-
WPA2 is still hard
Some time ago I found out that you have to install some not-so-well-documented updates (which are not delivered automatically by Windows Update) to use WPA2 to encrypt the traffic of your wireless network (and it is advised to use WPA2, since all the prior standards have known weaknesses). However I was unpleasantly surprised that support…
-
Walking with objects
Some time ago I’ve read David Wheeler’s blogpost about using the OBJECT tag to embed HTML in your HTML :-). One of the things which peaked my interest was the question: what are the security implications of using this method? Specifically I was interested if the same cross-domain / same-policy rules applied to interaction between…
-
Pi day and other ramblings
The USA congress decided that March the 14th is national Pi day (from chuckchat.com). While I’m not a USA citizen and live nowhere near it, I still thought that the idea is cute. Math can be fun (even though the education systems gives the opposite impression frequently). A fun fact which I was amazed by…
-
A few words about hackersblog
If you read security news, you most probably have already heard about hackersblog.org. It is blog created by a couple of my compatriots who feel that just talking about vulnerabilities in web websites is not enough and they must attract attention by actively exploiting the flaws and the posting their “trophies” Zone-H style. As you…
-
Detecting malicious hosts with p0f
Lately I’ve posting a little malicious hosts, and here is the latest installment of the series: The basic idea is: infected computers (“bots” or “zombies”) can be be used to perform network actions on behalf of their “masters”. Some of these actions are usually done by “server class” machines. Two examples for such actions are: sending…
-
Updated VTUploader – renamed to OVScan
I updated the the script I originally published for submitting files to VirusTotal and renamed it OVScan (Online Virus Scan). What has changed: Added support for multiple sites Added support for submitting via SSL (if the site supports it) Added support for a per-file timeout Get it while it’s fresh from the source-code repository (to…
-
Blogger tag plugin
I wanted to install the the Cumulus plugin for Blogger, however I realized that I have too many tags :-), so here is a static snapshot instead. Blogumulus by Roy Tanck and Amanda Fazani Update: reduced the number of tags to avoid hogging the CPU. Update: the server hosting the javascript / flash files went…
-
Something fun for Friday the 13th
From Jonathan Coulton’s blog (you know, the Codemonkey guy): Kutiman, an Israeli musician, has put together an astonishing funk piece by sampling pieces of YouTube videos. You can see the first video below, for more visit thru-you.com (also, the site is a visual experience in itself, definitely worth visiting). An other interesting fan-made music video…
-
Repetitive testcases with jUnit
Update: after listening to a recent episode of Java Posse, I found out about parameterized tests for JUnit which seems to be a better option than the method described below. Live and learn. Let’s say you have a lot of similar cases in a jUnit test. You might be tempted to write a loop to…
-
Mixed links
This will be a long one since I didn’t do it for a while: Norton support goes rogue? – One remark: it is not that uncommon for support to recommend third-party tools (one very popular example would be HijackThis). Why reinvent the wheel? Of course, it is wrong to misrepresent the product. Ways the PDF…