GearBest Database Was Left Unsecured For 2 Weeks

gearbest unsecured database

GearBest is one of the most popular Chinese online stores, and we often feature products sold by the company on the website. However, VPNMentor research team headed by Noam Rotem, a  hat hacker and activist, discovered a serious security breach in Gearbest, where their database was completely unsecured for a period of time. Specifically the research team was able to access the following databases in March 2019: Orders database with products purchased, shipping address and postcode, customer name, email address, phone number Payments and invoices database with order number, payment type, payment information, email address, name, IP address Members database with name, address, date of birth, phone number, (unencrypted) email address, IP address, national ID and passport information, (unencrypted) account password They discovered 1.5+ million records in total. They managed to login successfully to two accounts from the database breach for testing. Payment information included data related Boleta (used in Brazil) and Oxxo (used in Mexico) which would allow potential …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Xtream Codes IPTV Panel 2.4.2 Review – Part 4: Tutorial to Change the Main Server, Backup & Restore the Database

This is the fourth part of a review about Xtream Codes IPTV Panel, software to become your own content provider, and manage streams, clients, and resellers. The first three parts: Review of Xtream-Codes IPTV Panel Professional Edition – Part 1: Introduction, Initial Setup, Adding Streams… Xtream Codes IPTV Panel Review – Part 2: Movie Data Editing, Security, Resellers, Users and Pricing Management Xtream-Codes IPTV Panel Review – Part 3: Updates and New Features for Version 2.4.2 Main Server Change – Part 1: New Server Changing your Main Server could bring you troubles, if you do not know what you are doing. Many different reasons to change the Main server such as  crashes, new one. making a Load Balancer to be a Main Server… Remember, it’s all about the existing backup, and you’ll restore your backup later, after successfully changing the Main Server. That is not difficult and everybody can do it. But if you install your backup with your former …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

How to Write ESP8266 Firmware from Scratch (using ESP Bare Metal SDK and C Language)

CNXSoft: This is a guest post by Alexander Alashkin, software engineer in Cesanta, working on Mongoose Embedded Web Server. Espressif’s ESP8266 had quite an evolution. Some may even call it controversial. It all started with ESP8266 being a WiFi module with a basic UART interface. But later it became clear that it’s powerful enough for embedded system. It’s essentially a module that can be used for running full-fledged applications. Espressif realized this as well and released an SDK. As first versions go, it was full of bugs but since has become significantly better. Another SDK was released which offered FreeRTOS ported to ESP. Here, I want to talk about the non-OS version. Of course, there are third-party firmwares which offer support for script language to simplify development (just Google for these), but ESP8266 is still a microchip (emphasis on MICRO) and using script language might be overkill. So what we are going to come back to is the ESP SDK …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

OpenCL Accelerated SQL Database with ARM Mali GPU Compute Capabilities

We’ve previously seen GPU compute on ARM could improve performance for mobile, automotive and consumer electronics application. GPU compute offload CPU task that can be parallelized to the GPU using APIs such as OpenCL or RenderScript. Most applications that can leverage GPU compute are related to media processing (video decoding, picture processing, audio decoding, image reconigion, etc…), but one thing I did not suspect could be improve is database access. That’s what Tom Gall, Linaro, has achieved in a side project by using OpenCL to accelerate SQLite database operations by around 4 times for a given benchmark. The hardware used was a Samsung Chromebook with an Exynos 5250 SoC featurig a dual core Cortex A15 processor and an ARM Mali T604 GPU. CPU compute is only possible on ARM Mali T6xx and greater, and won’t work on Mali 400 / 450 GPUs. Other GPU vendors such as Vivante and Imagination technologies also support GPU compute in their latest processors. As …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Delete Old Revisions to Reduce Time to First Byte for WordPress Blogs

I’ve already implemented several steps to improve this blog performance: Install W3 Total Cache plugin. Register to CloudFlare CDN to reduce the load on the server. Those two work pretty well, but there was still a problem with the Time to First Byte according to http://www.webpagetest.org. It got an F mark for First Byte Time. Sometimes I would get TTFB (Time To First Byte) of 20 seconds and more. TTFB is synonym of slow back-end processing either because of poorly optimized software or insufficient hardware specs or both. Part of the problem is probably due to my hosting provider (I use a shared hosting) and I sometimes get very high server load in CPanel (e.g. 50 (4 cpus)) whether my blog is running or not. But I found a blog post explaining how to try to reduce the TTFB for WordPress blog by installing Better Delete Revision plugin in order to reduce the size of the WordPress database. So I’ve …

Support CNX Software – Donate via PayPal or become a Patron on Patreon

Databases for Linux Embedded Systems: Berkeley DB and SQLite

Embedded systems often need to use database to store contact information, EPG data and more. Many Linux systems use MySQL, however such a large database management system may not always be appropriate for embedded systems. Hence, there are lightweight database management systems  implementation that are especially suited to embedded systems by their binary footprint, memory footprint and CPU requirements. If you want to develop in C in Linux and your requirement is to have no (or little) license to pay in your application, you could consider Oracle Berkeley DB or SQLite among others. Oracle Berkeley DB (previously Sleepycat Berkeley DB)  is described as follows: Berkeley DB enables the development of custom data management solutions, without the overhead traditionally associated with such custom projects. Berkeley DB provides a collection of well-proven building-block technologies that can be configured to address any application need from the hand-held device to the datacenter, from a local storage solution to a world-wide distributed one, from kilobytes …

Support CNX Software – Donate via PayPal or become a Patron on Patreon