My latest project has gone online

For some days now, a project I’ve been working on for some time has been online: it is a solution for monitoring the Internet. Right now the main focus is on the search for phishing kits and webshell. As it is designed, the solution can perform various other tasks but given the consumption of resources that this type of work entails (and that the resources available, already like this, are almost at the limit) for now I am limiting its functionality.

It is a project that I carry out as a hobby so I work on it in the spare time, but lately it has been giving me some satisfaction!

The thing I like most about this project is that it presents a significant amount of difficulties that allow me to always learn new things on different fronts: design, programming, databases, systems, networks and of course, security.

If you are interested in the result of this project you can find the results on my Twitter account (which has now become unusable given the amount of messages that the platform produces …).

The solution consists of several subsystems and some of these I have decided to release on Github. The first project that I released is Argilla, it is still in beta and has some bugs as well as being poor in functionality, but it is light and does what I need right now. When I have time I will evolve it to make it more usable in other contexts.

Currently 4000000 of websites are analyzed every day, for each site the content is analyzed and a value indicating the level of risk is calculated. Sites with higher risk values ​​are published on Twitter as “Threat” and “Possible threat”. Before being published on Twitter they are reported to Netcrat through the appropriate API. The publication on Twitter includes, in addition to the link, some hashtags (mainly #phishing and #opendir) and, since the last release, the registrar who registered the domain is tagged.

The application components are developed in .NET, Core and Framework, the operating systems are Windows 2019 (for the database) and Linux for the agents. The database is SQL Server 2019. The databases are 4 for a total of about 300GB and grow by about 6GB per day.

Right now I am evaluating the possibility of adopting Tensorflow for some works but I am having some difficulty in creating useful datasets. If anyone has skills and wants to work on this project, any help is welcome!

Finalmente udienza!

E finalmente arrivò il 18 giugno! Dopo un paio di rinvii causa COVID, ieri era il giorno dell’udienza per l’ingiunzione di pagamento che abbiamo presentato come IT Attitude verso UniCredit.

L’udienza si è tenuta presso il Tribunale di Milano e nonostante il mio avvocato avesse provveduto ad avvisarmi che si sarebbe svolta “nelle forme della trattazione scritta” io qualche giorno prima mi ero già attrezzato per la trasferta! Per fortuna che la formula, per quanto io ignorante in materia, mi aveva messo la pulce nell’orecchio e così avevo deciso di chiamare il mio avvocato per chiedere conferma. Mi disse che non c’era da andare da nessuna parte e che avremmo depositato note scritte. Bene, mi sono risparmiato una gita inutile a Milano e relativa figuraccia…

Oltre alle nostre note anche l’avvocato di UniCredit ha depositato le sue. Dopo aver letto la nota un paio di volte ho pensato di riprendere quanto scrittovi per questo post, un po’ per raccogliere le idee, un po’ per condividere con voi quello che succede in alcune presunte “grandi aziende”.

Nei nostri atti abbiamo riportato il fatto che il nostro credito nei confronti di UniCredit è maturato a fronte di comportamenti interni a UniCredit stessa in contrasto delle loro stesse regole aziendali. Questo ovviamente l’avvocato di UniCredit non può accettarlo come dato di fatto, però (non avendo io ragione di pensare che esso sia uno sprovveduto) sono certo che in cuor suo ben sappia come funzionino le cose. La realtà, anche se inelegante, resta tale, quindi ritengo sano riportare un po’ di numeri e fatti.

Nelle note di UniCredit si legge “presunta e non provata “consuetudine consolidata tra le parti””. Ovviamente UniCredit contesta il fatto che gli si dica che alcuni dei suoi facciano come cazzo gli pare, ma tant’è.

La visione paradisiaca in cui a inizio anno si assegna un budget e con quello i manager fanno i progetti, non funziona sempre. Anzi, spesso già ad Aprile li trovi che cercano soldi per fare cose (utili o meno, dipende dai punti di vista) e molto spesso per cercare di tappare casini fatti a suo tempo ed ancora pendenti. Nel nostro caso, il casino era che a fronte di un budget per un’attività da svolgere con alcune persone, ci fu chiesto di fare diverse altre attività, con più persone coinvolte. Oltre a questo ci fu chiesto di subappaltare attività a società terze, non accreditate presso UniCredit (chissà come furono scelte quelle società) e di comprare materiale da far poi passare come giornate.

Qui il primo dubbio che mi viene rileggendo (immagino che sarebbe dovuto venire anche a qualcuno in UniCredit) è, ma questi con un team di x persone, come fanno a fattura più di x * <giorni del mese>? E si perché se metti nero su bianco che una persona ha lavorato 40 giorni in un mese, in un’azienda normale qualcuno ti chiama e ti chiede chiarimenti, in UniCredit no. O meglio, in alcuni casi lo fanno e in altri no (chissà come discriminano).

Così ad esempio, a fronte di un ordine per un attività di “running”, abbiamo emesso fattura per l’intero importo annuale, ad Aprile. Nessuno ha chiesto come mai fatturassimo l’attività otto mesi prima. Ma un caso potrebbe non essere consuetudine, vediamo se ne trovo altri…

Ad esempio, visto che a fronte delle continue richieste di UniCredit noi eravamo sempre sotto di ordini, la risposta della banca quale era? Un classico “fattura su questo”, dove “questo” identificava un PO emesso per un’attività di cui non avevamo mai sentito parlare, con richiedenti a noi sconosciuti, ma evidentemente compiacenti. Ad esempio:

  • 2000408157
  • 2000416132
  • 2000402596
  • 2000398771
  • 2000393392
  • 2000391292
  • 2000381248
  • 2000351132
  • 2000331446
  • 2000297022

Ne riporto giusto una decina ma l’elenco di ordini “al portatore” che sono stati utilizzati da UniCredit per gestire il credito nei nostri confronti è ben più ampio. Anche questo è indice di “presunta e non provata “consuetudine consolidata tra le parti””? Se questo è normale non oso immaginare cosa altro possa succedere li dentro.

Un altro passaggio che trovo quasi divertente è questo:

“La It Attitude S.r.l., inoltre, risulta sottoposta a procedura concorsuale (cfr doc. 29 parte attrice) e sussiste, pertanto, il concreto rischio che Unicredit Services S.c.p.a. non riesca a conseguire la restituzione degli importi versati in caso di concessione della provvisoria esecutività al decreto ingiuntivo opposto.”

In parte ha ragione, la mia azienda versa in pessime acque. Quello che però bisogna anche dire è che questa situazione deriva dal fatto di avere cominciato a lavorare con UniCredit. Mi sono trovato invischiato in una situazione che pur sembrandomi strana mi è stata fatta passare per normale. Io ho sbagliato e ho dato fiducia a UniCredit e a chi la rappresentava e ho cominciato a seguire le loro regole. Ho sbagliato perché non avevo valutato che le loro regole servono solo a tutelare loro.

Per adesso direi basta qui, magari farò una rubrica settimanale con un post ogni lunedì. La chiamerò “pillole di UniCredit”.

YI Action Cam case

After trying a couple of cases for my YI Action Cam I decided to try to print one for use with the GoPro chest mount.

With the classic one that you buy on Amazon, while recording mountain bike videos, I experienced two problems: a loud background rustle and a limit in the useful inclination.

Using the classic case, the sound problem I think is due to a rustling that occurs inside the case. Use this printed case leaves the microphone exposed instead.

Download: https://v1.tinkercad.com/things/hG18RYlPKZ6

In addition to the printed parts, the following screws and nuts are required for assembly:

  • 4x screw M3x30mm
  • 4x screw M3x15mm
  • 8x self-locking nut M3

The base compatible with GoPro support is not integrated in the case, this is to allow everyone to develop new supports for different uses.

Argilla

Argilla is my new project available on Github.

Argilla is a simple distributed bus for the integration between microservices. The adoption of Argilla allows the elimination of microservice endpoint configuration so that they can be managed more easily.

At present the project is functional even if it is not performing and unstable. Your help could be very useful to improve it 😉

The idea of this project starts from an internal need of my cyber security project developed in .NET Core on Linux. I needed to enable various services to communicate without having to manage a catalog and even worse a distributed configuration. I also had the need to have callbacks from calls that can last for hours.

Creating an Argilla enabled microservice is very simple, just add a reference, a few lines of code and your microservice are ready.

The architecture of Argilla is very simple, there is a Resolver server and its endpoint is configured in the various microservices. Argilla automatically publishes the catalog of services endpoint so that clients can consume the services without previously knowing their locations. If multiple services implement the same service, the client takes turns invoking the services to distribute the load. The client then takes care not to invoke the offline services and turn the requests to those available.

The good of the pandemic

Talking about “good” referring to a pandemic may be out of place but I am firmly convinced that there is good in everything.

I think the good thing about this pandemic lies in the demonstration that we are insignificant to the universe.

We are fragile beings whose existence hangs by a thread; faced with serious problems there are no weapons, supremacies or gods to help us. We have to help ourselves.

We must improve and be more efficient, more educated and progressive. Only progress can save us.

Conservatives can kiss my ass.

3D print face mask – part 2

Read part one.

My friend Mattia told me about this mask project and after try it I decided to tell you about my experience.

Project: https://amaskforall.com/home
Download: https://www.thingiverse.com/thing:4249825

I really like the project, especially the filter fixing mechanism, it is very robust and does not require you to touch the inside of the mask. The opening is very wide and the filter allows a good air flow. From this point of view it seems to me the best. Completed the print, the mask is very clean and does not require cleaning or further activities.

However, there are two (really) minor problem: it is the slowest to print and (at least on my face) it does not have an excellent seal. The first one is not a problem, the second one is easily solved with a little rubber positioned as a gasket.

3D print face mask

With the outbreak of the COVID-19 pandemic it has become very difficult to find masks here in Italy. I read that in some countries toilet rolls have disappeared from the shelves, in the bad luck I was lucky, 3D printing a mask is certainly easier than printing a roll of toilet paper and the result will not be painful!

Having no experience in the medical field, I decided first of all to study a little to understand how a mask works and which are the best materials to use, especially as regards the filter material. The masks that I produced and of which I write here are in PLA, there are better materials as we will see later, for these tests, however, this material has proved more than suitable.

What I report here is personal experience, a homemade experiment, do not entrust your health to these tests!

First of all I invite you to read some articles that have been useful to understand a little better what a mask is and how it works:

Before I started designing a mask from scratch I searched the Internet for some existing projects. I found several ready-made projects, some good, some a little less. Since I am not going to criticize the work of people who have worked to help us, in this article I report my experiences with the projects that I think are the best and that I can recommend.

The first project is that of Copper 3D. The project is done very well and the site illustrates the problems and many solutions well, there are many tips and that’s why I have listed it in the list above. I advise you to take a careful look at it. Copper 3D guys recommend printing this mask with PLACTIVE®️ and MDflex®️ and not with PLA for several good reasons. As said before I used the PLA but shortly I want to buy a roll of the recommended material and procede as recommended.
The project is very well done and once printed the template is immediately very robust. The printing phase required a bit of work, since with my Dremel I had to print the supports and this produce an object that needed to remove a lot of support material. Despite the cleaning post printing phase, a lot of material stille remain inside the mask.

I tried to print without support (knowing it would make a mess) but it didn’t work. The mask has two lateral supports for the elastic that are very wide but not printable with my Dremel without the print supports. I therefore decided to modify the project to change the supports for the elastic bands, making them compatible with my printer and allowing me to print without printing support. In addition to the supports I added a hole in the surface of the filter to improve the air flow.

Files (original): https://copper3d.com/stl/NanoHack_STL.zip
Files (modified for my needs): https://www.tinkercad.com/things/kKIGpXn7fLp

During my tests I created a post on my Facebook account to share my experience and at a certain point my big friend Milko told me about the project he was using. He sent me the project and I printed it. It is an excellent project, very simple and quick to print, does not require post-print cleaning and is also comfortable to wear. The only thing that would perhaps be useful is to add a gasket on the edge to improve the seal and make it even more comfortable.

Files: https://www.thingiverse.com/thing:4225667

After trying 6 models of masks and having found two valid ones, I decided to move on to the more complicated and delicate phase, the choice of material to build the filter. After studying the problem throughout Saturday, the choice fell on Miele HyClean bags for vacuum cleaners. I bought them on Amazon and they arrived the next day. There are 5 bags inside the package and with each one you should be able to make at least 30 filters. The only precaution to keep when cutting the filters is to leave at least 3-4 millimeters of access, so that you can position it comfortably within the space that both masks provide. The installation of the filter takes a few seconds and is very easy.

As I said before, I am not familiar with biological viruses (I’m much more skilled about computer viruses), however this experience has made me reflect on the fact that changing the filters requires a minimum of attention. The filter we remove from the mask is potentially contaminated, so it is necessary to remove it without touching it with bare hands and throw it in a safe place to avoid contaminating the environment. After disassembling the used filter, before assembling the new one, I think it may be wise to clean the mask. You can do it in different ways: the first (and in my opinion more comfortable) is to put it in the microwave oven (I tried for a minute and the mask has not been damaged), the second is using some disinfectant (alcohol or other). Since I am not familiar with disinfectants, I invite you to look elsewhere for the best solution. The only suggestion I can give is that if you decide to use alcohol, wash it well afterwards!

Once the mask is printed and the filter is mounted, the last step is to mount the elastic bands. At the beginning I wanted to use the classic flat elastic used for bra, unfortunately on Amazon I did not find anything with fast delivery (it would arrive in 2-3 weeks, at least). So I decided to use something I had at home. After a few minutes of research, a two-centimeter-tall elastic appear so I finished the masks.

Once you put on the mask with the filter you immediately notice the difference in ease that you try to inhale. In fact, at the beginning the situation was annoying and it reminded me of the first time I did a scuba dive. You have to give yourself five minutes to get used to it. After a while you get used to it. In these days I have tried the two models on the rare occasions when I left the house to take the dogs for a walk or to do the shopping. The tests lasted 1-2 hours, in this period I have always kept the masks and I have not encountered any problems (apart from talking on the phone).

I hope this report of my experience will be useful to you. It served me to learn something new and also to distract me a little in this quarantine period.

For advice, suggestions or anything else you can write to me using the references on the side.

Update – 11/04/2020

To make the mask more comfortable or inserted in a sponge seal, this in addition to improving comfort also improves the seal.

Torch holder with GoPro buckle

Below I tell you how I solved the problem of riding a bike in the dark 🙂

I bought this flashlight on Amazon and tried it on my mountain bike handlebar.
https://www.amazon.it/gp/product/B07LF77P4J/ref=ppx_yo_dt_b_asin_title_o01_s00?ie=UTF8&psc=1

The light was immediately very good, but the assembly on the handlebars didn’t satisfy me, turning my head and not seeing anything, especially doing off-road, is not pleasant. I therefore decided to mount the headlight on my helmet.

Starting from a project I found on the Internet, I created a support that allows the torch to be mounted on the helmet, using a GoPro support.
https://www.tinkercad.com/embed/atAv7hNYU71

This is the result, printed with a Dremel Idea Builder 3D20 printer.

For convenience I decided to move the electric cable passage. Instead of getting it out to the side I pushed it through the bottom, under the switch. To do this, simply open the torch by unscrewing the front ring nut, remove the electronics, unsolder the connections and remove the cable. At this point I punctured the back of the case with a 5mm bit, had the cable run over again and soldered the connections to the board again. The case has two holes laterally, one threaded for the support screw and one from which the cable passes.

Using the largest hole I inserted a self-locking nut and with a M3 screw passed through the printed support, I fixed everything. I suggest to put a thin soft layer between the torch and the support, I used a double-sided tape. For greater security I used a tireup to lock the torch using the appropriate slot.

The cable is long enough to allow me to keep the battery in my backpack while run. If you decide to keep the battery somewhere else, you will need to extend it or use an extension cord.

The support fits easily into any cylindrical torch, but you are free to download the project and modify it as you like 🙂
I hope this post will help you and help you ride your bike safely, even in the dark!

Social network all’italiana

Come tutti sappiamo la politica italiana ha sempre considerato l’informatica un dettaglio, per non dire un fastidio. Lo Stato non ci ha mai investito, se non a livello di rete dove più che investimenti abbiamo visto sprechi e regali. I privati (che in buona parte succhiano soldi allo Stato) non hanno fatto molto meglio.

Nella patria del body rental non ha senso sperare che qualcuno parli di IT in modo ragionevole, da questo assunto la minchiata del giorno è “chiediamo i documenti a chi si registra ai social network”.

Invece di preoccuparsi che:

  • I sistemi operativi (Microsoft, Apple, Google)
  • I social network (Facebook, Twitter, Instragram)
  • Le piattaforme email (Gmail, Outlook, Yahoo, AOL)
  • Il Cloud (Amazon, Google, Microsoft, Apple)
  • L’e-commerce (Amazon)

Tutto questo sia “made di USA”… di cosa si preoccupa la politica italiana? Di chiedere i documenti a chi si registra ad un “social network”!

C’è poi da capire cosa si intenda con social network? Io che ho un merdoso blog che consente i commenti, dovrei chiedere i documenti?

Facebook (e tutti gli altri soggetti interessati) dovrebbero integrarsi con tutte le anagrafi del pianeta? Oppure questo obbligo varrebbe solo per chi si connette da un IP di un provider italiano? In questo caso, uno che usa TOR o qualsiasi altra VPN è esentato? E uno straniero che vive in Italia come dovrebbe fare? Lo Stato Italiano garantirebbe un documento Francese o Brasiliano?

A me pare che sia una cazzata, utile giusto a occupare spazio sui giornale per non parlare di cose serie.