-
Quick Google Reader technical tip
I was looking for a way to export the complete feed (all the incoming elements) from Google Reader. I rather quickly found out that you need the session cookie and that trying to use basic auth wasn’t going to cut it. I found a rather old post about the topic, but none of the advices…
-
Wonky security posts
I was reading two security blog posts recently from security vendors which seemed a little “off”: The first one was from Avira talking about a great new feature: as I understand it, in the new version of their product if an application is permitted by the Application rules of the firewall, the port rules are…
-
Start offering solutions
Some time ago I’ve read two blogposts from security vendors: The Oldest Un-Patched Microsoft Vulnerability from the ESET blog (makers of NOD32) and Consumers deserve less intrusive products from the McAfee Security Insights blog. Both of them were complaining: On the ESET blog Randy Abrams was complaining that autorun is a vulnerability. I would ask…
-
Mixed links
chycho.com seems to have a lot of cool videos, like this one: Just a reminder why you should never talk to the police: Some good advice to protect yourself. Of course this is just applicable in the USA to citizens (so it is not applicable to a large percentage of the people on so many…
-
Why Directi should be kicked
It is known in “security folklore” that a domain registered at Directi usually spells bad news. However I know have some stats to show it. How these stats were generated: The malicious domains were taken from DNS-BH The benign domains were taken from Alexa The registrar for each domain was extracted Of course, this is…
-
SDHC – Shared Dictionary Compression
I saw the following article on the GOS blog: Google Search Pages Load Faster if You Use Google Toolbar. It turns out that Google added an experimental feature in the Google web servers and the Google toolbar to reduce the network traffic by supplying a dictionary of frequently used page elements (BTW, I find the…
-
Good security news
Being Friday the 13th one can really use some positive news: on rootkit.com we have an article about Implementing SMM PS/2 Keyboard sniffer. How is this good news you ask me? Towards the end of the paper we have the following text (emphasis added): The limitations of hacking through SMM are obvious. It is almost…
-
ASPROX presentation video
Via Greg Martin’s blog: a presentation about ASPROX delivered at Toorcon by Dennis Brown from Verisign:
-
I had that idea!
Today I stumbled upon the paper Rethinking Antivirus: Executable Analysis in the Network Cloud. It talks about running lightweight processes on the hosts which ship files to be scanned to a network server which scans them and gives the clean/infected verdict. I had the exact same idea around the same time :-). Some benefits of…
-
Cool epoch counter
As probably many of you geeks already know, today the epoch counter (AKA unix timestamp) will reach the value 1234567890, which is cool I guess because it is in the order the keys are on your keyboard. You can find a countdown here. You can use the following perl snippet to find out when the…