When I first started a YouTube channel in 2016 the intention was to document my learning progression and motivate myself to do more. Since then I have learned a lot and plan to continue growth while sharing it with you.

Thank you again

I have no clue. What I do know is.... it seriously depends on what you need it for, how much you want to spend, and what it takes for YOU to trust another entity to respect your privacy. Terms & Conditions. I typically use AirVPN.

Q: Do you trust them?A: Nope

Q: Why do you use them?A: AirVPN is relatively inexpensive. You may pay with crypto to protect payment details and prevent personal information from being associated with a VPN account. You may connect via TOR( TOR > VPN > INTERNET). The servers can be selected down to a particular city. Finally, it's infosec researcher & CTF friendly (no notices of violation for scanning, etc).

I should mention that I do not use AirVPN often.

Why not?A: The cheapest option is to spin up a server yourself. $4.99 on DigitalOcean/mo. You can vet your own certs and know the company that OWNS the infrastructure. A good number of budget 'VPN provider' infrastructures consist of server instances created in various datacenters that are owned and opperated by various companies whom have established prioritization and service level agreements. Wow, that sounded good!

Community built, little-to-no knowledge needed, Linux options for standing up your own instance are available on Github if you want the reward without the issues that come with manual configuration:

https://github.com/Nyr/openvpn-install -or- https://github.com/angristan/openvpn-install

These installation scripts make adding and revoking users straight forward. Note: Modification will need to be done to allow for client-to-client communication by adding client-to-client to the server configuration file located at /etc/openvpn/server.conf

TLDR; Do research and pick whatever makes you feel the best. Everybody will have a different opinion that is similar to the one you just read.

I don't like to let old hardware go to waste. Period. After a lot of debate I decided to install a headless IRC server on a unused Raspberry Pi v.2 I had from some other project.

$ ssh pi@172.168.1.11
git clone https://github.com/jrosdahl/miniircd.git
cd miniircd
./miniircd [++ applicable parameters]

... and that is all it took. It is an extremely simple IRC server without any options for Nickserv or ops. Most basic commands are allowed which fits the purpose I need it for. A simple, low-low maintenance, quick backup communication method for friends, family, and community members was the task.

As with most things internet it will be available to the public at irc.buf0rd.com:33333 password:"buf0rd". Maybe i'll get around to adding bots and linking to discord. I'm not sure how vulnerable it is so it will stay on the guest LAN.

I didn't really sleep well knowing ssl wasn't enabled. I woke up and created the required .pem(s).

sudo openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem

Then restarted with the modified 'liner'

miniircd --port 33333 --motd /home/pi/miniircd/motd.txt --password-file /home/pi/miniircd/password-file.txt --ssl-cert-file /home/pi/miniircd/cert.pem --ssl-key-file /home/pi/miniircd/key.pem

Doh! I received a few errors. Permissions had to be updated on sudo-user generated .pem files in order for them to be utilized by 'pi' user AND I needed to enable SSL on my IRC client to test.

All done for real this time. A self hosted, ssl enabled, IRC server with self signed certificate

I needed an idea of how bandwidth on my NAS setup was utilized fast and from the CLI. After Looking over a few notes iftop did what I needed.. again.

sudo apt-get install iftop -y

I figured picking up dog poo, from this AM walk, would be a great opportunity to determin how well DOODS object classification & detection + MQTT work. It did amazing! It was able to reliably detect a person next to a dog in a 'odd' position with 82% accuracy. I'm impressed to say the least. Now that I'm able to determine the object being detected, with high enough accuracy, I am able to loop in various security automations.

I pieced together a "POC" for the front doorway light: Turn on when a person, not a generic object, is detected. Before sunrise. After sunset.

alias: Frigate (Front doorway light on person dectect)
description: ''
trigger:
  - platform: mqtt
    topic: frigate/events
    payload: 'on'
    value_template: >-
      {{ "on" if value_json["type"] == "new" and value_json["before"]["camera"]
      == "front_door_cam_fri" and value_json["before"]["label"] == "person" else
      "off"}}
action:
  - type: turn_on
    device_id: 1ac8dbe1de45515de0cb274ec116b916
    entity_id: light.front_doorway_light
    domain: light
mode: single
condition:
  - condition: sun
    before: sunrise
    after: sunset

And finally a .yaml to turn off the light after inactivity of '5 minutes' IF the light is on.

alias: Frigate (Front doorway light AUTO OFF)
description: ''
trigger:
  - platform: device
    type: turned_on
    device_id: 1ac8dbe1de45515de0cb274ec116b916
    entity_id: light.front_doorway_light
    domain: light
    for:
      hours: 0
      minutes: 5
      seconds: 0
condition:
  - condition: device
    type: is_on
    device_id: 1ac8dbe1de45515de0cb274ec116b916
    entity_id: light.front_doorway_light
    domain: light
action:
  - type: turn_off
    device_id: 1ac8dbe1de45515de0cb274ec116b916
    entity_id: light.front_doorway_light
    domain: light
mode: single

MQTT is running on a Home Assistant VM. DOODS (Dedicated Open Object Detection Service), for object detection and classification, is running on a separate Raspberry Pi4 in a Docker container with minimal latency however the process does have an issue after running for approximately 5 days continuous.

Businesses and power home users take notice! This is a extremely low cost solution to home automation and security. DOODS combined with a ESP8266+PIR sensor on ESPHome once again... open the door to endless possibilities.

I was able to get object detection and classification running on Home Assistant via Frigate and a few lines of config

For the final config I have it setup to regonize people, dogs, cars, and trucks. The possibilities are ended but the process does consume a good amount of cpu power.

For a business it would be a great low-cost, fully on-prem, option for object tracking and physical access controls. For instance; Combine the detection of a SINGLE person at a given door with a cellphone's GPS to allow access and prevent tailgating or forced entry by an unauthorized person using an authorized person. Throw in active directory. Like I said... the options are endless.

See you there!

I am going to attempt to reorganize my Unifi/RaspberryPi 'homelab' network cabinet, get rid of unused cables, and redo all wiring to look 'fancy'. This will most likely be a long project but is something I look forward to. Having two network cabinets, two shelves of IOT, and cords everywhere is getting old. The 'upgrade' will allow testing of new hardwares to be more straight forward and easily accessible while in lab. The goal is to be more modular.

A little better

The last step for ethernet cables before the move. I'm awaiting rackmount hardware and panels.

This is as far as i'm going to get for the next week or so to avoid hearing "what's wrong with the internet?"

Getting there..

Almost done.

I finally got around to finishing a network cabiniet. I couldn't believe how many unused ethernet cables were back there. The setup is as follows;

Tripp-Lite patch panel ➬ https://amzn.to/3AMCU8Y
Unifi Security Gateway + RACKIDEA mount ➬  + https://amzn.to/3Oc5fsI
Unifi 24 port switch ➬ https://amzn.to/3uFye11
NavePoint 1U Rack Mount Cable Management Panel with Tidy Brush ➬ https://amzn.to/3PtMjqp
TP-Link Network TL-WR802N 300Mbps Wireless N Nano Router ➬ https://amzn.to/3aCgQ6w
3D printed Raspberry Pi 1u rack ➬ https://www.thingiverse.com/thing:4125055
Kungfuking Aluminum Alloy Shell 8 Outlet Rack-Mount PDU ➬ https://amzn.to/3P3Ac3u
HP EliteDesk 800 G1, i7, rear.
-----------
Services:
FreeRadius
Unifi Controller
Samba[NAS]
Pi-Hole
Docker
Pfsense

Maintenance should be completed by this afternoon.

I have never used Audibly and am using this 'book read' opportunity to explore its offerings. So far, I will stick to reading a physical book.

He really did good work and has a new 'understanding' of how things function at a board level.

Ever since telephone phreaking was 'a thing' soldering and hardware hacking has always been on my radar. I decided to set a little time aside to improve on my 'rework' skills.

The plan is to take my time and finish with something that actually looks half decent. I am actually starting to find the process somewhat relaxing.

I already ruined one led and pad. On to the next step.

I really never looked into the offerings of CLI VLC until recently and am amazed at how much it can do

cvlc v4l2:///dev/video0 :v4l2-standard= :input-slave=alsa://hw:0,0 :live-caching=300 :sout="#transcode{vcodec=WMV2, vb=800, scale=1, acodec=wma2, ab=128, channels=2, samplerate=44100}:http{dst=:8080/stream.wmv}"

This allows me to view a queen ant, under a microscope, over the LAN. She laid eggs. Awww and ewww. I'm not a fan of insects but the kids and I both enjoy the learning experience.

🙃

It made a lot more sense to multicast stream with rtp for a couple of reasons. 1st, I do not need connected clients to have any sort of data control. They are simply consuming the video stream. 2nd, it works better. Most likely because of the less overhead/bandwidth.

cvlc -vvv v4l2:///dev/video0 --sout '#transcode{vcodec=mp2v,vb=800,acodec=none}:rtp{dst=239.0.0.1,port=5004,mux=ts}'

I have a palm tree in the back of the lab growing. It is also connected to my Home Assistant home automation system. The plan is to make this simple setup do everything by itself. The automation part is actually pretty interesting if you have ever coded before because it doesn't use code in the front end. It is basically 'IF-THEN' statements in a point-to-click interface. I'm all for anything nature-positive that deals with technology. So far so good.

Very long story short. I needed a USB Microscope for another rabbit hole.. then I had a thought. Is Amazon marketplace being used to distribute malware? I bought a $20 USB Microscope from Amazon after reading the review below which caught my interest.

Camera: https://www.amazon.com/dp/B07SR7YPV5?psc=1&ref=ppx_yo2ov_dt_b_product_details

There were several reasons why the ad stood out specifically; 1) Several identical units under various sellers/brands. 2)4,800+ purchases for an item w/ several versions. 3) 80 people found "Buyer beware of virus/spyware!" to be a 'helpful' Customer Review. 4) No direct seller contact information available online other than email address. 5) Selling since 2019(ish). That is a long time for any non-professional camera device.

After the unit arrived I went ahead and ran the softwares it was supplied with through VirusTotal. A cryptominer Trojan Horse and bot were found with file autorun.exe [Trojan.Win32.Miner.oa!s1 && https://www.virustotal.com/gui/file/54d268d385ad74ce096bc3848169eca9d8f70efb7e6d22bec68aa294ac32e27e]. Autorun.exe is A file which would automatically run on any Windows PC once the CD is inserted.

VirusTotal: https://www.virustotal.com/gui/file/54d268d385ad74ce096bc3848169eca9d8f70efb7e6d22bec68aa294ac32e27e

False positive? Or new-new obfuscation? I would like to dig a little more.

https://www.jiusion.com/ Is pretty much a mirror of the Microscope sellers' website [https://bysameyee.com/]. When you initiate a search on address 'jiusion@outlook.com' you return A LOT of results and may begin to formulate a picture of their business model. They [possibly could] flood the market with an inexpensive USB microscope, with malware as software, and abandon shop when the outlook isn't great. Then open a new one. Fly-by-night 'usb' brands.

Most data resources associated with that same email are sketchy and almost ALL include links to download AV software and or alternative product drivers. I'll pass.

I decided to download all drivers and softwares directly from the Jiusion website and process through VirusTotal. Nothing was flagged...until Amcap.zip

DO NOT DOWNLOAD: https://www.jiusion.com/tmp/madeimg/Amcap.zipfile.dont.linkme

VirusTotal: https://www.virustotal.com/gui/file/60ec7e0d411aa74bce5f5cf42f6148a2b3ec81794d310ee06e37df502f93c6c6

More flase positives?

I decided to download all drivers and softwares directly from the Bysameyee website and process through VirusTotal.

Next, DO NOT DOWNLOAD: https://www.bysameyee.com/tmp/madeimg/USBCAMERA.apkfile.dont.linkme

VirusTotal: https://www.virustotal.com/gui/file/6136d776d55d734300d68fd0b3b95ba4b2f37482263b40b64b629735adc2c7a9

Now, this one, is simply interesting when compared to the product listings. There is a big push to connect this camera to an Android device. The packing includes a usb OTG adapter and the device manual states it does not support Apple devices.

Next, DO NOT DOWNLOAD: https://www.bysameyee.com/tmp/madeimg/OTGView.apkfile.dont.linkme

VirusTotal: https://www.virustotal.com/gui/file/0d16b38417c1bb531b55e299bcc0578474bfc14bdc493265c7837abb3a57acdc

My RE skills are not the greatest. I doubt I will further research. I was more so curious to see if Amazon took any steps to research product security, based on reviews, after being reported. A few years ago I reported a Uokoo wifi camera that was phoning home at odd hours of the day. I never received a response from the merchant, the manufacturer [in Shenzen], nor Amazon YET the product line was pulled entirely shortly after reported! Uokoo operated with a similar business model from my research.

At this point, the average consumer, should purchase something more reputable.

Yes. I'm keeping the scope.

TLDR video version;

*Yes, I know, a low YT score is usually a good sign. Not always!