In a previous post I talked a bit about shells. I explained that a shell is a proces that launches other programs. That got me wondering… When I activate a virtual environment, such as a Python or Anaconda venv, is that also launching a program? The answer is NO Some commands will launch a new process, some won’t. Things that launch new processes are for example .exe files like python.exe, notepad.

Do you know the feeling when you’re struggling through a difficult book? Sometimes you’ll catch yourself just reading the words, not really understanding what they mean… It happens to me all the time. And I know why it always does. I read something that I think I sort of understand, but in reality I really don’t. What do I do? I read on anyways.. And what always happens? The author further builds upon that very thing I don’t understand.

Terminal, command line interface (CLI), shell… They are commonly known terms used interchangeably to mean “the nerdy box where you type in commands”. However these words all have slightly different meanings. Terminal A computer needs some way for the users to be able to interact with it. Years ago they used a seperate physical ’terminal’ to do that. It was a screen with a keyboard attached to it. That way you could type in commands to control another more powerfull pc.

I recently received a series of emails from what appeared to be Porkbun, the DNS provider for my domain japerre.xyz, urging me to renew my premium plan. At first glance, these emails seemed harmless enough. However, they landed in my spam folder, which was the first red flag that something might be off. Suspicion set in… Was Porkbun compromised? How else did these scammers obtain my email? Then it struck me that I don’t use my personal email with Porkbun and these scammers got my email simply because well… I gave it to them by having it in the footer of my blog 🤦‍♂️.

Transitioning to FreeTube, an open-source desktop client for YouTube, has significantly transformed my approach to content consumption on the platform. Available on GitHub, FreeTube offers a comprehensive YouTube browsing experience, mirroring almost all functionalities except for the ability to post comments — though reading them is still an option. Switching to FreeTube has fostered a more intentional and mindful engagement with content. The absence of algorithm-driven recommendations means I’m no longer passively consuming whatever is served up by YouTube’s algorithms.

In my quest to bolster my digital privacy, I’ve found myself uninstalling spyware apps like Reddit and YouTube from my phone, only to reinstall them a few days later (don’t judge me 😉) and discovering that I’m seamlessly logged back in. In this blog post, I’ll delve into the mechanisms responsible for this phenomenon. Since HTTP is stateless, every time my device interacts with Reddit, it needs to include a piece of information with its requests to identify me.

An update about the Duvel hack has been posted on the Stormous blog. AFAIK this hasn’t been covered by any Belgian news outlet yet. The hacker states that Duvel has read their chat messages, but has ignored them and hasn’t made an effor to negotiate. In the near future a leak of 12 GB will be posted on the blog, if Duvel doesn’t respond to the negotiations. The full blog post:

After the news broke that Duvel was hacked on Wednesday, 2 other Belgian companies also came forward. Primoglass on Thursday and Koffie Beyers today (Friday). Primoglass will probably not pay the ransom and is getting its production line back online. Koffie Beyers is located only 3 km away from Duvel. The Antwerp police is looking if there is a connection between the two cases. It’s not yet clear which hacker group is responsible for the attack.

On Wednesday 6 march at 1:30 Duvel Moortgat detected a ransomware attack on their infrastructure. The well known brewery makes beers adored by many Belgians such as Duvel, Vedet and Chouffe. After the incident was reported, they had decided to stop their operations in all Belgian sites as well as the site in Kansas City USA. Today (07/03/2024), a day later it was revealed that the pro-Russian hacker group Stormous was behind the attack.

We all know better than to click on random links. Malware and scams frequently hide behind a mysterious looking url, yet a part of me – driven by curiosity – wonders what lies beyond that click. However I never satisfy that desire because I am uncertain of the mechanisms of how malware could end up on my device. In this post I take away my ignorance on the topic by diving into the nitty gritty technical details of a drive-by download attack.