfort of your own home with no cost to you other than your time. Next, fix the problems that you found and action any recommendations.

A mental base of operations

I’ve learned to create a “mental base of operations”.

Sounds weird but they a places where you can create a makeshift office or space to sort stuff out, get stuff done. A coffee shop, a desk in a corner somewhere, a cheap hotel room. Somewhere where you can relax and get into your own headspace for a period of time so you can focus on what needs sorting.

A place where you know you have half an hour, an hour, or maybe two, where you can just focus and get stuff done.

I worked a contract at a University once working on planning a strategy. When I arrived they had no desk or place for me to work. My office was mobile, all in my backpack. I just needed Wi-Fi and power. I found a quiet desk in the University library. I worked from there for the best part of a week. I was on-site and available for meetings and when I wasn’t in a face-to-face meeting I was in my mental base of operations: a quiet library.

I’ve written articles in coffee shops, an eBook in a hospital cafe, written reports in libraries and spare rooms. I’m writing this post in a gym waiting area. All you need is a little space for a short period of time to just focus and get stuff done.

Smart TVs

I own a few smart TVs. Not all remain so. Some manufacturers stop supporting them after a while. They stop receiving updates or the apps stop working. Eventually nothing works and they become a monitor, a screen.

You end up sourcing another device to re-enable the feeds you subscribe to. A USB / HDMI stick, a games console, or a set-top box of some kind. The smartness moving outside of the screen hardware into an externally connected device.

Some retailers offer up to 5-years cover on the hardware, but not for the software. That could end in a year or maybe two if you are lucky.

Your smart TVs are basically PCs with no upgrade potential. At some point the manufacturer will cease all support and you can’t upgrade it. Better to buy a large computer monitor and have the smart part in something external that can be upgraded or is cheaper to replace.

Private car parks

Private car parks can be a nightmare. You pull into an area you don’t know, needing to park, and before you know it you have driven into a private car park.

The first indication is the signs on posts. Usually badly lit. In the UK there is an unwritten rule that if you find yourself in a private car park you have five minutes to pay or get out. This rule is currently being debated as the fines for not paying within five minutes can be as much as a second hand car!

Personally, I’ve had to go through the dispute process on several occasions. On one occasion there were no spaces and I offered to submit my dashcam recordings as evidence. On another they only accepted digital payments by app and I had no phone signal to download it. Again I had dashcam evidence to prove that as soon as I realised this I attempted to leave but was stuck in a queue for the exit.

If you don’t have a dashcam then it’s your word against theirs. If you know that you are in the right you can always ask them to prove a negative. Prove that you were not in a queue trying to get out of the car park minutes after entering. Prove that there was adequate phone signal at that time for your network.

These private car park companies have gotten the art of sending out legal-looking fines and threatening wording down to a fine art. Plus they will offer a discount if you pay faster, nevermind the fact that you shouldn’t be paying anything at all.

It’s gotten to the point where I hate parking. If I have to park somewhere I try to do my research beforehand to know where I can park safely, either for free or in a local authority run car park.

The world around and in you

There are many different ways of looking at the world. All come from within. Your perceptions and how you interpret and react to the world around you determines how you view it and your enjoyment of it.

There’s an example I like to use to illustrate this based on two people I met on my travels.

The first was a lady I met in New Zealand. She was on a package holiday whereas I was winging it going in whatever direction I felt next. We ran into each other on a Maori farm on the north island in an area known as the bay of plenty.

She told me that she had broken her (non dominant) wrist in a sporting accident and couldn’t wait to get home. She was going through the motions living each remaining day of her holiday but enjoying none of it. She hated this country, the people, the food, everything. She just wanted to get back home.

This wasn’t how she had felt before the accident, she was having the time of her life. That all changed however since the accident.


The second was a young man I met in a youth hostel in Sydney Australia. He was on the phone to his mum when we met. She was crying. Afterwards he explained how he and his mates came out here, bought a cheap van, surfboards, and the gear they needed and just travelled the coast surfing and partying. Then that very morning someone had stolen the van and all his possessions including his passport. He told me that everyone couldn’t have been more helpful and he has papers to get back home. He was as happy as can be. “I loved every minute dude” he told me. “It’s been a blast, an amazing holiday”. “Ok so all my stuff is gone and all my photos but they can’t take what’s up here” he said pointing to his head. His mum was upset for him but this guy was so chilled.

Both fellow travellers had suffered a major setback, a traumatic event. Yet while the first had chosen to view everything negatively, the second had chosen the opposite, to remember the fun times. After all it’s just stuff and that can be replaced. He did not let life get him down and he was a better person because of it.

Only you can control how the world around you affects you.

Why Wild Rain

Thoughts and ideas swirl around in my head constantly. I can’t seem to turn it off. I’ve tried meditation, going for long walks, and just listening to music. Yet the noise in my head is ever present, like a wild rain.

I discovered that journaling was a great way to clear my mind. The very act of writing down my thoughts and ideas would instantly bring relief. It felt like an overflowing water butt leaking from the lid and then someone opened up the tap to fill a watering can. The purpose of the butt being realised: to collect and dispense rain water. The pressure relieved.

Wild Rain is my digital journal of thoughts and ideas that swirl around in my head before being poured into this digital repository for me to play with, edit, refine and then.. forget. Returning only when the pressure builds up again.

I’ve learned that if you leave too many thoughts and ideas in your head for too long then new ones don’t happen. It’s like your brain is waiting for you to action them. Saying “Hey I thought of these great ideas, now it’s over to you to do something with them”. Writing them down feels like they’ve been addressed, now the brain is free to think about something new. Content in the knowledge that whatever it thinks about will be processed later.

Retirement is wasted on the old

What would you do if you didn’t need money?

Think about that for a moment. Most of what we do each day is dictated by money. Going to work, shopping, holidays, going for a drive, eating out, etc etc.

If money was no longer an issue, what would you do?

Travel the world, visit family and friends more, write a book just for fun, learn to paint, get fit, sleep more, spend more time in the garden.

I’ve been hanging out with a few retired friends recently and they had faced this very question. They no longer needed to work. They either reached retirement age and had enough saved, or they inherited money or sold a business and decided they were done working for money.

So what did they end up doing?

One learned to paint and spent more time in his garden, joining a few clubs such as a book club, mahjong and scrabble, and a dining club. Another tinkers with old cars in his garage and buys stuff that he couldn’t afford when they were younger just to tinker with or display for no one but themselves to see. Another travels and writes about their adventures.

Thinking about it, there is nothing stopping us non retirees from doing any of this. We can travel, paint, garden, tinker. Why put something off til the tail-end of your life? I mean, there’s no guarantee that you will get there so why put the fun stuff off? Why not have mini retirements? Save up and take breaks throughout your career. Six months here, a year there, and so on.

Retirement is wasted on the old.

Make a list of what you would do if you could and start doing them now.