Bobby's Headspace

Bellingcat Open Source Challenge: Back In Time - Walkthrough

smiles@bobbysmiles.xyz (Bobby Smiles) — Fri, 09 May 2025 22:23:16 +0530

Bellingcat - Back In Time walkthroughs

Bellingcat recently released their Back In Time series of challenges authored by Sofia Santos. I had a lot of fun solving these and I hope you did too. Here’s a walkthrough of how I tackled each of these challenges.

Hope you learn through these walkthroughs as much as I did solving these challenges.

Fresh Faced: Finding the Founder

Problem Image

So the question tells us that the founder of Bellingcat, Eliot Higgins, was featured on many news outlets for his groundbreaking discoveries in the year 2013. We need to find the YouTube video from which the newspaper clipping was taken.

The first and most obvious lead we have is the caption in the image. Let’s put this into Google Translate to see what language it is.

Google translate for the caption in the image

We can see that the language was detected as Croatian. Now from here, I didn’t find any leads, so I looked into the Wikipedia page on Eliot Higgins. Reading this page, we can see that Wikipedia mentions some non-English sources. Let’s check this page out and see what’s in it

Non-English sources listed in brown-moses

Over here, we can see a Croatian news article, which aligns with our earlier finding of the language on the news clipping. The site didn’t contain any sort of link to a YouTube video, just the same picture as we were given in the question.

So the next thing I did was to check the journalist who interviewed Eliot Higgins. His name was Tomislav Krasnec. So I just searched Tomislav Krasnec Eliot Higgins in the Google videos section and got the interview.

The answer is simply the video code.

Search result for Tomislav Krasnec's interview with Higgins

Training Time: There’s a lot to learn.

Problem Image

So we’re asked to do some cool indoor geolocation on this image. We have to find the room in which this picture was taken. Another hint is that the image is credited to ARIJ network. We are also told that this workshop was conducted in 2017 so that’s gonna be a cool lead as well.

So just googling, Christiaan Triebert Workshop 2017 yielded this post on X.

Searching for Christiaan Higgins workshop in 2017

This didn’t give much information. So instead I tried using Google Dorks to find the workshop.

By Google dorking this intext:"December" intext:"2017" intext:"Christiaan Triebert" intext:"workshop" I found that the event was ARIJ 10th Annual Forum and in their website we had an address of Mövenpick Resort & Spa Dead Sea | Dead Sea Road, 11180

https://arij10thannualforum2017.sched.com/list/simple

So from finding this I looked at the rooms available in the hotel in this part of their website. Through that I found the answer to be The Grand Ball room.

Creating Community: A new place to connect.

Problem Image

Ok, so here we will have to do a little bit of scripting, nothing too complicated, just some copying and pasting.

By just using this Google dork intext:'We finally got around to creating a bellingcat Discord server" we can find the post on X. get this time: 7:42 PM · May 12, 2020. Note that this time will be displayed differently based on what timezone you fall under.

Twitter post containing the bellingcat server announcement

So once I found the post, I joined the Discord and used this method to get the age of the server.

So, this method has the following steps:

Enable developer mode on your Discord.
Open Discord in your browser and open the Inspector tab on your browser.
Paste the following code snippet in your browser.

new Date("709752884257882135"/4194304) + 1420070400000

Result of the js code

This gives us this timestamp: Tue May 13 1975 18:34:34 GMT+0530 (India Standard Time)1420070400000 Now, this will be different according to your timezone, but on doing the math we get the time to be 68.

Future Plans: A timely document.

So we’re told that Bellingcat published a document nearly 2 years after they registered.

So I found the pdf by using this Google Dork: intext:"bellingcat" intext:"future plans". Since bellingcat was registered in 2018, it tracks that this result was the right one.

Now there is no author explicitly listed in the pdf, neither do I wanna read the whole pdf. So, I decided to take a look at the pdf metadata, which revealed that the author was Aric Toler.

Great, so we have one part of the challenge solved. Now let’s see if we can get all the articles he published around 2019-2020.

So on searching bellingcat.com aric toler I found this link. I scoured every article until I got this one. The last word of this article is the answer.

Toolkit Tracing: Tool tips new and old.

This was the easiest question of this release. We are asked to find a missing document in an older edition of the Bellingcat Online Investigations toolkit released in the year 2020.

I used this Google dork to search it up: intext:"Guides & Handbooks" intext:"2020" intext:"Bellingcat"

Result of the Google dork

You can find the actual document mentioned in the question here.

In this document, in the Guides & Handbooks section, you can find this document. As it turns out, it is inaccessible. So the obvious first step was to simply check for a snapshot of this document in the WayBack Machine.

Result of the wayback machine search

Once I got to the wayback machine, I simply entered the URL and voila! there it was. So we’ll simply navigate to page 39 of the document and get the first hazard listed.

Hope you found this as useful as I did.

Have a nice day! :)

The Rising use of AI in Cybersecurity

smiles@bobbysmiles.xyz (Bobby Smiles) — Thu, 08 May 2025 16:31:48 +0530

AI in Cybersecurity

Ever since the ChatGPT was released on the 30th of November 2022, it was inevitable that AI would become a crucial part of our lives. Nowadays (even though its been only 3 years since it came out), we see AI used everywhere. We write code with AI, generate images and videos with AI, summarize our meetings with AI, and with the recent introduction of tools like Ghidra MCP, we are seeing its increased use in Cybersecurity. But is this entirely as evil as the recent situation on HackerOne makes it out to be? I wouldn’t be too quick to judge.

The HackerOne Bug Report

Before I continue, I recommend checking out the actual bug report here. To quickly summarize, there is a critical bug in HTTP/3 capabilities of curl, which can be leveraged to corrupt the memory, hence leading to Remote Code Execution, or RCE in short.

In the initial stages of reading this report, all seems normal and it seems like a standard report for a high severity bug. But reading further, it begins to seem more and more suspicious (to say the least). Firstly the curl staff member mentions that the patch is not applicable here and asks a question, to which the reply looks SUSPICIOUSLY like it’s AI generated markdown. The user provides the steps to APPLY a patch, without actually providing the patch in question.

Some more discourse later, one of the other curl staff members drops a banger about this part of the report:

Analysis shows:
- Return address overwritten
- Stack recursion at ngtcp2_http3_handle_priority_frame

Staff comments:

There is no function named like this in current ngtcp2 or nghttp3.
Please clarify what you talk about. Which versions of ngtcp2 and nghttp3
did you find the problem in?

The function he was talking about, ngtcp2_http3_handle_priority_frame does not exist. This, reveals the fundamental problem with relying completely on AI to do the heavy lifting on a high-skill job.

So What’s the Issue?

AI generated reports are nothing new. There have been many reports, made using AI over the years and so far, according to the founder of the curl project, Daniel Stenberg, no valid bugs have been reported by these so-called AI generated slop reports (read his full linkedin post here). It is not uncommon to run into situations where the AI hallucinates things that do not exist in order to fulfill the task given to it by a user.

Generic AI concept art I randomly found online

This is a worrying trend as in the recent years, the number of these reports have only been increasing. The problem is that the people behind triaging and validating a submission are human, and, it takes time. Triaging a submission is no simple task and people put a lot of time into this. Simply spamming AI-generated reports on these platforms only makes this job harder, as:

The report cannot be ignored in the off-chance that it reports an actual exploit.
Producing these kinds of reports takes very little time and the staff will not be able to keep up with the speed of incoming reports, resulting in lesser security.

The curl founder called it a DDoS Attack against curl due to this. And, he’s not wrong.

What Causes this Issue?

I think the major problem with all this, is rooted in the fact that many people, beginners and professionals alike, have begun to SUBSTITUTE their workflow with AI, as opposed to AUGMENTING their workflow with AI.

AI is not 100% accurate, it never has been nor will it ever be, as it stands. AI is trained to give answers that SEEM correct. Obviously, this is not intentional, rather it is a consequence of how the current methods of training these AI models work. At the end of the day, the AI is only doing it’s job. It is us, as humans, whose job it is to validate this before making a submission.

But is AI completely Evil?

No, absolutely not. I am not going to pretend that I never use AI for my tasks. I do, and I think the benefits to having something like an LLM enhancing your workflow shouldn’t be slept on. However, the key distinction is that AI ENHANCES my workflow, it is not my ENTIRE workflow. What I mean is that say, for example, in a project, I won’t be vibe coding that whole project using some random LLM, I would rather be using it to write boilerplate code, find resources online, or as a last resort, suggest fixes to bugs in the code.

And I feel that a similar approach must be adopted by the wider community at large. I am not saying my approach to this is perfect, not at all, but rather the knowledge of Enhancement vs Substitution must be more widespread.

The classic AI villain, AUTO from WALL-E

It is due to this same pitfall, that vibe coding (a term which I absolutely hate by the way), is gaining more and more traction, when in reality, you can simply learn to code, put in the hours, and write FAR better applications than an AI ever could. Even better, you could double that productivity, by then finally using AI to enhance your already existing workflow, making this endeavour all the more worth it.

Closing Thoughts

This situation on HackerOne clearly demonstrates the flawed mindset that many people have started to adopt with regards to the usage of AI and a shift in this mindset is necessary if the usage of AI in high-skill fields is to be a net-positive. However, not all of this is bad, and if anything, we should learn from the pitfalls clearly demonstrated by this incident and continue to improve in our respective disciplines.

Have a nice day! :)

The Recent Resurgence of Linux

smiles@bobbysmiles.xyz (Bobby Smiles) — Sat, 03 May 2025 17:33:45 +0530

The OS Disillusionment

A major sentiment among general audiences and tech enthusiasts alike is that popular operating systems like Windows are becoming more and more inaccessible as the days go by. Higher hardware requirements, lack of support for older OS versions and an overall decrease in quality are opening the masses to open source alternatives.

With the end of support for Windows 10 fast approaching, many older devices will be rendered seemingly useless, and upgradation to a more modern piece of hardware might not be an option. In such cases, open-source comes to the rescue.

Linux and its Benefits

Linux needs no introduction. Almost all low level hardware runs some form of linux. Servers, wifi routers, smartphones, all are powered by a Linux distribution.

Nintendo switch running Ubuntu

Linux comes with many more benefits as well, like being less prone to cyberattacks, being fast and performant, high customizability, and a HUGE and passionate community behind it.

So where am I going with all this?

The Recent Resurgence of Linux

Recently I have observed that many big Content Creators are making the switch to Linux AND encouraging their community to give it a shot. For example, PewDiePie (in this video) recently switched to Linux, detailing his reasons for doing so (please watch the video it’s excellent).

Even before this video came out, my YouTube feed was already dotted with tech content titled something like “I switched to Linux and I could never look at Windows the same again”, all of them detailing similar reasons for switching to Linux.

Customizability
Performance
Stability (ok this one’s a little debatable)
Control

A fully customized GNOME desktop

A Linux nerd myself, seeing regular people start to give Linux a shot sort of surprised me, considering that many times (coming from personal experience) I was told that Linux is too hard because it’s quite terminal centric and that’s intimidating for a guy who is not a “basement-dwelling” nerd. Little did they know about Linux Mint, Ubuntu or Fedora.

Personal Anecdote

Due to the video made by PewDiePie, one of my friends (completely not into tech, has an age-old computer used only for watching movies and TV shows) asked me about switching over to Linux and was surprisingly open even to try Arch Linux. Now, to preserve both their sanity and mine, I told them to switch to something like Linux Mint first, to get a feel for the OS and it’s workflow, and to ease into the new ecosystem, and they were surprisingly receptive.

As it stands, I am yet to hear back from them regarding how the switch went, but considering they seemed pretty satisfied with the computer last we spoke, I suspect it went quite well.

Don’t Fully Believe the Hype

Now, it might seem VERY appealing to immediately switch to Linux after all the newfound buzz regarding the topic, but I would still ask that one consider this decision carefully. Despite its caveats, almost all software in the world is supported by Windows and Microsoft still provides some of the best tools in the market.

The Ms Office suite, boasting some of the best software for tasks like spreadsheets, text editing and presentations, for example, is not natively supported on Linux. It has to be run through a compatibility layer like wine, which does provide support for SOME Windows applications, not to mention that wine in and of itself can be a little hard to setup.

GNOME Desktop environment configured in Garuda Linux

There is also the issue with stability of certain distributions of Linux like Arch Linux, which follows a rolling-release model. While you can always stay up-to-date with the latest updates and security patches, this can also cause instability in a system, affecting your workflow and productivity. In such cases, I would still recommend that you stick to Windows, or at least try a Linux distro on a VM or live boot before switching completely.

Closing Thoughts

Linux has always been, and continues to be, a viable operating system to switch to—provided you know what you’re getting into. It is not like Windows, nor is it meant to be. Both operating systems serve their purpose, and both do it well.

With Linux, you get speed, control, stability, and customizability. With Windows, you benefit from familiarity, broader software support, and ease of use.

Whether or not you choose to switch to Linux is entirely up to you—but make sure to do your homework before making a decision.

Have a nice day! :)