Category: hack the gibson

  • grcsucks.com revival – #2

    These posts republish content from the now defunct grcsucks.com site. The following one is a very good one, by somebody who knows networking: Martin Roesch, the author and lead developer of Snort. Dissecting GRC’s NanoProbes by martin.roesch http://www.snort.org Comments refer to : http://grc.com/np/np.htm Ok, so in the “broken out” packet dump at the bottom of […]

  • Hack the Gibson #169

    Read the reason for these posts. Read Steve Gibson’s response. Steve Gibson says that MSRT runs when restarting the computer: … And then it runs the next time you restart your machine This is not true, not only because MS says so (The version of the tool delivered by Microsoft Update and Windows Update runs […]

  • grcsucks.com revival – #1

    After starting a one-man movement 🙂 to clarify the muddy waters created by Steve Gibson, I was relieved to find that I’m not alone in my opinion. The central site gathering all the information was grcsucks.com, the domain registration of which expired somewhere around June 2007, and since than you can only find a domain […]

  • Hack the Gibson #168

    Read the reason for these posts. Read Steve Gibson’s response. Steve Gibson gets the description of the attack wrong (backwards): It’s possible to have something hiding below the surface, literally on, like, a layered page, where the user clicks on what they see, but what they’re actually clicking on is content on the page behind. […]

  • Hack the Gibson #106

    Read the reason for these posts. Read Steve Gibson’s response. I have a good news for mister Gibson: SpinRite would actually work on the Mac with VMWare. Because although Macs are EFI based, the hardware emulated by VMWare uses the good old protocols, which means that as long as VMWare has the capability to mount […]

  • Hack the Gibson #94, #95 and #96

    Read the reason for these posts. Read Steve Gibson’s response. I’ve talked a lot about authentication in two recent blog postings (Getting ahead of the curve and Two channel authentication with the followup Two channel authentication – part tow), so I won’t really cover episode #94 in detail. Now for episode #95, OpenID One of […]

  • Hack the Gibson #93

    Read the reason for these posts. Read Steve Gibson’s response. An other Security Now! episode, an other SpinRite story without mentioning backups. There are few explanations for this, none of which shed a very good light on Mr. Gibson: (a) he doesn’t care, (b) the flaws SpinRite repairs are not at all serious, so with […]

  • Getting ahead of the curve

    I was listening to episode 103 of SecurityNow, and all in all it was a good episode. However one thing that baffled me (ok, maybe not so much because I didn’t have high expectations), is the fact that nowhere in the process did they ask about man-in-the-middle type attacks (although they mentioned it briefly when […]

  • Hack the Gibson #92

    Read the reason for these posts. Read Steve Gibson’s response. The podcast kicks off again with a SpinRite story with no mention about the importance of backups and changing the failing drives, but I digress. Steve says: Now, you could be running through multiple layers onion routing, or any other kind of proxy server. So […]

  • Hack the Gibson #91

    Read the reason for these posts. Read Steve Gibson’s response. This was an interview episode, so there is not much I can comment on. SpinRite appears again to save the day, again without the notification that backups are important and that a hard-drive which had a physical failure is very probable to fail completely in […]