Hello, welcome to the Friday, January 21st, 2022 edition of the Sandsenet Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Good old FTP, the file transfer protocol, is, in my opinion, luckily, on its way out. And, well, browsers stopped supporting it.

With that, of course, there are not a lot of legitimate users

typically left for a user to use FTP.

So Xavier came across a Python script

that actually uses FTP to download Redline Steeler.

It does inject Redline Steeler into its own process, which is sort of interesting, but just

a good lesson here that you probably should watch out for FTP connections.

They are often these days malicious.

If they're not malicious, you probably should find a way to switch to a different

protocol. SEP sort of comes to mind maybe HTPs in order to avoid the problems that come with

the clear text FTP protocol. And German IT website, Heise, has an interesting article about how Google's camera implemented

in Android, does misread QR codes.

Now, this is interesting because, well, QR codes were specifically designed to be read

automatically and have some error correction built in to actually be readable,

even if the QR code isn't displayed very well, but I guess that wasn't good enough for Google,

so Google sent its machine learning algorithms after the URLs that are being extracted,

and apparently certain URLs are misread as a result.

In particular, Google does appear to insert random dots.

For example, if the top-level domain is a country-level domain, but the domain name includes like the string com or

a CEO, it may add a dot com dot and then the respective country level domain because I guess it feels

...