How to fine-tune pfSense 2.4.5 for 1Gbit throughput on APU2/APU3/APU4

Background information

APU2, APU3 and APU4 have four 1Ghz CPU cores, pfSense by default uses only 1 core per connection. This limitation still exists, however, a single-core performance has considerably improved. With new BIOS, and settings described below, pfSense can route about 750-800Mbit/s on one connection.

APU2*4 have very performant Intel I210-AT Network Interfaces. These NICs have 4 transmit and four receive queues, being able to work simultaneously on 4 connections. With some fine0tuning, pfSense can take advantage of this and route at 1Gbit when using more than one connection.

Read more…

LoRa Mesh Communication without Infrastructure: The Meshtastic Project (ESP32, BLE, GPS)

Cool projects are rare. Here I found one I want to show to you. An undercover personal communicator. It includes a lot of new technologies: ESP32, Smartphones, LoRa, BLE, GPS, Mesh, and as you see, 3D printing. And it solves a problem which could be seen as a human right: Personal SMS style communication everywhere in the world, without the need for any infrastructure, and without mass surveillance. In addition, it shows the location of all your friends in your group on a map on your Smartphone. Everything open source, of course. How cool is that? Even “Sexycyborg” Naomi Wu likes it.

Throwing Star LAN Tap

The Throwing Star LAN Tap is a passive Ethernet tap, requiring no power for operation. There are active methods of tapping Ethernet connections (e.g., a mirror port on a switch), but none can beat passive taps for portability. To the target network, the Throwing Star LAN Tap looks just like a section of cable, but the wires in the cable extend to the monitoring ports in addition to connecting one target port to the other.

The monitoring ports (J3 and J4) are receive-only; they connect to the receive data lines on the monitoring station but do not connect to the station’s transmit lines. This makes it impossible for the monitoring station to accidentally transmit data packets onto the target network.

Read more…

Secrets of the Nintendo CIC Chip – Early Cartridge Anti-Piracy | MVG

To combat unlicensed games and win back confidence of retailers in North America and Europe, the NES and all licensed games came with a lockout chip known as the 10NES or CIC. In this episode we take a look at this chip , the clone chip that was developed by Atari and how it took 20 years for the homebrew community to reverse engineer the chip and the challenges they faced.

Qubes OS: Security Oriented Operating System

Qubes OS securely divides a user’s digital life into separate domains (or “qubes”) that are isolated in different virtual machines. This video covers Qubes OS system requirements, installation and setup, along with a demo including workspaces, copying data between Qubes, block device handling, and installing and accessing applications.

You can download and support Qubes OS at: https://www.qubes-os.org/

Over 500,000 Zoom accounts sold on hacker forums, the dark web

Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.

These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers.

Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.

Cybersecurity intelligence firm Cyble told BleepingComputer that around April 1st, 2020, they began to see free Zoom accounts being posted on hacker forums to gain an increased reputation in the hacker community.

Read more…

Full disclosure: 0day vulnerability (backdoor) in firmware for HiSilicon-based DVRs, NVRs and IP cameras

This is a full disclosure of recent backdoor integrated into DVR/NVR devices built on top of HiSilicon SoC. Described vulnerability allows attacker to gain root shell access and full control of device. Full disclosure format for this report has been chosen due to lack of trust to vendor. Proof of concept code is presented below.

Read more…