diff --git a/content/_index.md b/content/_index.md index 2004b21..0146d0f 100644 --- a/content/_index.md +++ b/content/_index.md @@ -11,7 +11,7 @@ I write __short__ and clutterless aricles about: - + --- diff --git a/content/hacking/HowTo_CRLF.md b/content/hacking/HowTo_CRLF.md index b7ca9d7..fb9df30 100644 --- a/content/hacking/HowTo_CRLF.md +++ b/content/hacking/HowTo_CRLF.md @@ -12,7 +12,7 @@ CRLF - Carriege Return (\r) Line Feed (\n) (or %0d %0a) Inserting \r\n into URL allow attacker to: - log splitting - to insert logs to server that may decieve administrator -- HTTP response slpitting - Allows to add HTTP headers to the HTTP response +- HTTP response slpitting - Allows to add HTTP headers to the HTTP response - XSS - `www.target.com/%3f%0d%0aLocation:%0d%0aContent-Type:text/html%0d%0aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%3Ealert%28document.domain%29%3C/script%3E` - disables XSS protection, set location to custom (but does it work without 302/201 status???), sets html content-type and injects javascript. - cookie injection - check another note diff --git a/content/privacy/I_Have_nothing_to_hide.md b/content/privacy/I_Have_nothing_to_hide.md new file mode 100644 index 0000000..bce8110 --- /dev/null +++ b/content/privacy/I_Have_nothing_to_hide.md @@ -0,0 +1,73 @@ ++++ +title = '"I have nothing to hide"' +date = 2025-02-07 +image = 'https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fexternal-preview.redd.it%2FjmDlZIeQeAdA2e0yL6J_wKzI9UoYuqhvqNDDyiSTLGs.jpg%3Fauto%3Dwebp%26s%3Daba054fcddb0794f27fb2fce69884a5976951f20&f=1&nofb=1&ipt=18c2461c3dad76dcde89f59de0de29aba718d9ac5952a4286ba1cafcf5161c31&ipo=images' ++++ + + + + + +

If you think that you are OK with mass-servelilance this post for you.

+ +## Simple test + +Let's start with simple test - send me (or whoever sent you this page) your login:password(+2FA code) to your email address. I will just look into your emails. You have nothing to hide, remember? + +### You really sent it + +{{< spoiler "If you really sent" >}} + +![](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fi.imgflip.com%2F2e0w5e.jpg&f=1&nofb=1&ipt=82800d05d8410216d1801a3f3924d5287275754ee817fb2d7e2fe0d46cd9dd4f&ipo=images) + + +Here is a question - What if I actually will look not only in you emails, but also will recover some of your accounts linked to this email, let's say: + - look into your messeges on social media, + - or check your financial situation, + - or check which porn you like... + +What, you don't like it? You said that you have nothing to hide! So turns out **you have things to hide.** And that's totally fine. + + +{{< /spoiler >}} + +## What If... + +### ..You don't have privacy rights? + +![](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fwww.azquotes.com%2Fpicture-quotes%2Fquote-when-you-say-i-have-nothing-to-hide-you-re-saying-i-don-t-care-about-this-right-you-edward-snowden-85-87-36.jpg&f=1&nofb=1&ipt=66f204b9466ce5f039f186a95e3a185bf1ec648c217f52dd0902d2c5b4d21443&ipo=images) + + +Government may monitor your private messeges. + Oh, wait. [It's already happening](https://www.dailydot.com/irl/police-surveillance/). +(anyway like 80-90% of government requests to companies [will be accepted](https://transparencyreport.google.com/user-data/overview?hl=en&user_data_produced=authority:US;series:compliance&lu=user_requests_report_period&user_requests_report_period=series:requests,accounts;authority:US;time:)) + +Government may check your photo gallery. + [oh...... wait...... ](https://nypost.com/2022/08/22/google-bans-dad-for-sending-pics-of-toddlers-swollen-genitals-to-doctor/) + + +### ..You are monitored 24/7? + +![](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F9a5cca_debfc7cdf3c740e09d7e2226aa43be5a~mv2.jpg%2Fv1%2Ffill%2Fw_1000%2Ch_563%2Cal_c%2Cq_90%2Cusm_0.66_1.00_0.01%2F9a5cca_debfc7cdf3c740e09d7e2226aa43be5a~mv2.jpg&f=1&nofb=1&ipt=acfa1f2a1f47b7394d2b6fdd1a3db53dfedd63659f7800c6b59a2e9ca977d45b&ipo=images) + +Then it will turn out that you are in fact a criminal. Have you ever crossed the street in the wrong place or at a red light? Actually it's a felony (in most places). A misdemeanor, but still you are breaking a law and have to pay a fine. + +Sounds very dystopian but just check out have many cameras on streets! They literally everywhere! Just give government a reason to automatically fine people for any misdemeanor and it will be our new reallity. + + +## End + +![](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fexternal-preview.redd.it%2FjmDlZIeQeAdA2e0yL6J_wKzI9UoYuqhvqNDDyiSTLGs.jpg%3Fauto%3Dwebp%26s%3Daba054fcddb0794f27fb2fce69884a5976951f20&f=1&nofb=1&ipt=18c2461c3dad76dcde89f59de0de29aba718d9ac5952a4286ba1cafcf5161c31&ipo=images) + +Use E2E encryption, have less 'smart' devices, don't use proprietary software, share less about yourself on the Internet. + + +(Btw, read 1984 book) + + +{{< source >}} +https://en.wikipedia.org/wiki/Nothing_to_hide_argument +https://www.maketecheasier.com/i-have-nothing-to-hide-why-should-i-care-about-privacy/ +https://www.dailydot.com/irl/police-surveillance/ +{{< /source >}} + diff --git a/content/tech/HowTo_wipe_HDD_101.md b/content/tech/HowTo_wipe_HDD_101.md index a35a3cf..1e4fa17 100644 --- a/content/tech/HowTo_wipe_HDD_101.md +++ b/content/tech/HowTo_wipe_HDD_101.md @@ -4,7 +4,7 @@ date = 2024-12-11 image = 'https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fwww.easeus.com%2Fimages%2Fen%2Fscreenshot%2Fpartition-manager%2Fphysical-damage.png&f=1&nofb=1&ipt=52e03fc20edc108b7cee49cacbc26b1810547f9641f1b29f0de79ebcc2ada00a&ipo=images' +++ - + diff --git a/hugo.yaml b/hugo.yaml index dfac790..bded8c6 100644 --- a/hugo.yaml +++ b/hugo.yaml @@ -21,11 +21,16 @@ menu: title: Hacking url: /hacking/ weight: 1 + - identifier: privacy + name: Privacy + title: Privacy + url: /privacy/ + weight: 3 - identifier: tech name: Technology title: Technology url: /tech/ - weight: 2 + weight: 4 # - identifier: privacy # name: Privacy # title: Privacy @@ -35,12 +40,12 @@ menu: name: Productivity title: Productivity url: /productivity/ - weight: 4 + weight: 5 - identifier: personal name: Personal title: Personal url: /personal - weight: 5 + weight: 6 - identifier: whoami name: About