Th3 S3cr3t Ag3nt

What is a Mouse Jiggler? A mouse jiggler basically simulates physical movement of your mouse to prevent the computer from going to sleep, the screensaver from starting or the screen from turning off. They can also be handy if someone measures the idle time on your computer and you need to look busy, just saying. Law enforcement use them to stop laptops and servers from going to sleep when making "lights on" arrests. This is especially important to avoid losing hard drive encryption keys. They have also been used by companies wishing to maintain access to machines that they dont have the password for when employees leave. If the machine is awake, we can keep it that way with a mouse jiggler. There are basically two kinds, hardware and software. Hardware devices retail for $20-$40 but you can make your own for less than $6. All you need is some kind of ATMEGA32U4 arduino device. A quick check on ebay/amazon will reveal dozens of devices in all different form factors.

Password munging is the art of changing a word that is easy to remember until it becomes a strong password. This is how most people make up passwords. Munge stands for M odify U ntil N ot G uessed E asily. The trouble is that it doesn't work very well. We can guess the modifications. Password selection. Take the average office worker that is told that it's time to change their password and come up with a new one. They have just been on holiday to New York with their family and so following common advice they choose that as their password. newyork No! They are told they must include capital letters NewYork No! They are told they must include numbers N3wY0rk No! They are told they must include a special character N3wY0rk! There, now that's a password that meets security requirements and our office worker can get on with their actual job instead of playing with passwords. Scripting similar munges There are a number of ways that they could munge the

Zip bombs aren't new. Since the days of bulletin board systems people have been highly compressing implausibly large files and transferring them to target machines to consume resources. Machines these days can handle much larger files and have ever larger amounts of RAM to process them, but zip bombs can still be very useful to an attacker in bypassing weak antivirus or filling up poorly protected servers. Some antivirus software will try to expand the zip file to scan it, using a lot of resources. Others don't try to expand huge files and simply let them through. Either of these options don't really protect us. There was a zip file going around a year or two ago called 42.zip which expands to about 4.5PB. It's good, but can we do better? The most efficient thing to compress is a string of 00000000's. So let's start with a GB of nothing. dd if=/dev/zero bs=1024 count=1048576  And less squeeze that as much as possible dd if=/dev/z