-
Parse the camel
A quick note about the B::Deparse Perl module: use it to tame hairy (obfuscated) Perl code, even code like this. Use it like this: perl -MO=Deparse obfuscated.pl In the area of obfusctation, but more on the funny side there is Acme::Smirch and Acme::Bleach. Have fun! PS. You can exercise your skills on the perl one-liners.…
-
Interesting site / videos
I finished watching the Crash Course from ChrisMartenson.com. It is interesting and slightly frightening. Although my BS detector had some faint signal (like saying on the front page “Chris Martenson, PhD”, only to find out on a closer read that he is not a PhD in economics), I’m no economist to judge how accurate the…
-
I saw/read about SSLstrip – should I be afraid?
A friend of mine said that he saw the SSLstrip presentation from BlackHat DC 2009 and asked me if he should be afraid. Here is the advice that I gave: you shouldn’t be afraid. Fear is a bad motivator because it wants to force you to act quickly. A much better concern is informed concern.…
-
Does Google Chrome prevent CSRF?
Some time ago I was reading the article Session Destroyer: Automatic Webapp Session Invalidation from the Linux Journal. It was a neat idea, however the part which peeked my interest was the following: Mozilla Firefox does not protect you against this attack by default. However, Google Chrome supposedly does because they implement each tab in…
-
A very cool scene from a film
And I write rhyming titles. W00t! 🙂 The scene is from the 1986 film Crossroads: Just in case the copyright overlords take that one down, here is an alternative version:
-
How to handle problems?
Pretend they don’t exists! Some time ago I complained about WinPatrol. Today its author published a blogpost badmouthing Adobe because of the recent flaw in Adobe Reader. Myself in turn, posted a comment pointing out that no software is perfect (his included) and furthermore: the advice he gives is partially wrong and leaves people exposed…
-
Mixed links
New Shool Information Gathering Toorcon X Edition Video – embedded below. You can also download the presentation. Very interesting and a lot of tools are mentioned which can be useful for reconnaissance. It looks like the GDrive is coming. Hopefully soon I can build my backup home-grown backup strategy, which should look something like this:…
-
Brave new world
What do you call a world where tens of thousands of people have the ability to take out considerable part of an important infrastructure item. This the world we live in. Tens of thousands of people can create botnets and use them to attack other sites. Most recently the Metasploit site was attacked together with…
-
Spot the flaws in the Windows 7 UI
I’ve been playing around with the Windows 7 beta for a couple of days now, and it feels painful! Regardless of what Leo Laporte says, it is very much a beta. And even the recent beta releases of Ubuntu are better than this. Below you can see a screenshot in which I tried to exemplify…