For every software there is a specification and there is the implementation. Specifications are rarely exhaustive, thus there remain the corner cases which the developer handles based on her/his believes. As long as the handling methods don’t introduce vulnerabilities, one can say that this doesn’t make any difference. The situation becomes much more interesting when…

Brought to you by Wordle:

The solution to the Ethical Hacker challenge “It happened one Friday” has been posted. Read the full story behind the challenge or go directly to the solution. This is awesome! Remember that a new EH challenge is in full swing for your entertainment :-).

Didier Stevens posted an entry about some interesting stuff he found in a shellcode, so I thought that I share my little story: I was analysing a Word exploit, when I cam over the following code (written in pseudocode, because I can’t find the file right now): HANDLE h = 0; while (GetFileSize(h) != 1234)…

tracepath podcast-files.cnet.com gets me this (observe the loop): … 6: r11-Vl3001.buh7.ro.gtsce.net (85.9.9.245) 29.703ms asymm 8 7: 85.9.9.169 (85.9.9.169) 26.761ms 8: r37-Vl2002.buh3.ro.gtsce.net (85.9.9.1) 27.132ms 9: r11-Vl3200.buh7.ro.gtsce.net (85.9.9.246) 25.090ms asymm 7 10: r10-gi13-0.buh7.ro.gtsce.net (85.9.32.73) 26.592ms asymm 6 11: r11-ten4-3.buh7.ro.gtsce.net (85.9.32.74) 29.970ms asymm 9 12: r11-Vl3001.buh7.ro.gtsce.net (85.9.9.245) 38.560ms asymm 8 13: 85.9.9.169 (85.9.9.169) 27.047ms asymm 7 14: r37-Vl2002.buh3.ro.gtsce.net…

I suspect that every one of you has some childhood memories about computer games. Recently I discovered that one the games which was iconic for me at the time, was released as freeware. I’m talking about Tyrian. Not only was it released as freeware, but the full source was made available (together with the artwork!).…

I don’t really like magazines because they (as they try to get money out of them) blur the line between content and advertising more and more (just recently I picked up an issue of Wired and it was incredible how much advertising is in it). Also, in the case of electronic magazines delivered in the…

Via Tim Bunce’s blog: “The greatest shortcoming of the human race is our inability to understand the exponential function” – by Dr. Albert Bartlett Applying risk management:

A few days ago I received the following email: Hi my name is Jeff and I came across your page http://hype-free.blogspot.com/2007/03/month-of-php-bugs-started.html which would be great for a text link to my client, a web host certifier. What I am looking for is a small text link, web hosting, and if you keep it for at…

I was reading Jeff’s post on Coding Horror about naughty filters (and I more or less agree – you can’t fix a social problem with technology). Towards the end he mentions Yahoo Mail, which brought to mind a nice feature they added recently to search: Now, when you do a keyword search, it presents a…