-
Mixed links
We start off with a rebuttal from VMWare to a video posted by Microsoft comparing Hyper-V and VMWare ESX. While I’m no fan of any big company, such misleading marketing attempts should be considered unethical and maybe even illegal, since it contains mischaracterizations of some features like the page sharing between VMs. While in this…
-
Social engineering for malware – a bright future
Some time ago I wrote a post in which I pondered the deficiencies of the “executable file” definition and the implications for whitelisting products. The problem is that “data” files can also result in actions being taken (and we don’t even need arbitrary code execution type of vulnerabilities for that). The particular example given the…
-
Interesting method for website blocking
Quick note: I was listening to the latest episode of Watchguard’s Radio Free Security podcast (no relation with them, other than a listener to the podcast) and they discussed an interesting technique for filtering websites (I’m no fan of traffic filtering, but the technique seemed interesting): Usually SSL requests are either blocked by the target…
-
Interesting videos
It seems that the Internet is helping more and more to find the equilibrium point between the needs of “big media” and “independent media”. In this post I would like to mention two sources of useful / interesting videos: The first would be the videos from the TED (Technology, Entertainment, Design) conference (credit goes to…
-
Weird Sybase JDBC driver issue (jConnect)
I post this so that the search engines can pick up on it and maybe it can help somebody out. I had the following issue with the Sybase JDBC driver (jConnect): I was calling a stored procedure and it was throwing an error. However these errors weren’t propagated to the Java code in form of…
-
Be an (imaginary) hero
I got the link from splitbrain.org, however I was hesitant to post the image, since the site didn’t display any information about the conditions of using it: Make your own at www.cpbherofactory.com However I finally got a response from the cpbgroup (the creators of the Hero Factory), in which they state that I can use…
-
User input, by any other name
A friend of mine posed me an interesting question: how is it possible that a CMS software, which displayed the IP addresses for comments made anonymously (instead of the username) showed a private IP (like 172.16.63.15)? Before I get to the actual explanation, here are some specific clarifications which should be made: IP addresses are…
-
Hackish method to include custom content into CruiseControl
Disclaimer: I’m a CruiseControl newbie, so there might well be a much better / simpler / cleaner method to achieve this. However this is the way I managed to get it working. Write your (Perl) script and make it output something like this: <testsuite tests="0" name="summary" failures="0"><system-out> foo bar </system-out></testsuite> Make your script run during…
-
Blogs I’m reading
I decided to add a blogroll to my sidebar, however a complete list would have been waaaay to long. Also, I didn’t like the idea of exporting the OPML from Google Reader and massaging it into an HTML format, because it would have meant an other thing which needed periodic updates. The solution was to…
-
Mixed links
Via certifiedbug.com: Spybot Search & Destroy competitors are trying to force its removal – what this article doesn’t talk about is that Spybot S&D is basically a hobbyist tool with very low efficiency. It made a name for itself back in the days, when the malware problem was much smaller, but these days all respectable…