-
Consider the source before ranting
or else you could look foolish. Full disclosure: I work in the AV industry, however this post (and all of my posts, unless stated otherwise) do not necessarily reflect the opinion of my current or past employers. They are my own personal opinions / views of things. Getting back to the topic: some time ago…
-
Enabling Bluetooth on Ubuntu
is as simple as 1, 2, 3 (although it ought to be as simple as 0 – it should work out of the box – more on this later). So I was trying to copy some photos from a phone to an Ubuntu machine which, although it had recognized the phone, kept coming up with…
-
A new competition
Via terminal23.net: the Python challenge (this does not have any deadlines, nor does it carry prizes, so you can relax).
-
Hostile JS Debug
I was looking through a presentation delivered by a McAfee employee during an Indian security conference (Club Hack 2007) and there it was: a reference to a little project of mine dedicated to ease the debugging of obfuscated javascript. Neat. (Or, I could use the the word of the year and say: w00t 🙂
-
2008 Scripting games
Via the terminal23 blog: the Microsoft 2008 Winter Scripting Games. Also with Perl for extra fun 🙂
-
Sunbelt is using Symantec in-house
This is quite old (it has been sitting in my to-do list for a while) but still fun: What can screenshots reveal about your company? This blog posting from the Sunbelt blog from Friday, November 16, 2007 entitled Some new twists in the Storm worm contains the screenshot which can be seen below with the…
-
VNC – (almost) zero security
I mentioned it previously, but just wanted to be sure that everyone has seen this: the "standard" VNC protocol does not offer any encryption of the data (ie. using a packet capture you can reconstruct the screen content and the action of the user). There are unofficial extensions, but they are not widely supported During…
-
Tangled Web
The World Wide Web has become the main target for much of the computer usage these days. This has several consequences, one of which is that more economic value is placed in it, attracting more attacks. XSS, CSRF, RIF and so on. These are all terms which are used daily by the security research community.…
-
Faster MD5 collisions
MD5 is looking less and less reliable as the day pass. It seems that now researchers have been able to create an attack that can append a couple thousand bytes to two arbitrarily chosen files which would result in those files having the same MD5 hash, and compute these byte sequences with consumer grade hardware…
-
Bash shortcuts
Or: never do history | grep again! The command line interface of the *nix systems is amazing and Windows doesn’t have anything that comes even close to it (although I still have to experiment with PowerShell – I like very much the base idea that instead of text lines you get objects with well defined…