Certified in The Art of Hacking - Day 5

by @edent | , , , , | 1 comment | 1,450 words

Logo for QA's certified in the art of hacking course.

This is a diary of what I've learned. Hopefully it will let other learners know what the course is like, and if it is worthwhile. Oh, and it might just help me remember what I'm learning! Verdicts Some of the lab tasks were impossible without looking at the cheat sheet. I got stuck on one…

Certified in The Art of Hacking - Day 4

by @edent | , , , | 1,100 words

Logo for QA's certified in the art of hacking course.

This is a diary of what I've learned. Hopefully it will let other learners know what the course is like, and if it is worthwhile. Oh, and it might just help me remember what I'm learning! The penultimate day. Try not to worry about the upcoming exam! Today was lots of HTTP, TLS, and other…

Certified in The Art of Hacking - Day 3

by @edent | , , , , | 1,850 words

Logo for QA's certified in the art of hacking course.

This is a diary of what I've learned. Hopefully it will let other learners know what the course is like, and if it is worthwhile. Oh, and it might just help me remember what I'm learning! Day 3 - the day I was dreading most of all… Windows! I've been avoiding M$ WinDoze (LOL!!!) since…

Certified in The Art of Hacking - Day 2

by @edent | , , , | 1 comment | 1,650 words

Logo for QA's certified in the art of hacking course.

This is a diary of what I've learned. Hopefully it will let other learners know what the course is like, and if it is worthwhile. Oh, and it might just help me remember what I'm learning! Day 1 was all about password cracking and metasploit. Today? Linux Hacking! Sadly, we aren't learning anything to do…

Certified in The Art of Hacking - Day 1

by @edent | , , , | 1,250 words | Read ~123 times.

Logo for QA's certified in the art of hacking course.

As part of my MSc, I have to take three "Professional Practice" courses. The course provider, QA.com, let me choose anything from their online catalogue. The first I'm doing is Certified in The Art of Hacking. As regular readers will know, I'm pretty reasonable at hacking. I have received bug bounties from Google, Twitter, Samsung,…

Creating a public, read-only calendar

by @edent | , , | 5 comments | 450 words | Read ~251 times.

A bright and easy to use weekly view of my diary.

Last year, I blogged about why I make my work calendar public. It is useful to have a public website where people can see if I'm free or busy. But the version I created relied on Google Calendar which, sadly, isn't that great. It doesn't look wonderful, especially on small screens, and is limited to…

Book Review: Permanent Record

by @edent | , , | 300 words

Edward Snowden, a geek in glasses, looks away from the camera.

Edward Snowden, the man who risked everything to expose the US government’s system of mass surveillance, reveals for the first time the story of his life, including how he helped to build that system and what motivated him to try to bring it down.

Book Review: Helpful Hackers

by @edent | , | 200 words

A locked gate.

The Netherlands is a world leader in responsible disclosure. The Dutch like to resolve conflicts through a process of general consultation: the famous ‘polder model’. In this book, we hear from the hackers, system owners, IT specialists, managers, journalists, politicians and lawyers who have been key players in a number of prominent disclosures. Their stories offer a glimpse into the mysterious world of cyber security, revealing how hackers can help us all.

Who can I hire to hack me?

by @edent | , , | 250 words | Read ~5,560 times.

GitHub screenshot "Insert your security key Press the button on your security key device to finish signing in. If it does not have a button, just re-insert it."

I use a password manager. I have 2FA set up on everything. When an organisation asks me to set a recovery question, I generate a 32 character passphrase. I don't use my mother's maiden name or my first pet's birthday on anything sensitive. I monitor my email addresses for breaches, and I regularly check my…

Tado API Guide - updated for 2019

by @edent | , , , , | 45 comments | 1,350 words | Read ~19,763 times.

Debug screen of a web browser.

Tado is a brilliant smart thermostat. But their API is very poorly documented. This is an updated guide for 2019. I am indebted to Stephen C Phillips' original documentation. Getting started You will need: A Tado (duh!) Your Username (usually your email address) Your Password A Client Secret Getting the client secret I'm using this…