VLC OSX dock history deactivate

To deactivate the history of recent files opened with VLC displayed in the OSX dock can be done with the following commands (execute in terminal):

defaults write org.videolan.vlc NSRecentDocumentsLimit 0
defaults delete org.videolan.vlc.LSSharedFileList RecentDocuments
defaults write org.videolan.vlc.LSSharedFileList RecentDocuments -dict-add MaxAmount 0

Restart dock:

killall Dock

Find more

Adding your own crt from a CA to ubuntu local ca store

If you are trying to for example develop python and accessing something encrypted with SSl and that SSL certificate is not signed by a well known CA you might get an error.

That is because your CA is not added to the local CA store of e.g. Ubuntu.

You can add your signatures by:

sudo mkdir /usr/share/ca-certificates/extra
sudo cp FOO.crt /usr/share/ca-certificates/extra/FOO.crt
sudo dpkg-reconfigure ca-certificates

Then the new certificates will be added to your local store.
(please be careful as sudo dpkg-reconfigure ca-certificates is only checking for files *.crt, so no *.cer etc).

raspberry pi libgcc1 problem

Havin problems with your PI to update:

sudo apt-get install libgcc1
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut.
Statusinformationen werden eingelesen.... Fertig
Die folgenden NEUEN Pakete werden installiert:
0 aktualisiert, 1 neu installiert, 0 zu entfernen und 0 nicht aktualisiert.
2 nicht vollständig installiert oder entfernt.
Es müssen noch 0 B von 54,2 kB an Archiven heruntergeladen werden.
Nach dieser Operation werden 210 kB Plattenplatz zusätzlich benutzt.
E: Debconf-Version konnte nicht ermittelt werden. Ist debconf installiert?
debconf: apt-extracttemplates schlug fehl: Datei oder Verzeichnis nicht gefunden
dpkg: Vor-Abhängigkeitsproblem betreffend .../libgcc1_1%3a4.8.2-21~rpi3rpi1_armhf.deb, welches libgcc1:armhf enthält:
libgcc1 hängt (vorher) von multiarch-support ab
multiarch-support ist entpackt, wurde aber nie konfiguriert.

dpkg: Fehler beim Bearbeiten von /var/cache/apt/archives/libgcc1_1%3a4.8.2-21~rpi3rpi1_armhf.deb (--unpack):
Vor-Abhängigkeitsproblem - libgcc1:armhf wird nicht installiert
Fehler traten auf beim Bearbeiten von:

(Sorry for german only)

ans other stuff is also not working:

sudo apt-get install --reinstall multiarch-support libgcc1 debconf
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut.
Statusinformationen werden eingelesen.... Fertig
Probieren Sie »apt-get -f install«, um dies zu korrigieren:
Die folgenden Pakete haben unerfüllte Abhängigkeiten:
debconf : Hängt ab von (vorher): perl-base (>= 5.6.1-4) soll aber nicht installiert werden
Empfiehlt: apt-utils (>= 0.5.1) soll aber nicht installiert werden
Empfiehlt: debconf-i18n soll aber nicht installiert werden
E: Unerfüllte Abhängigkeiten. Versuchen Sie »apt-get -f install« ohne Angabe eines Pakets (oder geben Sie eine Lösung an).

You might want to do the following:

Locate the latest multiarch file
wget it...
sudo dpkg -i --force-depends multiarch-support_2.13-38+rpi2+deb7u3_armhf.deb
sudo apt-get -f install
sudo apt-get update
sudo apt-get upgrade

Things I have googled for:

raspberry libgcc1 problem

raspberry debconf has never

sudo dpkg -i --force-depends multiarch-support_2.13-38+rpi2_armhf.deb
sudo apt-get -f install
sudo apt-get update

Simsme a secure messenger

(c) Deutsche Post AG

(c) Deutsche Post AG

There have been some ongoing discussions about Facebook Messanger / Whattsapp – security, encryption, privacy etc.
Just a few days ago Facebook made a big move pushing more users to the Facebook Messenger.
And now a new big player enters the field of messengers: Deutsche Post.

They announced a product called „Sims Me“ being a „free and secure messenger on iOS and Android“.

Of course Deutsche Post has some expirience with delivering messages for hundrets of years. But this is not the first App Deutsche Post is providing, officially the apps are developed by „DP IT Brief GmbH“.

Key Features of SimsMe

– End to end encryption
– everything stored on servers
– self destructive messages *
– Ability to connect to your existing contacts (but only by granting SimsMe access to your contacts)
– Confirm users by QR code (same like Threema)
– App is password protects -> if your possword got lost, your app data is gone, you have to reinstall it.

* only for th first million users for free

There is a good FAQ on the page.


The starting phase was a bit to much for Deutsche Post as to much users tried the service, but for now it is okay, some bugs have to been fixed, there is some space for improvement regarding UI, but overall a nice product.

Of course stating „it is end-to-end encrypted“ does not mean anything. I haven’t seen a Audit of the App, even if it would be open source, there is no evidence that the open source code is the code DP IT Brief GmbH is sending to Apple / Google. And there is no way to check wether the app uploaded from DP IT Brief GmbH to Apple / Google is the App that you are downloading to your device (they are in a position to madify apps). That said, having a big company providing an app with end to end encryption is better than using a plain-text or not properly encrypted app. But still, if you want to exchange sensitive stuff, face to face is the way to go.


iOS Itunes download
Andoid Google Playstore

REMNux set time

REMNux, an awesome Unix distribution built by Lenny Zeltser for reverse engineering malware. It is build for out of the box reversing.

The documentation is almost complete, but one point I was missing while using it is quite important: correct time settings!
In order to check certain logs, contain evidence etc you want to have an accurate time setting on the system.

First: set the right timezone:

sudo dpkg-reconfigure tzdata

The first shot then would be NTP by:
sudo ntpdate ntp.ubuntu.com #or your prefered NTP server (maybe in your lab envirenment)

Because of the content running in the system, you might want to limit network access so NTP might not be available.
To set the date manually use:

sudo date $newdatetimestring

To print this string on another unix system use the following command:
date "+%m%d%I%M%Y.%S"

Copy this string and modify it according to the difference between copy paste process.
Check your correct date settings with:

Now happy reversing

Reference: Install REMNUX as virtual instance

Recovering Photos From Bad Storage Cards (with ddrescue)

Today, Jonathan Zdziarski wrote a Blog post about recovery of Photos on a corrupt SD card. In total, the article is very good, but I would prefer to use ddrescue instead of dd only.

Had good expieriences with ddrescue in the past while recover data from SD cards and HDDs as well.

Hope this helps

Kippo Honeypot stop

To stop Kippo Honeypot, you could use two options, first you could check your connections:

netstat -l -p

and then kill the process with the PID via

kill -9 $PID

Or you could use the small script available at github (https://github.com/beardyjay/bHoneypot/issues/15):



if ! [ -f $PIDFILE ]
echo „Kippo is not running ..“


echo „Stopping Kippo ..“
kill -TERM $PID
rm -f $PIDFILE

with the result:

pi@raspberrypi ~/kippo-read-only $ ./stop.sh
Stopping Kippo ..

Threema – Whattsapp with encryption

Whattsapp the popular smartphone app has several „privacy issues“ due to lack of encryption.

but there is an alternative solution with end to end encryption: Threema.
The company behind Threema is based in switzerland.

They have a special section within their FAQ for security questions: FAQ

Threema is at the moment only available for Android and iOS, so no Blackberry nor Windows Mobile support, but that should only be a question of time.

Another blogpost about threema: http://damienclayton.co.za/2013/09/threema-secure-mobile-messaging-for-everyone/

But there are some concerns as the messages are stored plain on the device: article on hetzel.net (german only)

Download iOS app
Download android version

a better wp security plugin problem

Das WordPress Security plugin „A better wp security“ ist sehr wertvoll, bei manchen Webhostern können einzelne Funktionen jedoch dazu führen, dass der WordPress blog nicht mehr erreichbar ist.

Z.b. führt das nutzen der Funktion „Dateiänderungen tracken / File change detection“ auf einem shared hoster unter Umständen zu einem Timeout, weil nicht genug CPU / RAM vorhanden ist um alle Files zu checken.

Hier muss das plugin „A better WP security“ zurück gesetzt werden.

Mit dem folgenden SQL command werden alle options rückgesetzt:

FROM `wp_options`
WHERE option_name LIKE '%bwps%'

Alternativ lohnt sich ein Blick in die htaccess, welche durch das plugin ggf. auch angepasst wird.

Die default WordPress htaccess Datei sieht wie folgt aus:

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

Für Einsteiger noch eine Buchempfehlung zu dem Thema:

Für Profis: