-
Humane markup language
I’m always searching for methods to make my blog postings better. And by better I mean: Easier to write. This means both speed (because I already spend quite a lot of time with different side-projects) and less formatting-cruft to add (so that I can concentrate on the actual content) Offer useful features to the readers…
-
Defense in depth for programming
Two things you should always do when developing in Perl is to use strict and use warnings (with the caveat that warnings should be disabled in production systems or redirected to a log file). However recently I was reminded that nothing is 100% (and this isn’t a compiled-vs-interpreted issue, because there are many errors compilers…
-
Microsoft and the “Not Invented Here” syndrome
A couple of days ago I was listening to a recent episode of Hanselminutes (a great podcast BTW) about Distributed Caching with Microsoft’s “Velocity”, and the only thing I could think of was: How is this different from memcached? This is why MS should be broken up into smaller divisions: to keep them from reinventing…
-
Resolving the problem with inserting formulas in OpenOffice with Ubuntu 8.04 (Hardy)
While writing some text (under Ubuntu 8.04 Hardy with OpenOffice 2.4) I wanted to insert a formula and much to my surprise the Insert -> Object -> Formula way grayed (greyed?) out. My first reaction was that this is probably because I was missing Java (or more precisely: OpenOffice didn’t recognize my installation of the…
-
Disabling mod_deflate for certain files
I received a question regarding my compressed HTTP post. It goes something like this: I want to use a PHP script as a kind of transparent proxy (that is, when I request a file, it downloads it from an other URL and serves it up to me), but mod_deflate keeps eating my Content-Length header. My…
-
Automated analisys
Disclaimer: the views expressed here are my own, and unless expressly stated, do not necessarily represent the views of any former or current employer. Automated security analysis is good for dealing with a large flux of (possibly) malicious files, however information resulting from these types of sources must be clearly marked as such (as oppsed…
-
The windows kernel, software licenses and other ramblings
Somehow I ended up at and article on CodeProject titled How can I get address of KeServiceDescriptorTableShadow. The first thing that caught my eye is the fact that the contributor claims to be from China and a web developer. This seems to be a common attitude in China (and also in Russia) if you are…
-
Is vulnerability research ethical?
Over the TaoSecurity blog you can find a good summary on the Bruce Schneier (nice poster btw) vs Marcus Ranum face-off regarding the ethicacy of vulnerability research (also read the comments, they are worth your time). I fully agree with Bruce on this and think that Marcus is confusing two things: the act of finding…
-
Why exercise?
Geeks have a hard time justifying to themselves exercising. Sure, it makes you healthier and you live longer, but you’ll have less time tinkering with your toys. I found the perfect reason. Via the Security4All blog: It seems that as little as 20 minutes of exercise 3 times in a week doubles (!) your problem…
-
Why security is in such a sad state?
Disclaimer: as always, unless expressly stated, the views expressed here are my own and do not necessarrily reflect those of my current or former employers. Because people hide behind titles! Some examples: Gary Warner Director of Research in Computer Forensics lists on his blog IP addresses associated with the latest run of Storm. I thought…