-
Two new podcasts
Just wanted to announce two new podcasts I’ve started listening to, and maybe they would be of interest to people interested in security: The IT Security Pubcast – a South African podcast with security professionals who have real, hands-on experience with the physical aspects of security. Being a more electronic-only guy, this is a very…
-
A quick personal todo
Check out the Sony PS-LX300USB turntable. I’ve known about the one ThinkGeek offers, but this review sounds very good. Also, Amazon seems to offer some nice accessories for music archiving (like the record cleaner brushes / solutions).
-
On the topic of contests…
The latest packetlife challenge is over and here is the solution. Very cool. And here is a challenge I almost forgot about (since this too is very network oriented and I currently don’t have the time to dig up all the information needed): NMAP Trivia: Mastering Network Mapping and Scanning. If you want to take…
-
Two more involved contests
The first is the First Annual SIGMOD Programming Contest (via nconway’s blog). You need to create data structures to index a generated data stream (in fact streams, because multiple streams are presented to you in parallel) and perform operations on them (insert, update, query). The second one is the Cisco Developer Contest (link from Ubergeek.ro).…
-
grcsucks.com revival – #1
After starting a one-man movement 🙂 to clarify the muddy waters created by Steve Gibson, I was relieved to find that I’m not alone in my opinion. The central site gathering all the information was grcsucks.com, the domain registration of which expired somewhere around June 2007, and since than you can only find a domain…
-
Hack the Gibson #168
Read the reason for these posts. Read Steve Gibson’s response. Steve Gibson gets the description of the attack wrong (backwards): It’s possible to have something hiding below the surface, literally on, like, a layered page, where the user clicks on what they see, but what they’re actually clicking on is content on the page behind.…
-
How permissive is the Windows autorun.inf parsing?
While reading the F-Secure blogpost titled When is AUTORUN.INF really an AUTORUN.INF?, I was reminded of this masking technique – putting extra data between the relevant lines. But how tolerant is the autorun.inf parser (which I suppose in fact is the INI file parser) really? The example showed by F-Secure is quite mild, in the…
-
Using a single file to serve up multiple web resources
While trying to set up my GHDB mirror, my first thought was to use googlepages. I quickly found the bulk upload to googlepages how to by X de Xavier, which is a very cool tool (and also an interesting way to hack your “chrome”), but unfortunately I found that Google Pages has a limit of…
-
Microsoft – fail!
I’m not talking about the fact that they restarted my computer overnight – again! – because of a “critical” update (as far as I can tell the “critical” update was Windows Media Player 11 – WTF?) or about the fact that some of their utilities give you useless error messages (like “X has occured –…