Category: Uncategorized

Posted on

CISCO CCNA Wireless 640 – 722 Cheat Sheets part 1/?

I am currently studying to do the cisco exam.

I will use this blog to post my notes and help the others that are currently studying to the exam also.

Hope that this will be useful to you as it is form me.

Here I will post several topics and explanations that I think they are important to know in order to achieve success in the exam.

Wireless Network Topologies

  • Wireless personal-area networks (WPAN)
    • Short Range
    • Use the 802.15 family
    • Low power consumption e.g.: bluetooth
  • Wireless local-area networks (WLAN)
    • Consume more power but extend the connection (100 meters)
  • Wireless Metropolitan-area Network (WMAN)
    • Connectivity over a wide geographical area e.g.: Mobile phone networks

When a wireless device connect to another it creates what is called Basic Service Set (BSS).

Haddock Networks do not rely on any device other than the stations, they form a Independent Basic Service Set (IBSS)

Ad-hoc networks are limited because no central device is present to decide common rules. (Radio parameters, priority, range etc.)

AP (access point)  organises the BSS, acts similar to a HUB and relays the signal to other wireless or wired networks.

Area that is being covered by one AP is called Basic Service Area (BSA)

Wired section that can be reached though the AP is called Distribution System (DS)

When a DS links two AP the group is called Extended Service Set (ESS)

When a station moves from one BSA to another BSA from another AP it is called roam between cells.

Neighbouring Cells are usually on different channels to avoid Interferences.

Service Set Identifier (SSID) – To allow the station to recognise neighbouring AP offers to the same connection we use names to identify the wireless connections.

AP with the same SSID are differentiated from each other because the MAC Address is associated to the SSID string.

Basic Service Set Identifier (BSSID) – Mac Address of an SSID

Ad-Hoc networks are limited to 2.4Ghz, 802/11 data rates (1,2,5.5 and 11Mbps) No authentication and encryption is used, only WEP security (Shared Key)

Some AP can only have one SSID others can have multiple SSID, those access points are called Multiple BSSID.

They should be used for traffic differentiation and not for increasing capacity of the AP. Stations connecting to this AP will use the same RF space but are isolated from each other by different authentication / encryption mechanisms.

Cisco AP receive the encrypted wifi frame and decrypts it and encapsulates the 802.11 frame into a Control and Provisioning of Wireless Access Points ( CAPWAP ) packet and forwards to the controller.

To achieve isolation the controller can map each SSID to a different VLAN before release the forward traffic to the wired side of the network.

Specialised Devices

AP can be configured to repeat the signal of another access point. (repeater)

AP can be configured as a Workgroup Bridges (WGB) – can connect one or several non wireless devices to the wireless network.

Bridge Mode is used when we want to use 2 AP to connect 2 different networks e.g.: connect two different buildings.

Mesh Network – When we have several AP configured in different ways, where some of the AP are not even connected to a wired network. In this configuration the AP uses a specific protocol to determine its possible paths to the wired network. Paths can change according with several variables such as: traffic loads, response times, radio conditions, traffic prioritisation.

RF Principles

Radio wave is an electric and magnetic field used to transport information.

Different waves have different sizes that are expressed in meters.

Other unit of measure is Hertz (Hz), express how often a wave occurs or repeats per second.

A wave that repeats each second is said to have a frequency of 1Hz

A wave that repeats one billion of times has a frequency of 1GHz.

Lower-frequency signals are less affected by air and travel farther. Wireless networks use the 2.4GHz and 5GHz band, the 5GHz band has slightly less range.

Wave Length – Physical distance from one point of the cycle to the same point of the next cycle.

Wave length is represented with a Lambda symbol.

Waves also have Wave Strength and amplitude, this is usually represented by the greek symbol gamma. – It represents the distance between the highest and lowest crest of the cycle.

Reflection – When a wave hits an obstacle and it bounce the obstacle. The angle is the same as the original angle. Obstacles might have different behaviours based on signal frequencies.

Reflection causes a phenomenon called multi-path, same signal arriving to a station at different time, original and copies reflected by obstacles.

If two of the same waves are receive at same time it causes a power to increase (crest, double positive crest and double negative crest) this condition is called upfade.

If a negative wave is received at the exact same time as a positive wave is received this waves will attenuate each other resulting in no signal at all. (noise cancelation principal).

To fight multi path effects many wireless systems have two antennas linked to the same radio circuit. This is called diversity.

Scattering – Reflections on the air caused by dust or air humidity.

Refraction – Occurs when a wave changes direction.

Signal attenuation form source is called free path loss. – Free path loss is taken into account to determine how much energy must be sent from an emitter to reach a receiver in good conditions.

For long-range radio links, the earth curvature prevents RF line of sight as soon as the range exceeds 7 to 10 miles. You then need to raise the antennas to maintain the line of sight.

Because the RF wave might have been affected by obstacles in its path, it is important to determine how much signal is received by the other endpoint. The value that indicates the amount of power received is called Received Signal Strength Indicator (RSSI). It is a negative value measured in dBm. A higher value (closer to 0) is better and shows a louder signal.

The capability for a wireless card to convert the received signal into data is also affected by the other radio waves hitting the receiver along with the main signal. This unuseful signal received at the same frequency as the main signal is called noise, and it is a negative value measured in decibels (dB).

The difference in strength between the main signal and the background noise is called Signal to Noise Ratio (SNR)

The dB scale is widely used in wireless networks because it enables you to compare relative powers instead of absolute powers.

The decibel scale is logarithmic, which is a little difficult to calculate mentally. To simplify your task, remember three simple values:

  • 0 dB: A measurement of 0 dB is the reference value A=B
  • 0 dB: When the power is 10 dB, the source being examined is ten times more powerful than the reference value. This also works in reverse: If the power is −10 dB, the source being examined is ten times less powerful than the reference value.
  • 3 dB: If the power is 3 dB, the source being examined is twice as powerful as the reference value. With the same logic, if the examined object is half as powerful as the reference value, it will be written −3 dB.

The dB scale is also used to compare the relative power (called gain) of antennas.

Some  measures are normally referenced as dBi Where the i stands for Isotropic antenna.

This imaginary antenna is called the isotropic antenna and is imagined as an antenna that would be one point wide and would radiate its signal perfectly equally in all directions. It is normally used to compare antennas with a common reference point.

Some prefer to use an existing antenna as the reference. The antenna chosen is the simplest possible antenna, Dipole Antenna. The comparison is expressed in dBd.

Antena Principles

Polarisation

Different antennas have different ways of focussing the energy received from the transmitter. All of them emit an electric field (radio wave).

Vertically polarised Antenna types.

Horizontally polarised Antenna Types.

Circular Polarisation

Polarisation mismatch might make the received signal weaker.

Radiation Patterns

Antenna vendors use radiation pattern charts to describe the signal sent by an antenna. It provides a view from above the antenna H-pane and E-plane.

Antenna Types

There are Two main types of Antennas. Omidirectional and Directional.

Omnidirectional Antennas radiate equally in all directions in the H-Plane.

Directional Antennas are designed to cover a specific direction.

Effective Isotropic Radiated Power (EIRP) – Measurement unit that is used to determine how much energy is actually radiated from the antenna. It is represented by the following formula:

EIRP = Tx power (dBm) + antenna gain (dBi) – cable loss (dB)

Posted on

INTRO TO BASH SHELL on MAC – Part 1

Bash is a shell that exists on all Linux machines and in apple machines also.

You can’t not start it directly, or find any many with bash, to run bash you need to simply run a terminal emulator.

That terminal emulator runs bash inside it.

This video shows where you need to go to open a terminal window inside finder.

What you see when you opened it is what we call bash prompt.
The Prompt is where we can call the bash commands.
All commands should be followed by enter key. This enter key is what forces the machine to read my stings and execute them accordingly.
If the machine does not recognizes my strings as a command it will return an error of command not found.

The prompt can be 100% configurable.

The one that is listed on the video is reconfigured but all the basic is present there.

Lets take a look at the prompt.

In the video you will identify the following things in the command prompt:

  • The logged on user
  • The name of the machine where the user is logged on
  • The path where the user is
  • And the command line space.

For that we had to use several commands, the commands will be spoken a bit latter for now I just want to list them and give a introduction.

  • cd – stands for Change directory it is used to change from one directory to another.
  • pwd – stands for Print Working Directory and it is used to show us where we are.
  • ls – stands for list segments and it is used to list files and directories

 

And you can think of the current working directory as the location you are currently at.

Navigate a bit though your file system using the ” CD ” and ” CD .. ” and the other commands that were used on the video to see where you are, and list contents.

You will have different contents than me for sure.

Make yourself comfortable because this will be very useful for the future.

Posted on

Log Types inside /Var/log

This post is for the persons that wish to start understanding the log structure or need to spend lots of time checking logs or trying to analyse what happen in a Linux system.

For them it is vital importance to know what logs exist and what information they can give us.

Most of the logs in Linux environments exist inside the /var/log folders.

This is a list with brief description of what we can find and why they are useful…

While your system is running smoothly try to check the logs and try to understand the existing data and how it might be useful for you.

This will be of valuable importance if something wrong happens and might help you a lot in a crisis.

  1. /var/log/messages – Contains global system messages. Including startup messages. This logs include information from several things like: mail, cron, deamon, kern, auth etc.
  2. /var/log/dmesg – /var/log/dmesg – Contains kernel ring buffer information. When the system boots up, it prints number of messages on the screen that displays information about the hardware devices that the kernel detects during boot process. These messages are available in kernel ring buffer and when the new message comes the old message gets overwritten. You can also view his contents of this file using the dmesg command.
  3. /var/log/auth.log – Contains system authorisation information, including user logins and authentication mechanism that was used.
  4. /var/log/boot.log – Contains information that is logged when the system boots
  5. /var/log/daemon.log – Contains information logged by the various background daemons that are running on the system.
  6. /var/log/dpkg.log – Contains information that is logged when a package is installed or removed using package manager command. (Debian Based systems)
  7. /var/log/kern.log – Contains information logged by the kernel. Helpful for you to troubleshoot a custom-built kernel.
  8. /var/log/lastlog – Displays the recent login information for all the users. This is not an ascii file. You should use lastlog command to view the content of this file.
  9. /var/log/maillog || /var/log/mail.log – Contains the log information from the mail server that is running on the system. (Sendmail logs information about all the forward items to this file).
  10. /var/log/user.log – Contains information about all user level logs.
  11. /var/log/Xorg.x.log – Log messages from the X
  12. /var/log/alternatives.log – Information by the update-alternatives is logged into this log file. On Ubuntu, update-alternatives maintains symbolic links determining default commands.
  13. /var/log/btmp – This file has information about failed login attempt. Use the last command to view the btmp file. For example, “last -f /var/log/btmp | more”
  14. /var/log/cups – All printer and printing related log messages
  15. /var/log/anaconda.log – When you install Linux, all installation related messages are stored in this log file
  16. /var/log/yum.log – Contains information that is logged when a package is installed using yum. (Red Hat based systems)
  17. /var/log/cron – Whenever cron daemon (or anacreon) starts a cron job, it logs the information about the cron job in this file.
  18. /var/log/secure – Contains information related to authentication and authorization privileges. For example, sshd logs all the messages here, including unsuccessful login.
  19. /var/log/wtmp or /var/log/utmp – Contains login records. Using wtmp you can find out who is logged into the system. who command uses this file to display the information.
  20. /var/log/faillog – Contains user failed login attempt. Use faillog command to display the content of this file.

What goes inside to some of this files is controlled by rsyslog based on what is defined in the configuration file: /etc/rsyslog.conf

Try to edit it and you will see the files that where configured with all the specifications.

You can also use this tool to send the logs to any remote location.

*.info indicates that all logs with type INFO are logged.
mail.none,authpriv.none,cron.none indicates that those error messages are not logged into the /var/log/messages file.
You can also specify *.none, which indicates that none of the log messages is logged.

Other logs can be found in this folder depending on the applications that are running there.

This is a small example of the most used ones based on my experience.

  1. /var/log/httpd/ || /var/log/apache2 – Contains the apache web server access_log and error_log
  2. /var/log/lighttpd/ – Contains light HTTPD access_log and error_log
  3. /var/log/mail/ – This subdirectory has more logs from your mail server. For example, sendmail stores the collected mail statistics in /var/log/mail/statistics file
  4. /var/log/audit/ – Contains logs information stored by the Linux audit daemon (auditd).
  5. /var/log/setroubleshoot/ – SELinux uses setroubleshootd (SE Trouble Shoot Daemon) to notify about issues in the security context of files, and logs those information in this log file.
  6. /var/log/samba/ – Contains log information stored by samba, which is used to connect Windows to Linux.
  7. /var/log/sa/ – Contains the daily sar files that are collected by the sysstat package.
  8. /var/log/sssd/ – Use by system security services daemon that manage access to remote directories and authentication mechanisms.
Posted on

BASH Weather forecast…

Stumbled on this, and I had to share it… 🙂

If you are really a pro 😛 you need to get your weather forecast using BASH shell… 🙂

Just use this:

curl -4 http://wttr.in/Munich

You will have something like this…

Screen Shot 2016-02-20 at 13.05.23

Posted on

Protecting our Privacy in Windows 10

This post is for the ones that use the windows 10 express installation.

Most of the persons will use the express installation, after it finishes you should follow the video  to disable all settings and protect your privacy.

You can’t disable all things like the windows reporting settings, but at least we can restrict them to basic and hope that it does not send too much private information to Microsoft.

Were is a small video that can help you on the first phase.

Posted on

Windows 10 Feedback, Diagnostics and Privacy…

From all the things that I saw in Windows 10 the one that got most of my attention is the Feedback and Diagnostics option.

At the moment I find really limited the amount of information that Microsoft gives related with the information that she collect using this feature.

This feature is the only one that we can’t disable, we can only change between 3 options.

As you use Windows, we collect performance and usage information that helps us identify and troubleshoot problems as well as improve our products and services. We recommend that you select Full for this setting.

  • Basic information is data that is vital to the operation of Windows. This data helps keep Windows and apps running properly by letting Microsoft know the capabilities of your device, what is installed, and whether Windows is operating correctly. This option also turns on basic error reporting back to Microsoft. If you select this option, we’ll be able to provide updates to Windows (through Windows Update, including malicious software protection by the Malicious Software Removal Tool), but some apps and features may not work correctly or at all.

  • Enhanced data includes all Basic data plus data about how you use Windows, such as how frequently or how long you use certain features or apps and which apps you use most often. This option also lets us collect enhanced diagnostic information, such as the memory state of your device when a system or app crash occurs, as well as measure reliability of devices, the operating system, and apps. If you select this option, we’ll be able to provide you with an enhanced and personalized Windows experience.

  • Full data includes all Basic and Enhanced data, and also turns on advanced diagnostic features that collect additional data from your device, such as system files or memory snapshots, which may unintentionally include parts of a document you were working on when a problem occurred. This information helps us further troubleshoot and fix problems. If an error report contains personal data, we won’t use that information to identify, contact, or target advertising to you. This is the recommended option for the best Windows experience and the most effective troubleshooting.

While I was  trying to see info on what is collected by this feature I stumble on this F.A.Q. page.

There the following question and answer is present:

Who sees the diagnostic and usage information that’s collected through feedback and diagnostics?

Microsoft employees, contractors, vendors, and partners might be provided access to relevant portions of the information collected, but they’re only permitted to use the information to repair or improve Microsoft products and services, or third-party software and hardware designed for use with Microsoft products and services.

This sentence basically says trust us,  we collect lots of information and give it to many persons but do not worry they will only use this to improve the product. 

Once more I trust in good faith but if we do not know how the they achieve the objective  and what is the information they collect it is hard to trust.

(UPDATE) – This features can only be disabled in the enterprise version of windows 10 by GPO value to 0 .

Posted on

Microsoft Visual Studio, OSX and Linux

Microsoft has released a light version of Visual Studio for Linux and Mac OS X, there is also a version for Windows but that does not count…

https://code.visualstudio.com

What is interesting on this?

Well for start it seems that finally Microsoft considers the other OS systems important and the company might think to continue leading by incorporating their framework. (.net) into other Operating Systems.

The app seems more a first version of a trojan horse for OS X and Linux users to persuade them to install mono framework (.net).

Why I say this?
Because they advertise some interesting functionalities but apparently they only work if you install the mono framework.
Without the mono framework the tool is not much different from Text mate.

I am happy that Microsoft is trying to expand the .net framework to other platforms.

I had my first experience with mono in 2005 on earlier versions of .net and it was really useful. We used it to port some code into Linux but it was still immature back then, managed by enthusiasts without no real support from Microsoft.

Now with the .net foundation  and their projects things are starting to become more interesting, it is always good when we have competitors at same level JAVA and .NET… (now my Java friends and coworkers will stop talking with me because I used the words “same level” with java and .net…)

Java will have a huge headache in near future as .net starts spreading into Linux/Unix world.

Also it will be a huge advantage for the cloud when we have a major player like Microsoft Azure and we can start developing apps and tools using Linux instead of being exclusively obligated to have windows for a more efficient development.

According to the Microsoft Objectives .net apps will work in mobile phones, windows, Linux, MAC, etc. We can truly have the code once and use it everywhere…. 🙂

I am still waiting for Visual Studio 2015 for MAC… 🙂 that would be great…

Posted on

Windows 10, License Agreements, Personal & Private Information!

I Today I have seen some news related with the License Agreement of Microsoft on Windows 10…

For what I have read it seems that they will allow themselves to scan all your machine and personal data so they can know you better. 🙂

I believe in good faith but I do not thrust companies that gather more than what is required  about us.

I accept the fact that when I am shopping I have to give my name and CC number I do not accept the fact that I have to give my age, gender, GPS coordinates, birth date and all other information that are not required to complete the service.

I found the statements strange about this data privacy policies, with curiosity I have started to read some policy documents and collect more information about this.

This is what I have found in the Windows 10 License Agreement.

Privacy; Consent to Use of Data. Your privacy is important to us. Some of the software features send or receive information when using those features. Many of these features can be switched off in the user interface, or you can choose not to use them. By accepting this agreement and using the software you agree that Microsoft may collect, use, and disclose the information as described in the Microsoft Privacy Statement (aka.ms/privacy), and as may be described in the user interface associated with the software features.”

This is a very brief statement that points to other page and policy…

What does this means?!!?

I have checked the other page  that they call aka.ms/privacy   and found this user terms :

Personal Data we Collect Microsoft collects data to operate effectively and provide you the best experiences with our services. You provide some of this data directly, such as when you create a Microsoft account, submit a search query to Bing, speak a voice command to Cortana, upload a document to OneDrive, or contact us for support. We get some of it by recording how you interact with our services by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device. We also obtain data from third parties (including other companies). For example, we supplement the data we collect by purchasing demographic data from other companies. We also use services from other companies to help us determine a location based on your IP address in order to customize certain services to your location. The data we collect depends on the services and features you use, and includes the following.

Name and contact data. We collect your first and last name, email address, postal address, phone number, and other similar contact data.

Credentials. We collect passwords, password hints, and similar security information used for authentication and account access.

Demographic data. We collect data about you such as your age, gender, country and preferred language.

Interests and favorites. We collect data about your interests and favorites, such as the teams you follow in a sports app, the stocks you track in a finance app, or the favorite cities you add to a weather app. In addition to those you explicitly provide, your interests and favorites may also be inferred or derived from other data we collect.

Payment data. We collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument.

Usage data. We collect data about how you interact with our services. This includes data, such as the features you use, the items you purchase, the web pages you visit, and the search terms you enter. This also includes data about your device, including IP address, device identifiers, regional and language settings, and data about the network, operating system, browser or other software you use to connect to the services. And it also includes data about the performance of the services and any problems you experience with them.

Contacts and relationships. We collect data about your contacts and relationships if you use a Microsoft service to manage contacts, or to communicate or interact with other people or organizations.

Location data. We collect data about your location, which can be either precise or imprecise. Precise location data can be Global Position System (GPS) data, as well as data identifying nearby cell towers and Wi-Fi hotspots, we collect when you enable location-based services or features. Imprecise location data includes, for example, a location derived from your IP address or data that indicates where you are located with less precision, such as at a city or postal code level.

Content. We collect content of your files and communications when necessary to provide you with the services you use. This includes: the content of your documents, photos, music or video you upload to a Microsoft service such as OneDrive. It also includes the content of your communications sent or received using Microsoft services, such as the: subject line and body of an email, text or other content of an instant message, audio and video recording of a video message, and audio recording and transcript of a voice message you receive or a text message you dictate. Additionally, when you contact us, such as for customer support, phone conversations or chat sessions with our representatives may be monitored and recorded. If you enter our retail stores, your image may be captured by our security cameras. You have choices about the data we collect. When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary to provide a service, you may not be able to use some features or services. Service-specific sections below describe additional data collection practices applicable to use of those services.

All this seems global to several services that Microsoft supplies to their customers.

The email situation is particularly strange…

Microsoft sells Office 365 services to companies, does this policy means that all their emails and documents contents are read and stored somewhere in a Microsoft Database? This gives Microsoft a huge power on the markets or Competitive Intelligence if they use this data.

Should we in good faith trust a corporation this information?

Google refuses to receive or relay encrypted email, I am now curious to see if the same happens in Outlook.com 🙂
This is global policy and might or might not apply to windows 10.

Thinking again the integration of Windows 10 with the other services will cause that windows 10 indirectly will make use of this license agreements… By using their extra services we might get covered by this policies without conscience and somewhere in time we will be giving Microsoft more information than what we wished…

Now in my thoughts Windows 10 free upgrade seems more interesting as it seems to be used as a strategy to sooner or later people use other Microsoft  cloud services and then most of this policies will apply and in the end Microsoft will have more power over people and lots of valuable aggregated data. If you use some of the advertised functionalities of Windows 10 you will have to use the cloud services, if you fall on that sweet talk you will be giving money and bonus value (information) to Microsoft.

Unless this companies explain very well:

1 – How the info is protected from third parties.

2 – How the info is protected from employees of the company

3 – How that info is processed

I will get suspicious.

Probably even after reading this information I will continue to be suspicious on this companies…

I did not manage to find all this until the moment.

It would be more easy to have in this huge amount of policies something like how we protect your data… 

I am not a lawyer but Microsoft is an American company so if NSA requests information from this databank I don’t think Microsoft can refuse…

Because this seems to be a global Policy lets see what specific information Microsoft collects from Windows 10 Operating systems, not counting with other services integration…

Location Services Windows location service. Microsoft operates a location service that helps determine the precise geographic location of a specific Windows device. Depending on the capabilities of the device, location is determined using satellite global positioning service (GPS), detecting nearby cell towers and/or Wi-Fi access points and comparing that information against a database that Microsoft maintains of cell towers and Wi-Fi access points whose location is known, or deriving location from your IP address. When the location service is active on a Windows device, data about cell towers and Wi-Fi access points and their locations is collected by Microsoft and added to the location database after removing any data identifying the person or device from which it was collected. Microsoft may also share de-identified location data with third parties to provide and improve location and mapping services. Windows services and features (such as browsers and Cortana), applications running on Windows, and websites opened in Windows browsers can access the Windows location service to determine location if you allow them to do so. Some features and apps request location permission when you first install Windows, some ask the first time you use the app, and others ask every time you access the location service. For information about certain Windows apps that use the location service, see the Windows Apps section below. Data about a Windows device’s recent location history is stored on the device, and certain apps and Windows features can access this location history. You can clear your device’s location history at any time in the device’s Settings menu. In Settings, you can also view which applications have access to the location service or your device’s location history, turn off or on access to the location service for particular applications, or turn off the location service. Note that on mobile devices, your mobile operator will have access to your location even if you turn off the location service. Find My Phone. The Find My Phone feature allows you to find the location of your Windows phone from https://account.microsoft.com, even if you have turned off all access to the location service on the phone. If you have turned on the “save my location every few hours” feature in the Find My Phone settings on your phone, the Find My Phone feature will periodically send and store a single last known location of your phone, even if you have turned off location services on your phone. Each time a new location is sent, it replaces the previously-stored location. Find My Device. The Find My Device feature allows an administrator of a Windows PC or tablet to find the location of that device if the administrator has enabled the location service for the device, even if other users have disabled location for themselves. When the administrator attempts to locate the device, users will see a notification in the notification center. Windows Motion Sensing. Windows devices with motion activity detection can collect motion activity. This data can enable features such as a pedometer to count the number of steps you take, so a fitness application can estimate how many calories you burn. This data and history is stored on your device and can be accessed by applications you give permission to access and use that data.

Most of the personal things on the computer can be disabled so theoretically you can control what you give.

That is good and correct from manufacturer but what happens when you start using all other cloud services?

For some information it really does not need to collect data from your computer or GPS, all it needs is to correlate data using your IP with third-party information and it will know where you are, it will be even better if it gets your BSSID or SSID.

Reading a bit more…

Your backup of encryption key goes to the OneDrive where probably enters in the Backup cycle of Microsoft Cloud and can be stored for some time… even after we delete it… 🙂

Device encryption. Device encryption helps protect the data stored on your device by encrypting it using BitLocker Drive Encryption technology. When device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for your device is automatically backed up online in your Microsoft OneDrive account.

Information of our connectivity is also interesting…

Remember when I said they only need to get your IP or BSSID or SSID?

Here is the policy on what they collect from us.

Usage and connectivity data. Microsoft regularly collects basic information about your Windows device including usage data, app compatibility data, and network and connectivity information. This data is transmitted to Microsoft and stored with one or more unique identifiers that can help us recognize an individual user on an individual device and understand the device’s service issues and use patterns. The data we collect includes: Configuration data, including the manufacturer of your device, model, number of processors, display size and resolution, date, region and language settings, and other data about the capabilities of the device. The software (including drivers and firmware supplied by device manufacturers), installed on the device. Performance and reliability data, such as how quickly programs respond to input, how many problems you experience with an app or device, or how quickly information is sent or received over a network connection. App use data for apps that run on Windows (including Microsoft and third party apps), such as how frequently and for how long you use apps, which app features you use most often, how often you use Windows Help and Support, which services you use to sign into apps, and how many folders you typically create on your desktop. Network and connection data, such as the device’s IP address, number of network connections in use, and data about the networks you connect to, such as mobile networks, Bluetooth, and identifiers (BSSID and SSID), connection requirements and speed of Wi-Fi networks you connect to. Other hardware devices connected to the device. Some diagnostic data is vital to the operation of Windows and cannot be turned off if you use Windows. Other data collection is optional, and you will be able to turn this data collection on or off in Settings.

Why they need my BSSID and SSID???
If I am using a public one, for what I have read, they buy that info from third parties, if it is personal why do they need to have it?

And finally I love the last statement Some diagnostic data is vital to the operation of Windows and cannot be turned off if you use Windows.

I am now curious if some companies when they give this diagnostics to Microsoft really know what is in the package…

I believe some know but most just have good faith. Same as users.

What is this part that we can’t disable and keeps feeding Microsoft with our data?!?!?!

In reality this makes redundant the GPS situation… the difference is just the precision that they can pin point you on the map.

Also this is interesting, if you use a wi-fi network and you use Tor to make your traffic anonymous it means that somehow in specific situations they can get your wi-fi information? That information correlated with other info will make Tor useless…

This with the policy that you are forced to accept windows updates makes me think in some more conspiracy theories… 😛

Probably is some requirement that governments need…

Speaking of data retention…

Microsoft retains personal data for as long as necessary to provide the services and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. For example: For Bing search queries, we de-identify stored queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers after 18 months. In Outlook.com, when your Deleted Items folder is emptied, those emptied items remain in our system for up to 30 days before final deletion. If you remove a credit card from your account, Microsoft will retain transaction records containing your credit card number for as long as reasonably necessary to complete any existing transactions, to comply with Microsoft’s legal and reporting requirements, and for the detection and prevention of fraud.

Strangely I did not find nothing related with OneDrive Retention Policy… Remember the place where it is stored our encryption key?!!!

Well I found all this in around 2 hours reading policies and jumping around from one to another…

I might be wrong but it seems in some cases they are collecting more that what they need to provide us the services they sell.

I hope this creates more awareness to people and they can decide in conscience if they want to give or not personal information control to corporations.

Posted on

Kali Linux, Raspberry PI and 64GB SD card not fully used…

I have installed the Kali Linux image for the fist time in a RaspberryPi to play a bit and understand what we can do with it…

I used a 64GB SD card but the image does not use all the available space on the SD card.
The official installation has a config that allow us to expand the disk so I guess we can use that to do the same in Kali.

How can I install the rasps-config tool?
What do I need to make it work correctly?

I have found this walk through to expand the disk, I hope it is useful to others.

 

wget http://archive.raspberrypi.org/debian/pool/main/r/raspi-config/raspi-config_20150131-1_all.deb
wget http://http.us.debian.org/debian/pool/main/t/triggerhappy/triggerhappy_0.3.4-2_armhf.deb
wget http://http.us.debian.org/debian/pool/main/l/lua5.1/lua5.1_5.1.5-7.1_armhf.deb
dpkg -i triggerhappy_0.3.4-2_armhf.deb
dpkg -i lua5.1_5.1.5-7.1_armhf.deb
dpkg -i raspi-config_20150131-1_all.deb
raspi-config
Posted on

How to check if a used iPhone is stolen.

I confess that I just noticed this tool recently, I find it very useful, everyone should have knowledge of it.

Apple is trying to address the situation of the stolen mobile phones. It seems hard and isolated in this hard work but at least it is trying.

Apple phones have a very high demand either as used or new.

Since the release of the IOS7 that apple requires the typing of the previous Apple id activation account and password before it changes to another account.

But this is not enough, Apple now has created a tool to check a phone activation lock status. With this tool we are able to check if the used phone was stolen or not.

This might be very useful if you’re trying to get a used phone over the internet!

No one likes to buy a brick, or not being able to activate the phone with our apple id… Or, even worse, being caught with stolen property.

In order to check the phone status you will need the IMEI or the serial number (International Mobile Equipment Identifier) this numbers  are unique identifiers to each phone.

Once you get one of them you can go to the apple activation lock status website ( Apple Activation Lock Status ), type the IMEI or Serial number on the forms and fill the remaining information, press continue.

The next screen will show you if the phone has its activation lock feature enabled.

If activation lock is on, the following things might be going on:

1 – The phone is stolen and the seller can’t disable the activation lock.

2 – The seller forgot to turn off the activation lock and will be able to deactivate it in order to complete the sell.