-
Mixed links
Installing DokuWiki on a SourceForge account – it seems that SF has some more complex security policies (which is good), but it takes a little command-line kung-fu to install DW (because it needs write access to some directories). Guaranteeing deletion – an interesting thought-experiment on how to guarantee the fact that a hostile system executes…
-
Weather Brains
Weather Brains is an excellent podcast if you are even remotely interested in weather. Released weekly, it is a hour or so of fun and information. There are multiple hosts (always a plus, it is very hard for a single host to keep an interesting tone) and a professional voice quality (which is not a…
-
WPA2 is still hard
Some time ago I found out that you have to install some not-so-well-documented updates (which are not delivered automatically by Windows Update) to use WPA2 to encrypt the traffic of your wireless network (and it is advised to use WPA2, since all the prior standards have known weaknesses). However I was unpleasantly surprised that support…
-
Walking with objects
Some time ago I’ve read David Wheeler’s blogpost about using the OBJECT tag to embed HTML in your HTML :-). One of the things which peaked my interest was the question: what are the security implications of using this method? Specifically I was interested if the same cross-domain / same-policy rules applied to interaction between…
-
Pi day and other ramblings
The USA congress decided that March the 14th is national Pi day (from chuckchat.com). While I’m not a USA citizen and live nowhere near it, I still thought that the idea is cute. Math can be fun (even though the education systems gives the opposite impression frequently). A fun fact which I was amazed by…
-
A few words about hackersblog
If you read security news, you most probably have already heard about hackersblog.org. It is blog created by a couple of my compatriots who feel that just talking about vulnerabilities in web websites is not enough and they must attract attention by actively exploiting the flaws and the posting their “trophies” Zone-H style. As you…
-
Detecting malicious hosts with p0f
Lately I’ve posting a little malicious hosts, and here is the latest installment of the series: The basic idea is: infected computers (“bots” or “zombies”) can be be used to perform network actions on behalf of their “masters”. Some of these actions are usually done by “server class” machines. Two examples for such actions are: sending…
-
Updated VTUploader – renamed to OVScan
I updated the the script I originally published for submitting files to VirusTotal and renamed it OVScan (Online Virus Scan). What has changed: Added support for multiple sites Added support for submitting via SSL (if the site supports it) Added support for a per-file timeout Get it while it’s fresh from the source-code repository (to…
-
Blogger tag plugin
I wanted to install the the Cumulus plugin for Blogger, however I realized that I have too many tags :-), so here is a static snapshot instead. Blogumulus by Roy Tanck and Amanda Fazani Update: reduced the number of tags to avoid hogging the CPU. Update: the server hosting the javascript / flash files went…
-
Something fun for Friday the 13th
From Jonathan Coulton’s blog (you know, the Codemonkey guy): Kutiman, an Israeli musician, has put together an astonishing funk piece by sampling pieces of YouTube videos. You can see the first video below, for more visit thru-you.com (also, the site is a visual experience in itself, definitely worth visiting). An other interesting fan-made music video…