Author: Dave VR

Ways drones could be used and abused

I’ve been thinking about drones recently. I have a friend that races them, a neighbour that has one to map out the local area, and I own a tiny in-door one myself. Drones seem to be growing in popularity and so I started looking into the security implications of drones and noted all the ways that drones could be hacked, used and abused.

Here’s my list:

– Crashed on purpose or flown into obstacles, vehicles, or people.

– Used for remote surveillance, monitoring, eavesdropping, shoulder-surfing of keypad entry use, invasion of personal privacy.

– To steal other drones using techniques such as jamming and spoofing. See Samy Kamkar’s Skyjack experiment as an example.

– To steal on-board data from other drones. Drones have digital storage for video, image, and audio recorded data. This could be stolen. Also the interception of the data streams that a drone sends back to its base station could be intercepted.

– To steal wireless data. Drones can be used to intercept Wifi, Bluetooth, RFID, ZigBee, and any other wireless data by carrying the appropriate hacking tools and communications equipment. The drone can be flown within range of the target communications signals and then spoof and hack its way in. It could even be flown onto an office building roof in order to become a WiFi pineapple device then return to base with no human required to access the target location.

– To deliver contraband across borders, fences, and other restricted areas.

– To hack vehicles by flying above the vehicle and employing vehicle hacking technology.

– To create a communications network. Instead of using the cell towers of a communications company a network of drones with specialist on-board software and equipment could act as a mobile cell network to provide communications for an organisation preventing eavesdropping from the authorities.

– To map out locations and buildings in greater detail than Google streetview and Google Earth can offer.

– To disable security cameras in an area by locating the cameras and using various techniques such as IR to disable the cameras for a period of time before criminals access the location.

– To assist with heists from vehicle hijacks to museum robberies.

Can you think of any others? 

Who called me

Who called me

When you work with computers and possess at least one certification in cyber security, you tend to have friends or family that call or message you on occasion asking you to trace a phone number for them as if you are some form of digital private eye.

The truth is that only the authorities with the assistance of the telecom providers can legally do that. All these websites that say they can trace any number in the world for you are lying. They are just scams after your money. At best they have scraped open source content for numbers and can tell you the network provider, country of origin, and anything that is available online for free. Maybe they’ve concatenated and absorbed phone directories and public domain phone number repositories. They certainly can’t trace an unlisted number for you.

That said, if the number does have a footprint of some kind in the public domain then there are ways of finding it. Using Google Dorking to scour search engine data may uncover something useful. Governmental company registration databases that are open to the public may also reveal data. Whois records, club memberships, company websites, etc.

The phone number is just a character string. Play with the format when searching. For example if you were called by 07709 123456 and you are in the UK you could search for exact string matches of:

07709 123456
07709123456
7709 123456
7709123456
44 07709 123456
44 7709 123456
4407709123456
447709123456

Google for OSINT tools and techniques related to phone numbers for more suggestions.

AI generated music

Spotify has been suggesting a lot of AI generated music of late and I’m getting better at spotting it. Or at least I think I am. I add what I like to my playlist.

When I hear that metallic edge that almost sounds like a distortion to the human voice, almost robotic like certain frequencies have been removed, I think that yes this is AI but I still have to check. Some artists are honest and clearly state that they used AI in its creation. Others even list the AI tools they used to create both the music, lyrics, and supporting artwork. Others you have to dig deeper. A one-person creation that features an entire band plus vocals, sometimes male and female, with amazing artwork and even a music video? AI.

There are of course negatives to AI created music. The creator may have no musical talent whatsoever. They are a master of the prompt only. You can’t see the band live as they don’t exist. Air guitar seems somewhat fake, as there is no actual guitar involved. Just a load of ones and zeroes. But if you enjoy it, what’s the harm?

What are your thoughts on AI generated music?

You can’t take it with you

We acquire so much stuff. Items that are precious to us. Things that are necessary to support day-to-day living and to aid in our comfort. Nik naks and trinkets. Things that need polishing, dusting, caring for. Photographs, family albums, memories. Yet you can take none of it with you. We leave this world with what we brought into it.

This thought comes to mind as I visit the weekend auctions. Rooms full of other peoples stuff. Remnants of their estate, their ‘worldly possessions’. The stuff that their relations and friends didn’t want, but was still precious to the deceased.

When my Grandma’s estate was being sorted I was away. I was asked what I wanted beyond what was left to me in her will. I didn’t need for anything so mentioned a face-cast of a saracen mounted on the wall of the spare bedroom. It used to frighten me as a child during stay-overs. I always requested that it be taken down. It reminded me of my visits to Grandma’s house so for some reason I asked for it. Later I learned that others did something similar. They asked for something that meant something to them, or had monetary value. Everything else, clothing, furniture, kitchenware, nik naks, was left behind for the local council to dispose of.

It’s sad really. But the memory serves to remind me that it’s all just stuff.

You can’t take it with you.

Car parking space dimensions

I drive a large car and find it hard to fit it into a UK parking space. As such I loath car parks with a passion, especially supermarket car parks. Having worked on insurance software I know that a lot of reported accidents occurred in car parks, especially door scratches and dents, or broken wing mirrors due to tight parking spaces.

The requirements for the size of a car parking space were drawn up in the 1970s and they haven’t really changed since. In fact recent studies have found that there are over a hundred vehicle models on the road, including mine, that will not fit within your average car parking space today. Cars are getting bigger. Even with camera assist, both the front and rear of my vehicle overhang. The sides are just inside but the doors will need to open into the adjacent spaces in order for the passengers to get out.

With the price of land being at a premium, car park owners are loath to redraw the spaces to give users more space as it means less vehicle capacity and therefore less earnings.

Isn’t it time that car parking space dimensions were updated to reflect today’s vehicles?

Locked out of a Tesla

A neighbour was locked out of their Tesla. I’m not exactly sure how that happened. They were trying to explain that their phone died and they didn’t have their “card” on them.

Apparently, realising their phone battery was about to die they ran to their car in order to charge it only to fail to reach it in time. The phone won’t turn on and therefore they can’t unlock their car. WTF? Unlike old school vehicles that have a mechanical backup key for getting inside your vehicle if the battery dies, this Tesla owner was out of luck. Unless she could charge her phone she wasn’t getting into her car anytime soon.

OSINT yourself

When learning anything new, knowing where to start can prove a challenge. Do you pay for a course, buy a book, or maybe look online?

With OSINT I recommend starting with yourself. Imagine you are an in-house digital private detective hired by yourself to investigate, well, yourself. Maybe you are about to apply for a high-profile job or are about to be security vetted for some reason. Either way, the client, you, wants to know what information is out there in the wide world about you.

OSINT stands for Open Source INTelligence and relates to the accessing of freely available information sources in order to process the data retrieved in order to obtain some form of intelligence, in this case learning what information is available about your subject online. The subject being you.

It’s a great way to learn OSINT techniques and it can be both fun and illuminating. Good or bad, whatever you find will be useful. If you find good things that you are happy to be out there then great. If you find bad things then at least you now know about them and can do something about them.

Start with search engines like Google. Search for all variations of your name. If you find images of yourself, paste them into reverse image search engines to see where else they may appear. Log and record everything you find. URLs, images, text, everything. Map out your findings and follow every lead. Leave no stone unturned. Your job as an OSINT investigator is to find everything about your client that is publicly available.

Carry out web searches for OSINT tools and techniques. Have a play with the tools as part of your endeavour. Note what is useful and what is not. Start creating your own playbook and make lots of notes. The deeper you dive the more you learn.

Take your time, don’t rush things. Learn how to look up company information, property details, employment history, social network accounts, and so on.

Search for report templates and create something that suits you. Write up your findings with recommendations.

Congratulations! You just got started in OSINT and you had fun doing it. You learned new tools and techniques and you also learned what information about you is freely available. Now action any recommendations and run a periodic check. Plus sign up to OSINT groups, newsletters, and websites and keep learning!

Hack your home network

A great way to learn ethical hacking in the comfort of your own home, is to hack your own home.

When asked how I got started and which courses I recommended, I always suggest to start at home.

Most people have internet access served by a home router, with at least one computer, maybe some tablets, mobile phones, smart TVs, set-top boxes, and possibly some IoT devices connected in order to receive updates and serve content.

Why not learn the tools and techniques of hacking by running a security test on your own home network? Start by using a tool like nmap to scan your network and see what devices you can find. Map out the connected devices by IP address and try to fingerprint each. Look at open ports. Is the device located at a particular IP address a printer or mobile phone? How can you tell? Probe the device further. Is the operating system and software being reported out dated? Are there known vulnerabilities and exploits for your device? Google the versions being reported by nmap.

Once you have mapped out your network, run periodic scans to see if new devices connect. Walk around your house and turn things on that you know will connect to the home network or wait for other occupants of your household to enable their devices. Let them know what you are doing. Remember, you are scanning not exploiting!

Next use a packet sniffer like Wireshark to inspect the traffic between your devices and the router and the internet. Are there any security holes you can see? Use an application programming interface (API) tool to try to communicate with your devices. Understand how they work. Probe for weaknesses.

Once you are done write a report for yourself on your findings along with recommendations. Look online for vulnerability analysis or penentration test report templates. What could you do to improve the security of your home network and home devices? Maybe change some settings on the router? Remove permissions granted to devices that you no longer own. Maybe you added a port-forwarding rule for a games console that is long gone. Delete the rule if still present.

Congratulations. You have learned how to scan a network, probe for weaknesses, and compose a report on your findings with recommendations, and all from the comfort of your own home with no cost to you other than your time. Next, fix the problems that you found and action any recommendations.

A mental base of operations

I’ve learned to create a “mental base of operations”.

Sounds weird but they a places where you can create a makeshift office or space to sort stuff out, get stuff done. A coffee shop, a desk in a corner somewhere, a cheap hotel room. Somewhere where you can relax and get into your own headspace for a period of time so you can focus on what needs sorting.

A place where you know you have half an hour, an hour, or maybe two, where you can just focus and get stuff done.

I worked a contract at a University once working on planning a strategy. When I arrived they had no desk or place for me to work. My office was mobile, all in my backpack. I just needed Wi-Fi and power. I found a quiet desk in the University library. I worked from there for the best part of a week. I was on-site and available for meetings and when I wasn’t in a face-to-face meeting I was in my mental base of operations: a quiet library.

I’ve written articles in coffee shops, an eBook in a hospital cafe, written reports in libraries and spare rooms. I’m writing this post in a gym waiting area. All you need is a little space for a short period of time to just focus and get stuff done.