Stephen Smith's Blog

Musings on Machine Learning…

Archive for January 2019

The Technology of “Influence” – Part 5 VHF Radio Modems

leave a comment »

Introduction

In my novel “Influence”, the lead character J@ck Tr@de performs various hacking tasks. In the book he spends a lot of time securing his connections, hiding his identity and hiding his location. In this series of blog posts, I’m going to talk about the various technologies mentioned in the book like VPN, the Onion Browser, Kali Linux and using VHF radios. I’ve talked about HTTPS,  VPNs, the Onion Browser and Kali Linux so far, now we’re going to discuss VHF Radio Modems.

Very High Frequency (VHF) is a radio band used by both commercial and amateur radio operators (on different frequencies). Often if you see people using small handheld radios then chances are they are using VHF. This frequency band works line of sight and doesn’t require a very large antenna to work quite well. Like any radio frequency you can transmit and receive digital data over the air, just like a cell phone does. You can buy fairly inexpensive VHF radio modems which can be used to connect a computer to the Internet via a VHF radio.

In this article we’ll look at these in a bit more detail and discuss why J@ck finds these useful.

For anyone interested, my book is available either as a paperback or as a Kindle download on Amazon.com:

Paperback – https://www.amazon.com/dp/1730927661
Kindle – https://www.amazon.com/dp/B07L477CF6

Why Does J@ck Use These?

In the previous articles we have J@ck accessing the Internet from a coffee shop Wifi using HTTPS, a VPN and the Onion Browser. With all this security, why doesn’t J@ck feel secure? As we mentioned before you want to consider security as an Onion where the more layers you have protecting you, the more secure you can feel. However the good hackers always feel paranoid and worry about being traced. In this case J@ck is worried, what if the NSA, FBI or some other agency can track his Internet usage back to the coffee shop’s wifi?

J@ck doesn’t know if anyone can do this or if anyone is actually looking for him. By having a homeless person plant a Raspberry Pi with a VHF radio outside the coffee shop and then J@ck accesses that via a VHF radio modem attached to his laptop, J@ck can be upto 2 km away from the coffee shop, as long as he has line of sight.

This way if the people in the black SUVs show up, J@ck can see them, be warned and escape. Most importantly then he will know someone is looking for him.

The downside for J@ck is that each layer of the security onion adds overhead and latency that slows down his Internet access. With all this security in place J@ck can only access the Internet very slowly.

Strictly speaking to use these frequencies you should have either a Ham or Commercial Radio license. But then if you follow the license rules, you need to identify yourself every 30 minutes, and J@ck is certainly not going to do that. In the scheme of things, J@ck considers the penalties for illegally operating a radio, the least of his problems. There are radio modems for UHF and 900 MHz as well, J@ck could use these as well. As long as the radio is cheap enough to be disposable.

Can the NSA Catch J@ck?

If the NSA can trace J@ck’s Internet traffic back to the coffee shop. Perhaps via a compromised Tor exit node and a compromised VPN, then what can they do?

If the NSA suspect J@ck is using a VHF modem, then rather than sending the SWAT team into the coffee shop, they could have three vehicles with radio direction finding equipment move into the area quietly and then they could triangulate J@ck’s true location from the emissions from the VHF radio attached to his laptop.

J@ck’s hope is that they wouldn’t do this the first time, so if the G-men do show up at the coffee shop then he would assume they would either find his Raspberry Pi/Radio Modem or guess that he was doing this and then use the radio vans the second time.

J@ck also limits his time at each coffee shop, so that the Feds have less time to set this all up and trap him.

Summary

Catching hackers is a game of cat and mouse. Since J@ck is the mouse he wants to be as elusive as possible. VHF modems are just another tool to make it harder to trace back to J@ck’s location and catch him.

Advertisements

Written by smist08

January 24, 2019 at 9:12 pm

Open Source Photography Toolkit

leave a comment »

Introduction

Since retiring, I’ve switched to entirely running open source software. For photography, Adobe Photoshop and Lightroom dominate the scene. Most articles and books are based on these products. The Adobe products have a reputation for being very good, but they are quite expensive, especially since they have switched to a subscription model of pricing. In this article I’m going to talk about the excellent open source programs that work very well in this space.

Basically there are two streams here, the quicker and easier software equivalent to Adobe Lightroom and then the more technical and sophisticated software equivalent to Adobe Photoshop.

I run all these programs on Ubuntu Linux, however they all have versions for the Mac and Windows.

You can download the source code for any open source program and have a look at how the programs work. If you find a bug, you can report it, or if you are a programmer you can fix it. Figuring out enough of a program to work on it is a large undertaking, but I feel comforted that that avenue is open to me if I need it.

digiKam

digiKam is an open source photo management program similar to Adobe’s Lightroom. It is easier to use than a full photo editing tool like GIMP or Adobe Photoshop, and has tools to automate the processing of the large number of photos taken in a typical shoot. It has the ability to import all the photos from raw format for further processing, it has a pretty good image editor built in and then lots of tools for managing your photos, like putting them in albums, assigning keywords, and editing the meta-data. There is an extensive search tool, so you can find your photos again if you forgot where you put them. There are tools to publish your photos to various photography websites as well as various social media websites.

screenshot from 2019-01-05 11-57-36

Unlike Lightroom, there aren’t nearly as many books or tutorials on the product. I only see one book on Amazon. However the web based manual for digiKam is pretty good and I find it more than enough. It does peter out near the end, but most of the things that are TBD are also easy to figure out (mostly missing the specifics of various integrations with third party web sites).

Another difference is that digiKam does actually edit your pictures and doesn’t just store differences like LR does, so you need to be aware of that in your management workflows.

Lightroom costs $9.99/month and is subscription based. digiKam is free. One benefit is you don’t have to worry about having your photos held hostage if you get tired of paying month after month. Especially if you are an infrequent user.

GIMP

GIMP is very powerful photo-editing software. It is an open source equivalent of Adobe Photoshop. I recently saw a presentation by an author of a book on Photoshop on his workflow for editing photos with Photoshop. I was able to go home and perform the exact same workflows in GIMP without any problems. These involved a lot of use of layers and masks, both of which are well supported in GIMP.

screenshot from 2019-01-05 12-10-31

Both Photoshop and GIMP are criticised for being hard to use, but they are the real power tools for photo editing and are both well worth the learning curve to become proficient. There are actually quite a few good books on GIMP as well as many YouTube tutorials on the basic editing tasks.

For 90% of your needs, you can probably use digiKam or Lightroom. But for the really difficult editing jobs you need a tool like this.

Photoshop typically costs $20/month on a subscription basis. GIMP is free.

RawTherapee

GIMP doesn’t have the ability built in to read raw image files. There are plug-ins hat you can install, but I’ve not gotten good results with these, often they work stand-alone, but not from within GIMP. digiKam can process raw files, and doing that en-mass is one of its main features.

screenshot from 2019-01-05 14-02-19

Sometimes you want a lot of control of the process when you do this processing. This is where RawTherapee comes in. It is a very sophisticated conversion program. It supports batch processing and has very sophisticated color processing.

Often in the open source world, components are broken out separately rather than bundled into one giant program. This provides more flexibility to mix and match software and allows the development teams to concentrate on what they are really good at.

Typically you would take all your pictures in your camera’s raw mode, convert these to a lossless file format like TIFF and then do your photo editing in GIMP. This is the harder, but more powerful route as opposed to using digiKam for the entire workflow.

OpenShot

OpenShot is actually movie editing software. I included it here, because many photographers like to create slideshows of their work, where the images have nice transitions and change from image to image with the music. OpenShot is an ideal open source program for doing this. If you have a Mac, then you can use iMovie for this, but if you don’t have a Mac or what something that works on any computer then OpenShot is a good choice.

screenshot from 2019-01-05 14-08-30

Summary

There are good open source pieces of software that are very competitive with the expense commercial software products. Adobe has a near monopoly in the commercial space and tries to squeeze every dime it can out of you. It’s nice that there is a complete suite of alternatives. I only use open source software for my photography, and have find it to easily fill all my needs.

This article only talks about four pieces of software. There are actually many more specialized applications out there that you can easily find by googling. Chances are if you look below the ads in your Google search results, you will find some good free open source software that will do the job for you.

 

Written by smist08

January 5, 2019 at 10:29 pm

The Technology of “Influence” – Part 4 Kali Linux

with one comment

Introduction

In my novel “Influence”, the lead character J@ck Tr@de performs various hacking tasks. In the book he spends a lot of time securing his connections, hiding his identity and hiding his location. In this series of blog posts, I’m going to talk about the various technologies mentioned in the book like VPN, the Onion Browser, Kali Linux and using VHF radios. I’ve talked about HTTPS,  VPNs and the Onion Browser so far, now we’re going to discuss Kali Linux.

Linux is an operating system like Windows or MacOS. An operating system manages the hardware on your computer and manages running the applications that you use like a word processor or Internet browser. Linux is open source and free. There are many distributions of Linux, that are complete pre-built systems for you to install. The differences between the different distributions include things like how the desktop is configured to look, which other open source programs are bundled, when updates are installed, how updates are installed and how the system is configured. Kali Linux is one of these distributions that emphasizes security and comes with all the common open source security and hacking tools pre-installed.

Most hackers consider Linux better suited to their needs than Windows or MacOS. They don’t trust Microsoft or Apple to do a good enough job with security or worry about these big corporations spying on them. With Linux it’s easy to do things like change your MAC address and run the tools to keep you safe, secure and anonymous.

I blogged about Kali Linux for the Raspberry Pi last year here. J@ck would use this on the Raspberry Pi’s he has the homeless people plant in the garbage near coffee shops to tap into their wifi.

For anyone interested, my book is available either as a paperback or as a Kindle download on Amazon.com:

Paperback – https://www.amazon.com/dp/1730927661
Kindle – https://www.amazon.com/dp/B07L477CF6

 

Offensive Security

The philosophy behind Kali Linux is that for your network to be secure, you have to attack it like a hacker. You have to use all the tools in a hacker’s toolbox, to ensure hackers can’t break in. Setting up security isn’t just a matter of following a checklist of todo items. You have to think like a hacker and try to penetrate your security like a hacker. Or hire so called white hat hackers to do it for you. Generally it’s a good practice to get a second or third pair of eyes looking for holes and weaknesses. The good white hat hackers are in high demand, and don’t come cheap.

Kali Linux comes with all the common open source hacking tools pre-installed. So they are all there and ready to attack your network. Of course the advertising is all about white hat hackers using these for good. But, of course, this is the same Linux distribution and toolset used by most of the malicious black hat hackers.

Kali Linux is also fairly secure if you follow the various instructions during installation, about securing things with private/public keys and such. Kali Linux doesn’t install any application servers like web servers or database servers, since these are usually good targets for hackers to attack.

Kali Linux is based on Debian Linux, so you can do most of the things other Debian based distributions can do, like Ubuntu. Just without all the useful productivity applications pre-installed. Kali Linux has versions for small system on a chip (SoC) like the Raspberry Pi. In these versions, any tools that won’t run well on the more minimal hardware are left out.

Thinking Like a Hacker

You can find quite a few books on how to use all the tools installed with Kali Linux. These are all a good start, but like I said, setting up a recipe or checklist is insufficient. You have to learn to think like a hacker. You have to figure out how to find the weak points in a network and then how to keep poking at them from all sorts of angles until you can penetrate them. Remember the world of hacking isn’t static. Hackers are always discovering new techniques and new weaknesses to exploit. If you are serious about protecting your network’s security then you have to stay on top of the latest developments. Often the weak points aren’t in the software, but in the employees. Hackers will use so called social engineering attacks to trick you users into revealing their passwords or other key information. Perhaps the hacker will leave a few USB keys lying around, that contain viruses that will infect your network if plugged into a corporate computer. Perhaps the weakness is a third party piece of hardware like a network router or firewall. These are notorious for having backdoors or other security weaknesses. You have to ensure all these miscellaneous pieces of equipment are kept up to date, or replaced if a serious problem is discovered.

The Security Onion

A key metaphor in the security industry is that you want to design your security systems like an onion with multiple layers, and not like and egg with one shell, which once breached gives access to everything inside.

Perhaps at the outside of your network, there are secure firewalls, but then inside that there are products that detect malicious or suspect network traffic and set off alerts when discovered. Further all the servers on the networks have very few ports open for network traffic and all the ones that are open are configured to use quite strong forms of authentication. Its common to use two level authentication, where the user needs a code from their cell phone in addition to their password in order to logon. Perhaps the parts of the network aren’t connected, so if an intruder gets access to one server, he’s still isolated from all the others.

Designing secure systems is an art as well as a science. The good news is that there are many open source tools available to set up all these layers of security. So it doesn’t have to be expensive, except where you have to hire the people to put it all in place.

Summary

Kali Linux is the preferred Linux Distribution of hackers. It pre-installs all the common open source hacking tools and by default has a fairly secure configuration. Of course any hacker will further secure their system and install a few more specialty tools perhaps from the dark web or things they wrote themselves.

Written by smist08

January 2, 2019 at 11:47 pm