-
Security is a process
Security is like art: it’s never done, just abandoned :-). So here are 3 free tools which you might want to regularily run in your environment to check for well known problems: MSAT – Microsoft Security Assesment Tool MBSA – Microsoft Baseline Security Analyzer Secunia PSI – Personal Software Inspector
-
Creating your own top commenters widget for blogger
Some time ago I added a top commenter widget to the blog, based on a tip from Blogger Buster. However it started acting up, so I decided to roll my own using Yahoo Pipes!. Below you will find a short tutorial on how to do it, as well as the ready-made pipe, based on the…
-
Restarting scripts in Opera after you stopped them
Opera has a nice feature, whereby each message box created from a Javascript offers you an option to stop running scripts for the given page. This is very nice if you are using alerts to debug your script and you’ve just realized that you have created an infinite loop by mistake :-D. However, once you’ve…
-
The hacker mindset
Is it just me, or does the pharese “adding third party gadgets to gmail” cry security vulnerability? I’ve read this posting from hackaddict, and it made me curious: just what can you do from a Google Gadget? A little googling around (no pun intended :-)) lead me to this presentation: Xploiting Google Gadgets: Gmalware and…
-
Daily funny
Via the MindOfRoot podcast: LandOfSilly. Two of my favorites are: Dead Cisco Sketch – I’m and IT PRo Song An IT Pro – Yeah the right Rockin’ one!
-
Help wanted by SANS
From the SANS blog: At SANS Internet Storm Center, we are always researching and monitoring the latest trends of attacks on the Internet. We are currently developing a web honeypot project similar to the Dshield model. The launch time is a few months away and the project is in need of volunteer researchers to help…
-
Hardware hacks are cool but dangereous
Via H_I_R’s bookmarks I found the following post: Make use of your old PS/2 ports. The blog is currently down. Coincidence? 😛 The idea of the post was to take your unused PS/2 ports and use them as a power source to charge your mobile phone, which would otherwise support charging through USB. The idea…
-
Microsoft .docx format – fail!
I was installing a WinXP + Office 2003 machine for an acquaintance and of course let Windows Update get it to the latest patchlevel. During this process the MS GDI+ detection tool popped up and said the the computer had software which may be affected by the GDI+ vulnerabilities (correct, since I had Office 2k3…
-
The Global Culture Sub-Layer
I’ve said it before and I’m standing by it: If you don’t know English, you’re not a programmer However I think that a language and culture shared by many people would be a big step towards reducing the feeling of animosity we have between different groups of people. You see, people are selfish mostly. To…
-
What is a perimeter weakening malware?
I’ve seen this idea floating around the Internet for some time and I thought I document it for future reference: A perimeter weakening malware is a program (script, macro, etc) which “lowers the defenses” of a computer (stops AV software, disables the firewall, creates an Administrator account with a certain password, etc) after which it…