-
How to handle problems?
Pretend they don’t exists! Some time ago I complained about WinPatrol. Today its author published a blogpost badmouthing Adobe because of the recent flaw in Adobe Reader. Myself in turn, posted a comment pointing out that no software is perfect (his included) and furthermore: the advice he gives is partially wrong and leaves people exposed…
-
Spot the flaws in the Windows 7 UI
I’ve been playing around with the Windows 7 beta for a couple of days now, and it feels painful! Regardless of what Leo Laporte says, it is very much a beta. And even the recent beta releases of Ubuntu are better than this. Below you can see a screenshot in which I tried to exemplify…
-
Wonky security posts
I was reading two security blog posts recently from security vendors which seemed a little “off”: The first one was from Avira talking about a great new feature: as I understand it, in the new version of their product if an application is permitted by the Application rules of the firewall, the port rules are…
-
Start offering solutions
Some time ago I’ve read two blogposts from security vendors: The Oldest Un-Patched Microsoft Vulnerability from the ESET blog (makers of NOD32) and Consumers deserve less intrusive products from the McAfee Security Insights blog. Both of them were complaining: On the ESET blog Randy Abrams was complaining that autorun is a vulnerability. I would ask…
-
Don’t overthink software security
While reading the trapkit blog, my attention was drawn to the following post: Commercial usage of ScoopyNG. ScoopyNG, in case you didn’t know about it before, is a proof of concept tool to detect VMWare. In the post the author of ScoopyNG details how the makers of a commercial product (Atempo Time Navigator) use the…
-
And you thought the JRE was big
I was updating a VM with WinXP today and it downloaded the “Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847)”, which weight in at a whopping 238MB! An update! WTF? As a comparison: the Java 6 JRE is around 15MB.
-
Security charlatans
Why do people go to charlatans? Because they make them feel good about themselves Because they will make a big effort to speak in a language which the customer understands and can relate to (even if the things said are not-that-true) Because sometimes they (the charlatans) get to a level where they themselves believe that…
-
Browser Password Manager test
This is rather old, but still good (originally found it via the Pat’s Daily Grind blog): a security company did some tests with the password manager included in different browsers. And of course they slapped not one but two sensationalistic titles on it (“Google Chrome Receives Lowest Password Security Score” and “Safari Ties for Last…
-
Rewriting history
I came over this article: Our Revised News and it reminded me of a huge problem: it is very easy to modify things on websites and then claim that “it was like this since the start of times” (sidenote: you can f’*** it up and let the HTTP server show the real update date in…
-
How to create nice surveys?
Disclaimer: I’m not a psychologist, this is just my personal opinion. There might be some reasons for this behavior, but it is still very annoying. Also, this is about free surveys where the people filling it out are making you a favor. If you provide some kind of compensation for their time (ie. pay them),…