security – Are those secure folders there by default?

A friend of mine suspect she has been hacked. She got called by a strange number, answered the phone, and then the call was immediately ended. She sent me the following screenshot:
enter image description here

My question is: Are those secure folders corresponding to the photos and contacts supposed to be there in the save-permissions list? (my friend cannot access them, and says that they were not there before). The phone is a Samsung Galaxy, but I don’t know which model.

untagged – Are those secure folders there by default?

A friend of mine suspect she has beeen hacked. She got called by a strange number, answered the phone, and then the call was immedeately ended. She sent me the following screenshot:
enter image description here

My question is: Are those secure folders corresponding to the photos and contacts supposed to be there in the save-permissions list? (my friend cannot access them, and says that they were not there before). The phone is a samsung galaxy, but I don’t know which model.

remote desktop – Is it possible de secure SPICE protocol?

At this day, multiple people connecting to the same machine with SPICE will either :

  • Disconnect previous user
  • Allow multiple users to control the same session (using SPICE_DEBUG_ALLOW_MC)

We can use TLS to protect the traffic, we can use a pre shared key to avoid random connection, but it does not look like we can prevent someone from disconnecting a user and use the guest’s session, or connect and just watch if one knows the pre shared key.

It does not seem it is possible to make the SPICE server send keys to the guest when a new connection happen (to lock session).

Did I miss something, or it is not possible to properly prevent someone from spying on you with these conditions at this time when using SPICE ?

unix – Using ATA Secure Erase after buying a second-hand laptop : is this enough?

I bought a second-hand laptop from a stranger. My (totally unjustified) concern is that there might be malware on the device.

According to this answer, there is no easy fix if it’s malicious firmware. I don’t know how easy it is to implant malicious firmware, so I have no idea if this should be a legitimate concern.

If the malware is on the disk however, that seems to be easier. The laptop I bought has a SATA SSD. Here are the steps I followed :

  1. The laptop came with what looked like a fresh W10 install.

  2. I installed Manjaro with the graphical installer, presumably wiping W10 from the drive.

  3. I then booted again on the Manjaro Live USB and followed the Arch Wiki instructions for a SATA drive to wipe /dev/sda.
    hdparm -I /dev/sda displayed

    6min for SECURITY ERASE UNIT. 6min for ENHANCED SECURITY ERASE UNIT.
    

which, according to the best answer here, means that there was no secure erase of the disk, simply a deletion of the “native” (meaning that it’s something intrinsic to how the SSD works
, not user controlled) encryption key of the disc, as far as I understand.

The question is : if there was any malware on the disk, is that enough to make sure it can never affect me?

I have no understanding of malware and only basic understanding of encryption, so I’m not sure that wiping the SSD encryption key without overwriting the data on it will actually prevent the malware from running.

The Arch Wiki mentions many other options (cat, dd, shred, etc.) to overwrite the disk data, but the most upvoted answer here states that, with an SSD (because of wear leveling), these other options do not actually overwrite the disk, but instead write zeroes/random data to new blocks.

PHP File Upload. Whatelse can I add to make it more secure?

I’ve put together an example single file upload script that attempts to cover all the things PHP could check for prior to allowing a successful file upload. Is there anything else maybe now available in PHP 7.4+ I could use to make this more secure? For example, I use filter_input below even though I don’t find it in many scripts out there.

Take a look

<?php 

  # EVALUATE REQUEST METHOD
  $REQUEST_METHOD = filter_input(INPUT_SERVER, 'REQUEST_METHOD', FILTER_SANITIZE_ENCODED);

  switch ($REQUEST_METHOD) {

    # HTTP:POST   - PAYLOAD:BLOB
    case 'POST':
      # POST IMAGE
      if(in_array(@$_FILES("files"), $_FILES) && count($_FILES) === 1) {
        upload();
      }
      break;

    default:
      methodInvalid();
      break;
  }

    /**
     * Function upload() uploads a single file.
     * 
     * 
     */
  function upload() {

      // Establish the upload file directory
      $upload_dir =  $_SERVER('DOCUMENT_ROOT') . '/gui/v1/uploads/submittals/';

      // Establish the upload file path
      $upload_file = $upload_dir . $_FILES('files')('name')(0);

      // Derive the upload file extension
      $upload_file_extension = strtolower(pathinfo($upload_file, PATHINFO_EXTENSION));

      // Allowed file types
      // $allowed_file_extensions = ('pdf', 'jpg', 'jpeg', 'png', 'gif');
      $allowed_file_extensions = ('pdf');
      
        /**
         * Does tmp file exist?
         * 
         * 
         */
      if (!file_exists($_FILES('files')('tmp_name')(0))) {

        # ERROR object
        $errorObject             = new stdClass();
        $errorObject->apiVersion = '1.0';
        $errorObject->context    = 'upload.submittal';

        # ABOUT ERROR object
        $aboutError              = new stdClass();
        $aboutError->code        = 'ERR-000';
        $aboutError->message     = 'Select file to upload.';

        # APPEND ABOUT ERROR object TO ERROR object
        $errorObject->error      = $aboutError;

        # RETURN JSON RESPONSE
        header('Content-type:application/json;charset=utf-8');
        return print(json_encode($errorObject));

      }

        /**
         * Is file extension allowed?
         * 
         * 
         */
      if (!in_array($upload_file_extension, $allowed_file_extensions)) {

        # ERROR object
        $errorObject             = new stdClass();
        $errorObject->apiVersion = '1.0';
        $errorObject->context    = 'upload.submittal';

        # ABOUT ERROR object
        $aboutError              = new stdClass();
        $aboutError->code        = 'ERR-000';
        $aboutError->message     = 'Allowed file formats .pdf';

        # APPEND ABOUT ERROR object TO ERROR object
        $errorObject->error      = $aboutError;

        # RETURN JSON RESPONSE
        header('Content-type:application/json;charset=utf-8');
        return print(json_encode($errorObject));

      }

        /**
         * Is file bigger than 20MB?
         * 
         * 
         */
      if ($_FILES('files')('size')(0) > 20000000) {

        # ERROR object
        $errorObject             = new stdClass();
        $errorObject->apiVersion = '1.0';
        $errorObject->context    = 'upload.submittal';

        # ABOUT ERROR object
        $aboutError              = new stdClass();
        $aboutError->code        = 'ERR-000';
        $aboutError->message     = 'File is too large. File size should be less than 20 megabytes.';

        # APPEND ABOUT ERROR object TO ERROR object
        $errorObject->error      = $aboutError;

        # RETURN JSON RESPONSE
        header('Content-type:application/json;charset=utf-8');
        return print(json_encode($errorObject));

      }

        /**
         * Does file already exist?
         * 
         * 
         */
      if (file_exists($upload_file)) {

            /**
             * File overwritten successfuly!
             * 
             * 
             */
        move_uploaded_file($_FILES('files')('tmp_name')(0), $upload_file);

        # SUCCESS object
        $successObject               = new stdClass();
        $successObject->apiVersion   = '1.0';
        $successObject->context      = 'upload.submittal';
        $successObject->status       = 'OK';

        # UPLOAD SUBMITTAL object
        $data                        = new stdClass();
        $data->submittalUploaded     = true;
        # APPEND DATA object TO SUCCESS object
        $successObject->data         = $data;

        # APPEND empty arrays to DATA object
        $successObject->data->arr1   = ();
        $successObject->data->arr2   = ();
        $successObject->data->arr3   = ();

        # RETURN JSON RESPONSE
        header('Content-type:application/json;charset=utf-8');
        return print(json_encode($successObject));

      }

        /**
         * Can file actually be uploaded?
         * 
         * 
         */
      if (!move_uploaded_file($_FILES('files')('tmp_name')(0), $upload_file)) {

            /**
             * File upload error!
             * 
             * 
             */
        # ERROR object
        $errorObject             = new stdClass();
        $errorObject->apiVersion = '1.0';
        $errorObject->context    = 'upload.submittal';

        # ABOUT ERROR object
        $aboutError              = new stdClass();
        $aboutError->code        = 'ERR-000';
        $aboutError->message     = 'File couldn't be uploaded.';

        # APPEND ABOUT ERROR object TO ERROR object
        $errorObject->error      = $aboutError;

        # RETURN JSON RESPONSE
        header('Content-type:application/json;charset=utf-8');
        return print(json_encode($errorObject));

      } else {

            /**
             * File uploaded successfuly!
             * 
             * 
             */
        # SUCCESS object
        $successObject               = new stdClass();
        $successObject->apiVersion   = '1.0';
        $successObject->context      = 'upload.submittal';
        $successObject->status       = 'OK';

        # UPLOAD SUBMITTAL object
        $data                        = new stdClass();
        $data->submittalUploaded     = true;
        # APPEND DATA object TO SUCCESS object
        $successObject->data         = $data;

        # APPEND empty arrays to DATA object
        $successObject->data->arr1   = ();
        $successObject->data->arr2   = ();
        $successObject->data->arr3   = ();

        # RETURN JSON RESPONSE
        header('Content-type:application/json;charset=utf-8');
        return print(json_encode($successObject));

            // We could insert URL file path to a database from here...

      }

    }

    /**
     * Function methodInvalid() warns about invalid method.
     * 
     * 
     */
  function methodInvalid() {

    # ERROR object
    $errorObject             = new stdClass();
    $errorObject->apiVersion = '1.0';
    $errorObject->context    = 'uploads';

    # ABOUT ERROR object
    $aboutError              = new stdClass();
    $aboutError->code        = 'ERR-000';
    $aboutError->message     = 'Invalid Request. Allowed Methods are POST.';

    # APPEND ABOUT ERROR object TO ERROR object
    $errorObject->error      = $aboutError;

    # RETURN JSON RESPONSE
    header('Content-type:application/json;charset=utf-8');
    return print(json_encode($errorObject));

  }

 ?>

[WTS] Fast and easy bulk WordPress sites management! Secure static web sites.

WordPress based websites are one of the most popular sites around the Globe.
They attract Developers, Agencies, Domainers, SEO specialists, PBN masters, Entrepreneurs etc., but at the same time such websites are known to be some of the most hacked websites.

So, what would be the key? – Turn your WordPress into static site with FLATsite!

It is known fact that static WordPress Sites are safer and faster! FLATsite is the way to manage your WordPress easy and fast! In fact, with static or headless WordPress, you eliminate this vulnerability. Your website is next to impossible to hack since it is static and there’s nothing to break through.

FLATsite engine converts your dynamic website to a static site with a single click.

FLATsite can provide you with:

Unhackable Websites
FLATsite allows users to access all of the backend functionality of a WordPress within the FLATsite instance and publishes static or flat HTML WP sites in minutes. This separation of WordPress’ backend from its frontend, lets hackers have zero-chances of compromising your sites’ security. With no PHP and no MySQL database on your site, no one can break in.
No Maintenance
If you manage thousands of WordPress site maintaining them can be a tedious and time-consuming. FLATsite automates updates for WordPress themes and Plugins, so you’ll save time on maintenance all year longWe employ the most secure and efficient serverless technology so you can manage your sites with ease.
Staging Environment
– valuate code and test in staging before going to production. If code breaks on the production server,
this could make unexpected changes to your entire website.
– allows you work in your hosting environment away from the live website.
– no need to fix issues on live/production environment. Fix and make changes safely in staging.
– test performance of page elements and load speeds effectively.

For more features you can learn HERE

Manage thousands of websites easy from one dashboard
WordPress is great! But it gets complicated when it comes to maintain multiple websites when security holes pop up every week in WordPress themes! FLATsite eliminates the need to manage each WordPress site individually. Update plugins and security software with a few clicks in your dashboard.

Please check our HOW IT WORKS page to understand how everything is being done.

Plans:

Lite
$1.00 / first month
$9.95/mo from second month
$8.95/mo for an annual plan
1-3 Sites
5 GB Storage
Unlimited WP Users
FLATsite Backend Domain
Preview/Staging static sites
Deploy Anywhere
ORDER HERE

Starter
$1.00 / first month
$44.95/mo from second month
$37.95/mo from second month
Unlimited Sites
32 GB Storage
Unlimited WP Users
Custom Backend Domain
Preview/Staging static sites
Deploy Anywhere
FLATsite Backend Domain
Dedicated Support
ORDER HERE

Premium
$1.00 / first month
$64.95 from second month
$64.95 from second month
Unlimited Sites
64 GB Storage
Unlimited WP Users
Custom Backend Domain
Preview/Staging static sites
Deploy Anywhere
FLATsite Backend Domain
Dedicated Support
ORDER HERE

Custom
Unlimited Sites
Unlimited Storage
Unlimited WP Users
Custom Backend Domain
Preview/Staging static sites
Deploy Anywhere
Contact Us

If you have a question or require support help please Contact Us

.

Generating secure and relatively short token

I would like to generete a token from the set [A-Za-z0-9] and place it in a url. The url will be sent via SMS so it is important to token be relatively short. What is necessery length of token to be secure?
Token is valid infinitely, token is only authentication factor.

networking – Using a pf firewall to secure an OpenVPN connection

I’m experimenting with OpenVPN on my Macbook and am attempting to limit my outward network traffic to just the tun interface created by OpenVPN. With the pf firewall disabled I’m able to connect to my server and access the internet just fine.

Upon checking the log of OpenVPN, I find out the interface ‘utun4’ is being used. Therefore, I attempted adding the following lines to the end of my ‘pf.conf’:

anchor "testVpn.pf"
load anchor "testVpn.pf" from "/etc/pf.anchors/testVpn.pf.rules"

Then to ‘testVpn.pf.rules’:

block out all
pass out on utun4 from any to any

I then use ‘pfctl ‘f /etc/pf.conf’ and ‘pfctl -e’ after my OpenVPN connection has already been established.

From my understanding, this should stop outward traffic on all other network interfaces apart from my ‘utun4’ one. What I find is however that I can’t access the internet, and only when adding pass out on en0 from any to any to my ‘testVpn.pf.rules’ can I regain the connection without having the firewall off.

This is counterproductive though, as if my VPN connection drops- everything still passes through ‘en0’, but the reason I am trying to configure pf in this way is so that I can limit the traffic to the ‘utun4’ interface so that my internet connection gets cut off when the VPN connection is lost.

When checking answers to posts like this it seems like it should be working. Is there anything else I should be checking that could be stopping me from getting my desired result?

Thanks.

Cloudteh =>[20% OFF FOR LIFE] cPanel ✅ LiteSpeed + CloudLinux ✅ NVMe SSD ✅ 100% Secure 100

Hello visitor,

Thank you for visiting www.cloudteh.com 20% OFF Cloud cPanel Reseller Hosting FOR LIFE offer!

What is guaranteed:

—> LiteSpeed + LSCache + CloudLinux <—

—> FREE SSL for All Websites <—

—> FREE Automated Daily Backups <—

—> 100% NVMe Pure SSD Storage <—

—> Instant & Automated Activation <—

—> FREE Migration to Cloudteh <—

—> 100% Secure (Hardware & Software Firewalls) <—

===

Get cPanel Cloud Reseller Hosting Now! (LiteSpeed + CloudLinux)

===

Cloud WHM 1

Create 10 cPanel Accounts
30 GB Pure SSD NVMe
1 CPU Core
1 GB RAM

UNLIMITED BANDWIDTH

UNLIMITED Websites Hosted

Custom Nameservers

cPanel & WHM Access

Price: $20/month

Promo price: $16 per month FOR LIFE (use promo code “20OFF“)

Buy now: https://portal.cloudteh.com/cart.php…romocode=20OFF

Learn more: https://cloudteh.com/web-hosting-manager/

Cloud WHM 2

Create 25 cPanel Accounts
80 GB Pure SSD NVMe
2 CPU Core
2 GB RAM

UNLIMITED BANDWIDTH

UNLIMITED Websites Hosted

Custom Nameservers

cPanel & WHM Access

Price: $40/month

Promo price: $32 per month FOR LIFE (use promo code “20OFF“)

Buy now: https://portal.cloudteh.com/cart.php…romocode=20OFF

Learn more: https://cloudteh.com/web-hosting-manager/

Cloud WHM 3

Create 50 cPanel Accounts
150 GB Pure SSD NVMe
4 CPU Core
4 GB RAM

UNLIMITED BANDWIDTH

UNLIMITED Websites Hosted

Custom Nameservers

cPanel & WHM Access

Price: $60/month

Promo price: $48 per month FOR LIFE (use promo code “20OFF“)

Buy now: https://portal.cloudteh.com/cart.php…romocode=20OFF

Learn more: https://cloudteh.com/web-hosting-manager/

===

Get cPanel Reseller Hosting Now! (Apache + CentOS)

What is guaranteed:

—> Apache + CentOS <—

—> FREE SSL for All Websites <—

—> FREE Automated Daily Backups <—

—> 100% NVMe Pure SSD Storage <—

—> Instant & Automated Activation <—

—> FREE Migration to Cloudteh <—

—> 100% Secure (Hardware & Software Firewalls) <—

===

cPanel WHM 1

Create 10 cPanel Accounts
30 GB Pure SSD NVMe

UNLIMITED BANDWIDTH

UNLIMITED Websites Hosted

Custom Nameservers

cPanel & WHM Access

Price: $10/month

Promo price: $8 per month FOR LIFE (use promo code “20OFF“)

Buy now: https://portal.cloudteh.com/cart.php…romocode=20OFF

Learn more: https://cloudteh.com/web-hosting-manager/

cPanel WHM 2

Create 25 cPanel Accounts
80 GB Pure SSD NVMe

UNLIMITED BANDWIDTH

UNLIMITED Websites Hosted

Custom Nameservers

cPanel & WHM Access

Price: $25/month

Promo price: $20 per month FOR LIFE (use promo code “20OFF“)

Buy now: https://portal.cloudteh.com/cart.php…romocode=20OFF

Learn more: https://cloudteh.com/web-hosting-manager/

cPanel WHM 3

Create 50 cPanel Accounts
150 GB Pure SSD NVMe

UNLIMITED BANDWIDTH

UNLIMITED Websites Hosted

Custom Nameservers

cPanel & WHM Access

Price: $45/month

Promo price: $36 per month FOR LIFE (use promo code “20OFF“)

Buy now: https://portal.cloudteh.com/cart.php…romocode=20OFF

Learn more: https://cloudteh.com/web-hosting-manager/

===

Every Reseller hosting plan comes with 30 days no questions asked moneyback guarantee.

We are at your disposal 24/7, send us an email at support (at) cloudteh.com or submit a support ticket at our customer portal support.cloudteh.com and one of our NOC engineers are going to get back to you as soon as possible!

disk utility – Secure erased drive – always one file can be found

I’ve been going through some old HD drives, secure erasing before sending to recycle. I periodically run Disk Drill over one of them, just to make sure I’m doing the job right.

No matter whether I do the ‘quick’ secure or the full-blown two day multiple run, Disk Drill always manages to find one plist file… apparently the same file each time, or very similar. It appears to be some drive spec & prefs.

Could this be something to do with the EFI partition, generated as part of the new format, rather than anything left over from the old? I honestly can’t think of any reason it should always be able to find this & nothing else – oddly, even if the drive was previously NTFS. All the secure wipes are to GUID/HFS+, whatever they were formatted before. EFI is my only logical conclusion.
This is on Mojave, as can be seen from info in the plist file below.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Annotations</key>
    <dict>
        <key>Creation_Predicates</key>
        <dict>
            <key>false</key>
            <integer>0</integer>
            <key>fstype.hfs</key>
            <integer>1</integer>
            <key>has.uuid</key>
            <integer>1</integer>
            <key>interconnect.usb</key>
            <integer>1</integer>
            <key>is.alreadyindexed</key>
            <integer>0</integer>
            <key>is.apfssnapshot</key>
            <integer>0</integer>
            <key>is.automount</key>
            <integer>0</integer>
            <key>is.backupstore</key>
            <integer>0</integer>
            <key>is.backupvolume</key>
            <integer>0</integer>
            <key>is.bootablevolume</key>
            <integer>0</integer>
            <key>is.cameramedia</key>
            <integer>0</integer>
            <key>is.diskimage</key>
            <integer>0</integer>
            <key>is.dontbrowse</key>
            <integer>0</integer>
            <key>is.ejectable</key>
            <integer>0</integer>
            <key>is.external</key>
            <integer>1</integer>
            <key>is.externalvolumes.defaultoff</key>
            <integer>0</integer>
            <key>is.externalvolumes.ignore</key>
            <integer>0</integer>
            <key>is.filevault</key>
            <integer>0</integer>
            <key>is.forcedefaultindex</key>
            <integer>0</integer>
            <key>is.forcefsonly</key>
            <integer>0</integer>
            <key>is.home</key>
            <integer>0</integer>
            <key>is.internal</key>
            <integer>0</integer>
            <key>is.ipod</key>
            <integer>0</integer>
            <key>is.local</key>
            <integer>1</integer>
            <key>is.lowdiskspace</key>
            <integer>0</integer>
            <key>is.mobilebackups</key>
            <integer>0</integer>
            <key>is.network</key>
            <integer>0</integer>
            <key>is.nonSearchableRole</key>
            <integer>0</integer>
            <key>is.quarantined</key>
            <integer>0</integer>
            <key>is.readonly</key>
            <integer>0</integer>
            <key>is.removable</key>
            <integer>0</integer>
            <key>is.rootfs</key>
            <integer>0</integer>
            <key>is.safeboot</key>
            <integer>0</integer>
            <key>is.syntheticmount</key>
            <integer>0</integer>
            <key>is.tinyvolume</key>
            <integer>0</integer>
            <key>is.windowsbootablevolume</key>
            <integer>0</integer>
            <key>is.xsan</key>
            <integer>0</integer>
            <key>policy.location.volume</key>
            <integer>1</integer>
            <key>self.appleinternal</key>
            <integer>0</integer>
            <key>self.server</key>
            <integer>0</integer>
            <key>status.neverindex</key>
            <integer>0</integer>
            <key>supports.catsearch</key>
            <integer>1</integer>
            <key>supports.fileids</key>
            <integer>1</integer>
            <key>supports.volfs</key>
            <integer>1</integer>
            <key>true</key>
            <integer>1</integer>
            <key>uuid.b988bc99-b85b-332d-bd6e-6f7bac8cdd28</key>
            <integer>1</integer>
        </dict>
        <key>DebugKey1</key>
        <string>2021-07-17 3:41:10 pm +0000 3</string>
        <key>DefaultStore_EffectiveSearch</key>
        <integer>3</integer>
        <key>DefaultStore_RequestedSearch</key>
        <integer>3</integer>
    </dict>
    <key>ConfigurationCreationDate</key>
    <date>2021-07-17T15:41:10Z</date>
    <key>ConfigurationCreationVersion</key>
    <string>Version 10.14.6 (Build 18G9216)</string>
    <key>ConfigurationModificationDate</key>
    <date>2021-07-17T15:41:10Z</date>
    <key>ConfigurationModificationVersion</key>
    <string>Version 10.14.6 (Build 18G9216)</string>
    <key>ConfigurationVolumeUUID</key>
    <string>B988BC99-B85B-332D-BD6E-6F7BAC8CDD28</string>
    <key>ConfigurationWriteback</key>
    <false/>
    <key>Exclusions</key>
    <array/>
    <key>Options</key>
    <dict>
        <key>ConfigurationType</key>
        <string>Default</string>
    </dict>
    <key>Stores</key>
    <dict>
        <key>E0FD820A-A9A6-4118-A1E0-36DDC4458E36</key>
        <dict>
            <key>CreationDate</key>
            <date>2021-07-17T15:41:10Z</date>
            <key>CreationVersion</key>
            <string>Version 10.14.6 (Build 18G9216)</string>
            <key>IndexVersion</key>
            <integer>95</integer>
            <key>PartialPath</key>
            <string>/</string>
            <key>PolicyDate</key>
            <date>2021-07-17T15:41:10Z</date>
            <key>PolicyLevel</key>
            <string>kMDConfigSearchLevelReadWrite</string>
            <key>PolicyProcess</key>
            <string>STORE_ADD</string>
            <key>PolicyVersion</key>
            <string>Version 10.14.6 (Build 18G9216)</string>
        </dict>
    </dict>
</dict>
</plist>