Dendory Capital - Blog

  Do you live near an active water way? Have you ever wondered what kind of ships are off in the distance? You could find out using a standard called AIS, or Automatic Identification System. It's a worldwide radio system used by larger ships to broadcast their name, position, speed and more. These messages can be decoded using simple Python code and is a cool weekend project if you have some extra CPU resources. To do this project, you will need a Software Defined Radio or SDR. The easiest way to get this is to buy a cheap RTL-SDR device on Amazon and plug it into a Raspberry Pi. Once you have those two pieces of hardware, simply connect the SDR into one of the USB ports and place the included antenna near a window with a good view of the harbor. The first step to actual capture these packets is to download a package called RTL_AIS. You can follow these steps: apt-get install rtl-sdr apt-get install librtlsdr-dev git clone https://github.com/dgiardini/rtl-ais cd rtl-ais make Once y

Modern databases are ubiquitous, they're used everywhere by applications and scripts, many of which you may have to interact with if you're working in the IT world. Creating a new database and table, then storing data that you can then retrieve later on, seems like a fairly straightforward process. But databases have a lot of settings, and there's a reason corporations hire well trained DBAs to maintain these databases. There are pitfalls you may need to watch for, one of the more common ones being character encoding issues. If you use MySQL or MariaDB as a database, and if you ever ran into the following error, then this may be the post you've been waiting for: Incorrect string value: '\xF0\x9F\x98\xF0' for column 'title' at row 1 What this basically says is that the data you're trying to store in the database doesn't fit with the encoding available. The data may be some type of binary, or maybe just text in another language that requires more l

It's no secret that developers use code snippets a lot. Whether it's from StackOverflow, GitHub snippets, or random Google searches, whenever a junior developer is asked to do something they don't know how to do, they tend to browse the web and find an existing piece of code they can copy and paste into their text editor. We all do it. After all, most things have been solved with code already, so why should you spend an hour trying to find out how to connect to a Snowflake endpoint using Python and listing all databases, when it's something that thousands of coders have done before? The issue with code snippets however, is that they tend to be very bad from a security standpoint. They tend to focus on the problem at hand, and give you the simplest way to solve it, without thoughts about context. If you don't understand what the code does, you won't know the potential security issues with that code, and that's one of the biggest way the Internet ends up fille

Anyone who works in IT knows the struggles of their department being considered a "cost center" by most businesses. Maintaining servers, desktops, software upgrades, web sites and making sure the digital parts of the operation keep turning smoothly is not a glorious job, and usually not something anyone notices outside of the department. At least, not until something breaks, then people realize how important IT is in making sure business can still be done. But again, as soon as things go back to normal, management typically stops thinking about the tech and they go back to worrying about sales, finances and production. Seeing that this is a fact of life, trying to get a budget assigned for large projects can be a challenge. This challenge is a big part of why a lot of companies lag behind the industry standard when it comes to best practices, using the latest technologies or anything that involves spending a lot of money to get something that has no direct, immediate impact o

OSINT, or Open-Source Intelligence , is the collection and analysis of data available from open sources, typically done by regular people like you and me. This means it's mostly non-state actors being thrust into an intelligence role, bonafide Internet detectives, solely thanks to the massive amount of data available online through things like social media, blogs, video sharing sites, corporate offerings, and other ways. It's not a new discipline, in fact it's something that has been done for many years and has accomplished a lot of good throughout the world, from finding kidnapped victims to conducting cybersecurity exercises . But the domain of OSINT goes much further, and sometimes people can get carried away, such as the time an online group used open source data to figure out who the Boston bombing suspect was, only to point the finger at several innocent people . Yet regardless of the past successes and failures of OSINT, this year has seen the discipline expand to a

We're in September, and this month is known as the preparedness month. In fact, the U.S. Government designed it as such at the national level to underscore the importance of being prepared. From the website itself: National Preparedness Month is an observance each September to raise awareness about the importance of preparing for disasters and emergencies that could happen at any time. This may seem to apply more to things like forest fires, economic collapses or war, and if you're an IT professional you may not see the link between the things you do and this definition, but in a world that's increasingly dependent on complex technologies, going over your IT preparedness is an incredibly important exercise. In this post, I'll go over a couple of items you may want to think about and give you some tips that will hopefully help you to improve your organization's posture when it comes to disaster preparedness. There are a number of potential issues that can impact you