General Business

Krebs: IoT malware knocks out nearly a milllion Deutsche Telekom routers

Submitted by Sam Moore on Wed, 11/30/2016 - 18:46

 

According to BadCyber.com, which first blogged about the emergence of the new Mirai variant, part of the problem is that Deutsche Telekom does not appear to have followed the best practice of blocking the rest of the world from remotely managing these devices as well.

https://krebsonsecurity.com/2016/11/new-mirai-worm-knocks-900k-germans-offline/

Krebs: San Francisco Rail System Hacker Hacked

Submitted by Sam Moore on Wed, 11/30/2016 - 12:55

Well this is gratifying...
Apparently the guy who ransomewared the San Francisco metro wasn't all that secure himself...

Among other takeaways -

...truthfully answering secret questions is a surefire way to get your online account hacked.

Also, be sure to check out the FBI's anti-ransomware guidelines, linked in the article.

https://krebsonsecurity.com/2016/11/san-francisco-rail-system-hacker-hacked/

A few notes about The Consortium on Gender, Security and Human Rights site

Submitted by Sam Moore on Thu, 03/27/2014 - 14:14

CGSHR Homepage

The new site for
The Consortium on Gender, Security and Human Rights
had its "soft-launch" yesterday. The site is live and usable, but the owners still have a few things they'd like to tweak.
Little do they know, web sites are never really finished - so for all intents and purposes, this is the real thing.

Probably the most interesting part of the project from my point of view was the heavy customization of Apache Solr search results, and the whole search experience. This was mostly accomplished via templates in the site's theme. I'll share a few details in case anyone's interested.

To begin with, this is a Drupal site - specifically D7. The owners had an initial design and a sort of prototype site built by a previous developer in D7, which they handed off to me. That work was done cleanly and competently, but it was clear the client wanted to go so much further than the original builder was prepared to go. I'm not sure what transpired, though I did have a friendly chat with them, but in any case they were out of the picture by the time I got involved.

When I received the site, the first thing I did was to stage it on my Drupion server. Drupion are like family to me, and I've trusted them to help me grow my Drupal business, so it was an easy pick. When the client agreed to host with me for production, that made the decision that much more rational.

Drupion got Solr and Tika set up right away. Solr is a much more powerful search tool than the built-in Drupal search, capable of handling a very large number of indexable items. More info on that here. It runs as a separate server process, and needs about half a Gig of RAM. Tika is an add-on to Solr, which allows searching inside documents such as Word, PDF and other files that are not normally presentable on the web. The client has quite a number of academic research papers and other documents in these formats, so the ability to search inside them was essential.

Once Solr was running and had started indexing the site's content, we looked at what Facets to use for searches. Facets are basically filters - they allow you to limit searches to, say, one content type, or a particular taxonomy term.

Solr_Search

Above, you can see the some of the facets for the overall site search Here we've searched for "Gender" - a term guaranteed to return lots of results on this site.

On the left are check boxes that allow the user to narrow down the search to a particular Country, Region, etc. There's also a facet for Content type. On this site, content types mostly correspond to the type of document or media being shown - Citations, Research, Films, etc.
But you can restrict your search to one content type equally well by using the tabs along the top of the main content area - Films, Lectures, etc.
Clicking one of these will retain the same search terms, but narrow your results down to a single content type (if you want to search 2 content types, you'll have to use the checkboxes on the "All" tab).

In order to get these individual tabs implemented, I set up a separate search environment for each of the key content types. This allowed me to set facets and Bias for each (which we may want to leverage later).

Screen Shot 2014 03 27 at 2 07 15 PM

Next, I made pages for each content type. Each Page has its own title, and most of them (except "All") are limited to a particular Bundle (bundles are essentially content types, at the machine level. Check out D7's Entity system for more info). Because they all have paths that look like /search/--bundle--, they're showing up as tabs on the /search page. Neat :-)

Screen Shot 2014 03 27 at 2 09 53 PM

In my next post I'll show how Facet blocks are set up, and talk about theming the search results. Finally, I'll show some of the Views on the site, which offer more of a browsing experience, which I think complements the Search pages nicely.


Link