-
Mixed links
Conficker is using a few tricks to make reversing harder Metasploit (and other security sites) are being hit by DDoS. Some interesting thoughts: Use DNS to mitigate the attack (if the bots follow DNS, you can simply point them to 127.0.0.1, if not, you simply move servers to an other IP range and point DNS…
-
PHPBB hack
I saw the news on the Kaspersky blog: phpbb.com was hacked. Fortunately (?) the hack wasn’t done trough PHPBB, rather trough a vulnerable installation of PHPList. BTW, the Kaspersky blog gets it wrong: the hack wasn’t because register_globals was enable, but rather because PHPList contained code to emulate the functionality of register_globals. More info: The…
-
Time travel – by Yahoo!
Today I was greeted by the following error message on Yahoo mail:
-
Security charlatans
Why do people go to charlatans? Because they make them feel good about themselves Because they will make a big effort to speak in a language which the customer understands and can relate to (even if the things said are not-that-true) Because sometimes they (the charlatans) get to a level where they themselves believe that…
-
Browser Password Manager test
This is rather old, but still good (originally found it via the Pat’s Daily Grind blog): a security company did some tests with the password manager included in different browsers. And of course they slapped not one but two sensationalistic titles on it (“Google Chrome Receives Lowest Password Security Score” and “Safari Ties for Last…
-
Rewriting history
I came over this article: Our Revised News and it reminded me of a huge problem: it is very easy to modify things on websites and then claim that “it was like this since the start of times” (sidenote: you can f’*** it up and let the HTTP server show the real update date in…
-
How to get random numbers into Yahoo Pipes?
In what follows I will present two methods for obtaining random numbers inside a Yahoo Pipes setup. The first method is based on obtaining the current timestamp and using it your random number. The advantage of this method is that it is quick (you don’t need to access third-party websites). This disadvantage is that it’s…
-
A free, open-source, cross platform alternative to VirtualDub
I’ve been a long fan on VirtualDub, a great linear video-editing software (and it is also free and open source). The only thing which bothered me was the limited number of input/output formats supported. There were some forks of it, but they pretty much died off. However in the latest full circle magazine I think…
-
Random Database Blogging
From the Database and Performance blog: Queuing Theory & Resource Utilization – a lightweight introduction into the field which explains why you don’t have linear growth all the way – at a moment you hit a magic ceiling and things get much worse. PostgreSQL Replicator is an other way to replicate your PostgreSQL database. Now…
-
How to create nice surveys?
Disclaimer: I’m not a psychologist, this is just my personal opinion. There might be some reasons for this behavior, but it is still very annoying. Also, this is about free surveys where the people filling it out are making you a favor. If you provide some kind of compensation for their time (ie. pay them),…