By Richard Audette, richard@hotelexistence.ca

Introduction

Web skimming is a form of internet or carding fraud whereby a payment page on a website is compromised when malware is injected onto the page via compromising a third-party script service in order to steal payment information.
from: https://en.wikipedia.org/wiki/Web_skimming

In a web skimming attack, a malicious actor injects Javascript into a target website through some vulnerability. The Javascript is typically activated on the websites’ checkout page, and is run in the user’s browser. The Javascript collects (“skims”) the information entered by the end user, and sends this information from the browser to server controlled by the malicious actor. From the user’s and the website operator’s perspective, the intended transaction is completed successfully. The malicious actor has obtained the user’s information before it is stored on the website operator’s servers. It requires a different form of detection.

When I initially built out this blog, I:

• wanted a content management tool. I didn’t want to be writing pages in HTML
• wanted to host it myself. Geocities came and went. I wanted ownership of my hosting.
• wanted a VM on the Internet anyway. I wanted something always up, that I could host services on. I had hosted PCs on the Internet at home, but with cloud services, I just didn’t need this anymore
• wanted very low costs
• needed to support extremely low readership.

So, I built out a tiny VM on AWS I can deploy services on, and it costs next to nothing.

In September, I went out apple picking with the kids, and decided to pick up some cider, to try to ferment it, something I’ve been wanting to do for a while. I don’t usually drink hard cider, but I’ve been wanting to try making it ever since reading about the process in Make Magazine years ago.

I ended up following guidance from these sites:
https://www.midwestsupplies.com/blogs/specialty/instructions-on-how-to-make-hard-cider
https://howtomakehardcider.com/

I love my bike - it is a workhorse I can park anywhere, a mid-1990s hybrid. After years of limited maintenance, in the past year, I’ve had to replace a tire, cassette, all the cables, pads, grips, and shifters. I’ve also just upgraded my headlight and taillight - the improvements that have been made in bicycle lighting over the last 15 years have been incredible.

I’m using my bike more this year - my downtown office recently moved to a building with badge access indoor bicycle parking and showers, with towel service, for cyclists - what a cool perk. So, I’ve been biking to work for the first time since I started at this company in 2006, 17 km down Yonge St in Toronto, about twice a week since June.

Throughout University, we had these Engineering Design courses, where we would go through a defined process to design something.

In my second year, my team submitted “A System for Maintaining Driver Alertness ”.

I’m not sure where we got the idea, and the solution we proposed was gimmicky, even at the time, but the exercise was more about design process - my team did fine. Imagine my surprise, when I was browsing for something else recently on AliExpress (and on Amazon), that some company builds and sells a device similar to our proposed design.

Six years ago, I built a wifi-controlled pop bottle sailboat. Smartphone control wasn’t great, so I turned my decommissioned weather station into a remote control.

My re-used weather station project board is a homemade Arduino board, with an APC220 transceiver radio. I added two rotary potentiometers for rudder and sail control. I removed the Raspberry Pi in the boat, and connected another APC220 transceiver to the Arduino Uno that controlled the sail and rudder servos.