-
Can good programmers be part of a SDLC?
From the security balance blog. SDLC is the Security Development Lifecycle for all of you non-acronym junkies :-). I disagree with the definition of “good programmer”. In my opinion being a good programmer is not just about being able to bang out X lines of quality code per hour. It’s about knowing your limits, and…
-
Does AV more harm than good?
This article is one of the best description of the current situation that I’ve seen out there. Some of juicy bits: This comfort and confidence is the problem – if this user had learned the basics about how malware works and is spread, and been educated on the simple day-to-day activities which put them at…
-
Fixing a hibernation problem with Intel network cards
I had a problem with hibernating a Windows XP system containing an on-board Intel(R) 82566DC Gigabit NIC. The hibernation was ok, but it would wake up in a couple of seconds after shutting down. Today I looked around a little more and found the following setting: “Wake On Directed Packet”. Unchecking it solved the problem.…
-
The importance of understanding
I found the paper .NET Framework Rootkits: Backdoors inside your Framework via the Security4All blog some time ago. It is an interesting article about modifying the basic .NET libraries such that they do other things than what they were intended (for example log any traffic going trough sockets). However it seems to have created some…
-
Nice validation technique
Reading the Paint.NET blog I found this post about parameter validation. It is a very cool one for at least three reasons: Makes the code more readable. Making the code such that readers can infer (correctly!) what the code does without additional comments is very useful. Makes the code shorter. Can be easily adapted into…
-
The Monty Python YouTube channel
Found this via the net@night podcast. Warning! Very funny, it will make you laugh out loud! 🙂 The Monty Python YouTube channel
-
The big java regex shoutout
I discovered recently that the built-in java regex library has problems with some expressions, so I set out to find alternatives. Searching for regex benchmarks, I found the following page: Java Regular expression library benchmarks (it also has an older version). The original IBM article also contains a benchmark. However both of these resources are…
-
If Wireshark complains about incorrect cheecksums…
You most probably have TCP checksum offloading enabled in your NIC. You can disable it, just know that enabling/disabling it will probable reset your network stack (so don’t do it on remote system). PS. This is not always the case, I’ve seen the same error message on systems which didn’t have TCP checksum offloading (and…
-
Installing Ubuntu 8.04 LTS in VirtualBox
If you try to install Ubuntu 8.04 in VirtualBox (I’ve tried the server version, probably the same is true for the Desktop version) and you get the following error: The complete Message is: The kernel requires the following features not present on the CPU 0:6 Unable to boot – please use a kernel appropriate for…
-
Gentoo “quick” install
I’m playing around with different distros in VirtualBox, and happened to try Gentoo. Boy, what a fun that was 🙂 The first indication that something is wrong was the fact that they had a quick install guide, which didn’t seem all that quick… After failing to make it start (twice), I searched around and found…