DMARC can stop spoofed spam and phishing from reaching you and your customers, protecting your information security and your brand. However, complexity and misconceptions deter many organizations from ever deploying it. Part mythbusting , part implementation guide, this post explains the shortcomings of SPF and DKIM, what DMARC is, how to deploy DMARC properly, and how to respond to DMARC reports – all without the need for an additional vendor, thanks to open source software!
Here’s how to build and install FFmpeg from source with all the bells and whistles (i.e codec support). We’ll install it as a custom Debian package using
checkinstall. That way, any other package that depends on the
ffmpeg package will recognize that it is already installed, and won’t try to fetch it from the Debian or Ubuntu software repositories.
The Americans with Disabilities Act (ADA) of 1990 (amended in 2008) is a bipartisan law that sets accessibility standards that businesses open to the public must follow, so that those with disabilities can work, shop, dine, and play just like any other citizens. Title III of the ADA requires basic necessities like ramps, handicap parking spaces, and doorways wide enough for a wheelchair. Even under current law, the accommodations must not place an “undue burden” on the business, and be “readily achievable“. In other words, the accommodations must be practical and affordable. As a result of 27 years of building access equality, these features have become so ubiquitous that it’s easy for anyone to take them for granted. However, the enforcement mechanism that has been in place for nearly three decades is now in jeopardy because of H.R.620 – The ADA Education and Reform Act of 2017, sponsored by Rep. Poe, Ted [R-TX-2].
SPF and DMARC are standards that describe how the origins of email messages should be verified, to prevent email spoofing. I spent some free time over the past few weeks creating
checkdmarc , a Python 3 module and command-line interface that can validate and troubleshoot SPF and DMARC records across multiple domains, with the intent of building it into a web application that will process DMARC reports. The Department of Homeland Security recently launched an initiative to deploy SPF, DMARC, and other best practices on most federal agency domains by issuing BOD 18-01. This created the perfect case study of common challenges and mistakes when deploying SPF and DMARC across very large organizations, and even a few small ones.
2018-01-30 update: I have made many improvements to my script, corrected a few of my own misconceptions about DMARC I had in this post, and switched to updated results from 2018-01-28.
YARA is described as “The pattern matching Swiss knife for malware researchers (and everyone else)”. Think of it as like
grep, but instead of matching based on one pattern, YARA matches based on a set of rules, with each rule capable of containing multiple patterns, and complex condition logic for further refining matches. It’s a very useful tool. Let’s go over some practical examples of how to use it.
The Windows Subsystem for Linux (WSL) was introduced by Microsoft in the Windows 10 Anniversary Update. It allows users to run a full Linux user space in Windows. It is a much nicer approach for most applications than Cygwin, or using a Linux VM. It is not an emulator either. Think of it as GNU/Linux/Windows (apologies to Richard Stallman). This guide starts off with Microsoft’s instructions for installing the WSL, and then goes a few steps further by describing how to run graphical Linux applications.
The WannaCry ransomware worm has spread panic and destruction as it infects hundreds of thousands of systems around the world; a rate not seen since the Blaster and Sasser worms of 2003. WannaCry — also known as WannaCrypt, WannaCryptor, WanaCrypt0r, WCry, or WCrypt — leverages vulnerabilities that Microsoft patched in the March MS17-010 Security Bulletin, after taking the unprecedented step of canceling the February Patch Tuesday.
While collecting samples of WannaCry, I found a sample that predates the worm version. The sample was compiled on February 9th, and uploaded to VirusTotal on February 10th. While compile timestamps can be faked, the closeness to the upload date suggests that the compilation timestamp is legitimate.
The headline feature of the new Google Pixel phones is deep integration between the operating system and the Google Assistant AI. By default, the Google Assistant can be activated even when the phone is locked and the display is off, if the device hears the trusted voice say the hot word, “Ok Google”. This also has the effect of unlocking the device, meaning that anyone with a recording of the trusted voice saying “Ok Google” — or even someone with a similar voice — can easily unlock the device.
After upgrading my Nexus 6P on Verizon to the Android 7.1.1 beta, I discovered that Visual Voicemail in the native Android dialer works! You just need to make sure that that basic (free) or premium visual voicemail is active on your line. Voicemail-to-text works too, if you add Premium Visual Voicemail to your line. Unfortunately, there is no sign of Wi-Fi calling support (yet?). HD voice has always worked on the Nexus 6P.
When Google Chrome updated to 53.0.2785.101 on my Windows systems, I encountered an onslaught of alerts from EMET, which was killing chrome.exe processes for EAF+ violations as fast as Chrome kept trying to spawn them (each tab in Chrome is a separate process). Luckily, this problem is easily fixable.