-
Hack the Gibson #92
Read the reason for these posts. Read Steve Gibson’s response. The podcast kicks off again with a SpinRite story with no mention about the importance of backups and changing the failing drives, but I digress. Steve says: Now, you could be running through multiple layers onion routing, or any other kind of proxy server. So…
-
Hack the Gibson #91
Read the reason for these posts. Read Steve Gibson’s response. This was an interview episode, so there is not much I can comment on. SpinRite appears again to save the day, again without the notification that backups are important and that a hard-drive which had a physical failure is very probable to fail completely in…
-
Hack the Gibson #90
Read the reason for these posts. Read Steve Gibson’s response. Towards the start of the show Leo mentions that SSL certificates used by the sites to authenticate themselves to the users are single-factor. And this is true, however one has to add that there is nothing wrong with single-factor authentication as long as good security…
-
Hack the Gibson #89
Read the reason for these posts. Read Steve Gibson’s response. Related to the SpinRite story (which are present in every episode): again, I don’t know WTF (pardon my language) people are doing with their computers, but in my 15 years of computer usage I never (knock on wood) had a hard-drive fail on me or…
-
Vulnerabilities and hype
Take some vulnerabilities, don’t investigate the conditions which are needed to exploit them, and you got a good old fashioned security hype. The gist of it: there are some flaws in the ActiveX controls VMWare installs. The possible attack scenario for these vulnerabilities looks like this: The user has VMWare (or VMWare Disk Mounter for…
-
Responsinble behavior
Disclaimer: the views expressed in this post (and on the entire blog) do not necessarily reflect the opinion of my past or current employers. These are entirely my own opinions. Know your audience! and Never underestimate human stupidity! these are two ideas missed by Alex Eckelberry in his latest blog post. Before I give you…
-
Living off of the hype
Disclaimer: I work for a competitor, however this is my personal opinion and does not necessarily represent the views of any of my past or future employers. So tell me, what does F-Secure exactly contribute to the malware fighting effort? Sure, they have a blog and a chief researcher who has an opinion about everything…
-
Hack the Gibson #81 to #87
Read the reason for these posts. Read Steve Gibson’s response. Here is again a long overdue post about the recent Security Now episodes. I have to say that the quality of the information provided in the recent episodes deteriorated (or maybe it is that they started talking about more concrete things where the errors are…
-
Mobile malware – hype or not?
I’m not entirely dead yet, just very busy 🙂 Anyway, I came across this blog posting (Mobile Virus FUD) which in turns references this article about Kaspersky Labs (not the one at heise security as I stated – erroneously – before). Before we continue, a disclaimer: the views and opinions expressed here are my own…
-
Don’t claim that you have a revolutionary technology…
Unless you have done your research. I was listening to the latest CyberSpeak podcast yesterday (a very nice podcast by the way) and I heard the guy (Chad McMillan) who was being interviewed talking about a revolutionary new technology for identifying packed executables by signature which he will be presenting at BlackHat. I wonder how…