-
Myth-Busting AJAX (In)security
Via Ajaxian: Myth-Busting AJAX (In)security
-
On user interfaces
You encounter things that you can call user interfaces in many parts of the day to day life. In this post I’ll talk about the interfaces of Romanian ATM machines. If you are not from here, feel free to skip this post as it probably won’t be of interest to you. A little background for…
-
What you don’t need javascript for
With all this Web 2.0 craze people start assuming that we all have javascript. I have a message for those people: you can have forms without javascript. I know that all those fading and stuff is cool, but if you use the standards more people can use it. Example (I don’t mean to pick on…
-
Hack the Gibson – Episode #68
Read the reason for these posts. Read Steve Gibson’s response. Again, this episode was mostly technically correct (as far as I observed), there are only a couple of things I would like to comment on: ReadyBoost has nothing to do with booting. Is simply uses the flash drive (while running) to store the page file,…
-
20 ways to Secure your Apache Configuration
A nice writeup about securing your Apache installation: 20 ways to Secure your Apache Configuration
-
HIPSs are no fun
As you all probably know by now I don’t have a too high opinion of HIPSs. Here are two more links to prove my point: Ad-Watch Setting Can Kill .LNK and .EXE File Extensions – Could your grandma make this changes? How computer literate must you be to (a) find this solution and (b) apply…
-
A new ethical hacker challenge
The final date for the two contests has passed. There is no word yet who won them (it it’s yours truly, you can be sure that I’ll brag about it here 🙂 ). However there are two other contests you might enjoy: A Christmas (Hacking) Story End Of The Year Grand Prize Giveaway 2006 Have…
-
How to publish a good looking code on Blogger? – take 2
Update – there seem to be some issues with iframe-s and google reader (in the sense that its not displaying them 🙁 ). I’ll investigate the issue further shortly and hopefully can post a solution. Hello all! First of all I would like to apologize to all of you who in the last couple days…
-
What is HIPS and what isn’t?
I support Microsoft’s attempt to introduce kernel patch protection whole heartedly and I don’t have a too high opinion about HIPSs either, but this interview can only be characterized as: Microsoft trying to say: look, HIPS products can work with KPP Sophos saying: we have HIPS too To make it even clearer: running an executable…
-
The hidden capabilities of windows firewall
Windows, beginning with XP SP2 contains a decent firewall. It doesn’t have leak prevention or outbound connection filtering. However it does have: inbound connection filtering, ICMP filtering, a default deny policy, GUI and command line interface, configuration using group policy and something I discovered only recently: limiting a certain rule with multiple IP / netmasks…