-
How can you be certain that your code works?
You can’t. Read this great article from Peter Harkins.
-
Mixed links
Via /dev/random: the story of a fictitious penetration testing. Very interesting, eager to read the rest. From Kim Cameron’s Identity blog: Leaving a comment (with CardSpace / IdentityCards). The first time you do this it takes a whopping 11 steps! I fail to see how this is better than current systems or OpenID. (I’m talking…
-
Enumerations in Java
Starting to (professionally) program in Java, one of the things which bugged me were the constant declarations in classes which implemented struct-like idioms: class Foo { public static final int FOO_1 = 1; public static final int FOO_2 = 2; public static final String FOO_3 = “42”; … The code referencing this seems even more…
-
Anti Malware Testing Guidelines
Via the ESET blog: the guidelines for testing Anti-Malware products were published by AMTSO (the Anti Malware Testing Standards Organization). Go and read them if you are so inclined (each of them consists of only 5 pages – you have to give them props for brevity – although maybe they just wanted to avoid being…
-
There goes nothing
People, please stop the fear mongering. The F-Secure blog has a post titled There Goes WPA telling us how insecure WPA is now with Elcomsoft (great guys BTW) using the GPU to gain a factor 100 in the breaking speed and researchers breaking the TKIP part. What it fails to do is to point out…
-
One (and a half :-)) challenges
Ethical Hacker just launched a new challenge. This one however is a little different since you need to buy the book Daemon to be able to solve it. The book itself has some good reviews, but still, this makes it out of reach for a lot of us :-(. And the second challenge (which is…
-
Poor man’s traffic logger
I was reading the following blog post about filtering out MySQL queries and was reminded of a situation I faced once. The situation was as follows: I needed to find out where certain PostgreSQL queries were coming from, however the server was behind a pgpool instance, so all the queries were seen as coming from…
-
Sun bans Romania from downloading
Confirmed from multiple locations with multiple ISPs: whenever I try to download something (JDKs) from Sun using a Romanian IP you get: Your download transaction cannot be approved. Contact Customer Service. I’ve tried downloading a SDN account (so that Sun knows that I don’t want the JDK with all the non-exportable crypto stuff) to no…
-
For Star Trek geeks
Via the Radio Free Security podcast. Very geeky and very funny: For more see Hi-Fidelity quartet.
-
Job offer from Nokia
Some time back I was looking around in the job marked and, amongst other possibilities, I checked out Nokia. This meant that I got added to their mailing list (voluntarily). Today I received the following mail from them: When creating your profile at Nokia’s Career Site, you requested to be notified of job openings. The…