-
The importance of understanding – take 2
As you probably know by now, one of my pet peeve is people who pretend to know more than they actually do, and (because they get access to the right channels) spread misinformation. The latest example comes via the Infosec Ramblings blog: a series of two articles talking about “UAC Virtualization”. <rant>The term is “File…
-
Installing guest additions for VirtualBox with Ubuntu 8.10
I installed VirtualBox (the OSS version) from the Ubuntu repos (in hindsight it may have been better to use the VB repos, but I’m just lazy), and when I tried to install the guest additions in a WinXP VM, it complained that it can’t find the VBoxGuestAdditions.iso. The solution: Download the corresponding iso from here…
-
Making sure that your favicon works with Blogger
My favicon stopped showing up some time ago on my blogger page, but until now I was just too lazy to investigate. Turns out that blogger adds the following line in the header: <link href=’http://www.blogger.com/favicon.ico’ rel=’icon’ type=’image/vnd.microsoft.icon’/> Which overrides my favicon setting. The solution? Put your favicon declaration after the following line in your template:…
-
Don’t update to PHP 5.2.7!
Or if you updated, please update to 5.2.8, since 5.2.7 contained a security regressions!
-
Installing *BSD under VirtualBox
I managed to install FreeBSD and OpenBSD under VirtualBox. With NetBSD I gave up :-(. Here are some tips: This is a good general OpenBSD tutorial If you get the following message with OpenBSD: uid 0 on /: file system full /: write failed, file system is full Segmentation fault The solution described by this…
-
Fetching files form PHP in a compatible way
I just finished comparing a whole bunch of OS’s to determine which is the most compatible (widely available) way to fetch an external HTTP page from PHP. The winner is: fsockopen – it was available on 100% of the tested systems. I was only interested in HTTP pages, not HTTPS, so the ssl transport might…
-
Mixed links
An interesting story about sniffing VPN (or more correctly: what the user thought to be VPN). This shows that you always have to be alert. Why is the web the default development platform? – completely agree with all the points (and also most of the points made in the comments). One additional thing is: instant…
-
Can good programmers be part of a SDLC?
From the security balance blog. SDLC is the Security Development Lifecycle for all of you non-acronym junkies :-). I disagree with the definition of “good programmer”. In my opinion being a good programmer is not just about being able to bang out X lines of quality code per hour. It’s about knowing your limits, and…
-
Does AV more harm than good?
This article is one of the best description of the current situation that I’ve seen out there. Some of juicy bits: This comfort and confidence is the problem – if this user had learned the basics about how malware works and is spread, and been educated on the simple day-to-day activities which put them at…
-
Fixing a hibernation problem with Intel network cards
I had a problem with hibernating a Windows XP system containing an on-board Intel(R) 82566DC Gigabit NIC. The hibernation was ok, but it would wake up in a couple of seconds after shutting down. Today I looked around a little more and found the following setting: “Wake On Directed Packet”. Unchecking it solved the problem.…