-
Mobile malware – hype or not?
I’m not entirely dead yet, just very busy 🙂 Anyway, I came across this blog posting (Mobile Virus FUD) which in turns references this article about Kaspersky Labs (not the one at heise security as I stated – erroneously – before). Before we continue, a disclaimer: the views and opinions expressed here are my own…
-
TT – Treacherous Technology
So, after a failed upgrade to Ubuntu 7.04 Feisty Fawn I was left with no choice but to boot into my Windows 2003 partition. (To Ubuntu’s defense: 7.04 is clearly marked as beta software and I was doing the update on my own risk). Just to be clear: this Windows 2003 SBS is a 100%…
-
A new contest
I know that it’s a little bit late, but hopefully some of you may still find it useful: The nCircle VERT challenge #1
-
Month of PHP Bugs (MOPB) update
As the days pass by, new vulnerabilities are disclosed on the Month of PHP bugs. An important (and very useful) change is that markings have been added to the main page which show the vulnerabilities that are not addressed in the latest (5.2.1) release and the ones which are not directly related to PHP (for…
-
A long required update
Hello all. Again I find myself swamped with work, so I’m a little MiA. I still will try to keep up the blogging and bring you (hopefully) useful information. So here are some links and my opinions about them: The McAfee lab guys think they’re smart. And most probably they are. However the above mentioned…
-
Security Update – MOPB, DMA, etc
First just a fun little post on Slashdot which debates what /etc stands for Now for the security related stuff: The Month of PHP Bugs continues with two new vulnerabilities. Fortunately these bugs were disclosed to the PHP team beforehand, so updating to the latest version solves them. Also, one of them is in the…
-
The progress of MOPB
The Month of PHP bugs is progressing nicely and the counter is up to nine (at this rate – supposing that we have a linear progression – we will have almost 70 vulnerabilities!). The new ones repeat the same patterns as the previous ones: they can be mitigated in environments where a single user controls…
-
What the market will bear
Very frequently I see the idea that capitalism (or market economy) will somehow ensure that the end-users get the best possible products with the lowest prices. Yet many times common wisdom contradicts this. How is it possible? (Disclaimer: I’m no economist, these are just some personal ideas and observations). Personally I think that there are…
-
Month of PHP bugs started
The Month of PHP bugs started off today with not one, but three bugs. Two of them can be protected against by using Suhosin (you might accuse the guy of some grey area marketing – but you can’t since his product is both free and open source) and the third by upgrading to PHP5 (because…
-
PHP security, an oxymoron?
I’m in the finishing phase in the development of a medium sized web application and would like to share some of my findings. The system is developed in PHP for two reasons: The LAMP platform is a well accepted one and finding hosting companies supplying it or convincing the IT administrator to deploy it internally…