How Can a 10 Year Old Have Administrator Access to Your Fortified Windows 8 and 10 Computer

Hello there. I have been a bit busy working and on-side projects so I would like to share with you some old work I have done before which I haven't shared on my Blog.  Even though I have done a similar video with Windows 7.  This shows that the principle of this flaw does not rely on software but in the design of it.  Since Micro$oft is too busy fixing more "relevant" bugs, I am posting this only for educational purposes.  I am not responsible nor condone illegal acts.


Now, watch and enjoy!

Windows 8:

Windows 10:

BASH ShellShock Bug

By this time we all know that the BASH Shellshock Bug is now history, but think again. There are times when I have found servers with their BASH outdated. Since we know the versions affected are <=3.4, the good news is that it can be easily mitigated. By just updating BASH, you already are ahead of the game. The sad thing: not everybody update their system accordingly. Believe it or not, lots of companies still don't have their system patched and this has to change. They have to start being more conscious about their customers and clients and stop being lazy.
On this video, I will show you what the Shellschock Bug is, the risks of it, how to penetrate a vulnerable system as well as how to mitigate it. Enjoy

Keeping yourself off of the Radar of the NSA. Only fiction? Part 2

Our privacy deminishes every day, day by day and the facts stated on part 1 of "Keeping Yourself Off the Radar of the NSA" is only the tip of this huge iceberg.  The recommendation I gave for part 1 was to use Tails, even though it is not bullet-proof and the person who has the most knowledge wins in this cat and mouse game.  In part 2, we will go through more risks which increase everyday while getting more complex as well.

On this week, we not only found out about software surveillance but also hardware and network-based data mining through big and wealthy corporations as well as the net neutrality law which, by the way, temporarily won the battle but certainly not the war.

Last week, we found out about a vulnerability on Linux systems which are taking advantage from physical DRAM memory chips to gain kernel access to the system.  We also found out how Apple is sending the voice recordings consumers send to "Siri", the iPhone Intelligent Personal Assistant, to third party companies for advertisement and other undocumented purposes.

Further last week we have found out about certain phone brands such as Xiaomi Mi 4 is preloaded with malware by the manufacturer's customer ROM which then they denied and stated that those phones were fake replicas.  But don't worry, not all news are bad news in regards with surveillance.  Earlier this year, we have also found out about new ways to make it harder for governments and corporations to track our digital fingerprints.  The British multi-millionaire Kim dot Com did not only invented a secured end-to-end encrypted way to chat with your friends, but he is also now reinventing a new non-IP based "Internet" called "MegaNet" which, he states, will defy the whole surveillance essence.

But this is not the only attempt of defy tyranic global spies.  There are also other systems right now which are in Beta testing that will be used to form their own Internet and share information as free as people want it, because, after all, information should be free for the world to use it, manipulate it and see it however they would like as long there is no harm to others.

If you watched documentaries such as "Track me if you can" and "Terms of Conditions May Apply" (2003), you will realize that we have no or little control over our privacy. Even secret programs are out there that can track our identity by just finding our walking pattern. How are we then safe from the prying eyes?

From hardware, to software to global surveillance to secret programs to track people and break our privacy, we are in a dystopian world where our only weapon is knowledge.