Archive for Tech
This is just going to be a long list of links with rants. I have taken up the duty of disseminating information on the latest in WiFi and Bluetooth penetration-testing for no real reason other than it's on the tip of my tongue. First, we have the [...]
Posted by Dre on Tuesday, September 23, 2008 in
Hacking,
Security and
Tech.
The bad: It's a front-end to WebKit much like Safari, with no bells-or-whistles The only add-ons are Web Inspector (from WebKit), Chrome's own Task Manager, and Chrome's own Java Debugger (they could have at least used Drosera which comes with Web [...]
Posted by Dre on Tuesday, September 2, 2008 in
News,
Security and
Tech.
I see that the BlackHat Blogger's Network has a topic of interest. I'll oblige, especially since The Hoff is involved. I think it's a good exercise, so I'll have to thank Shimel for this idea. You also won't want to miss what I've said about [...]
Posted by Dre on Wednesday, June 18, 2008 in
Defense,
Security and
Tech.
Apparently Laura Chappell and Mark Curphey were presenting at the Microsoft TecEd 2008 Security Track last week. I haven't heard too much about what happened as a result, and I really wish I was there to see them speak about their respective topics. For [...]
Posted by Dre on Sunday, June 15, 2008 in
Conferences,
People,
Security and
Tech.
I've downloaded and used the Firefox 3 beta browser software for the past few months and wanted to give a report on the latest of what works and what doesn't. Note that I had to install Nightly Tester Tools to get many of these to work. I am also now [...]
Posted by Dre on Monday, March 24, 2008 in
Defense,
Hacking,
Security,
Tech and
Windows.
Marcin and I were talking a bit about mainframe security today. I recalled how fantastic mainframes were while he had his hands in the trenches. Yes, I know that IBM renamed MVS to z/OS (as well as other things) years ago. However, the concepts remain [...]
Posted by Dre on Tuesday, February 5, 2008 in
Hacking,
Linux,
Security and
Tech.
Here's a new 2008 security prediction for you -- The iPhone camera is an odd device. There is no notification that a picture is being taken, so the only requirement for malware is to wait for user activity and then start taking pictures. My prediction is [...]
Posted by Dre on Sunday, January 27, 2008 in
Apple,
Hacking,
Privacy,
Security and
Tech.
Web application security scanners have not matured much. I guess patent wars and company-buyouts have caused a lot of stagnation over the past year. However, I think the problems may run deeper than just controversy and industry drama. AppScan DE and [...]
Posted by Dre on Monday, January 21, 2008 in
Security and
Tech.
An audit framework for evaluating structured security program frameworks How many readers implemented a new security plan for 2006 or 2007? How many had clients that implemented a new security program? Which frameworks were involved? Possible frameworks [...]
Posted by Dre on Monday, December 10, 2007 in
Defense,
Hacking,
Intelligence,
Politics,
Security,
Tech and
Work.
Pen-testing is an art, not a science Penetration-testing is the art of finding vulnerabilities in software. But what kind of an "art" is it? Is there any science to it? Is pen-testing the "only" way or the "best" way to find vulnerabilities in software? [...]
Posted by Dre on Sunday, December 2, 2007 in
Defense,
Hacking,
Security and
Tech.
In my earlier article on Using Google Analytics to Subvert Privacy, I demonstrated how dangerous free tools could be to match privacy information to web clicks. But now that Google has updated their Analytics service to support internal search queries, [...]
Posted by Dre on Wednesday, October 17, 2007 in
Conferences,
News,
People,
Privacy,
Security and
Tech.
Recently, we've heard a lot of talk about P2P apps and data leakage concerning various members of Congress. It started with this article over at NetworkWorld, followed up by the guys at nCircle, directing criticism towards Congree from Techdirt, comments [...]
Posted by Marcin on Sunday, July 29, 2007 in
News,
Politics,
Security and
Tech.
kuza55 noted this morning that Firefox 2.0.0.5 has implemented support for httpOnly cookies. It's not perfect, as ma1 pointed out in the comments, but it's better than nothing. The Firefox browser could be made even more secure by building NoScript, [...]
Posted by Marcin on Thursday, July 19, 2007 in
Privacy,
Security and
Tech.
I love wikis. I've been working on a security portal at work and it just got so much better with the addition of embedded RSS feeds. With this extension, I've embedded the Security Whitelist and Aggregated Vendor and Security News Sites pipes on the [...]
Posted by Marcin on Wednesday, July 18, 2007 in
Tech and
Work.
|thumb_img_2472.jpg|I passed up a chance to get an iPhone last week because I couldn't spare the time to wait in line for it. I was headed to New Hampshire to stay up at Lake Winnipesaukee with some friends and watch the NASCAR Modified, Busch, and [...]
Posted by Marcin on Tuesday, July 3, 2007 in
Security and
Tech.
I've been real busy lately, but I came across several blogs and articles this week that I'd like to share, Andrew Hay style. =) CEO Crime & Punishment -- Ben Horowitz, CEO of Opsware Inc., shares his thoughts on what entices executives to commit white [...]
Posted by Marcin on Thursday, June 28, 2007 in
News,
Privacy,
Security and
Tech.
Andrew Hay writes: Dell & Google Secretly Installing Software to Make Money Off Your Typos Those bastards, how is this business practice not illegal? New Dell machines that include the Google toolbar as part of a marketing agreement also include a secret [...]
Posted by Marcin on Thursday, May 24, 2007 in
News,
Privacy,
Security and
Tech.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Posted by Marcin on Wednesday, May 2, 2007 in
News and
Tech.
Good stuff. I just find it hilarious when people watch CSI or all these other movies and think hacking or recovering data off a hard drive is so flashy and cool. Or better yet, completely retarded. It's a UNIX system! I know this! Cookie to the first [...]
Posted by Marcin on Monday, April 30, 2007 in
Security and
Tech.
Every time I have a conversation with someone who has diarrhea of the mouth, it makes me nauseous. The other day, I was flying from Atlanta to Hartford (my flight was delayed by an hour) and while in the plane waiting, I struck up a conversation with a [...]
Posted by Marcin on Friday, April 27, 2007 in
Intelligence and
Tech.
What I learned today? The importance of backups, and having a clear head when working on my system. Tuesday night, I am going home to Connecticut for the summer, so I started saving all my data to an external hard drive to take with me. Well, I also did [...]
Posted by Marcin on Tuesday, April 24, 2007 in
Tech.
People panic! Last night, TurboTax was unavailable for people to file their taxes. The problems have been since resolved, but let it be a lesson to all of us that we cannot depend entirely on technology. Technology will eventually fail us, like it did so [...]
Posted by Marcin on Wednesday, April 18, 2007 in
News and
Tech.
h1kari, not long ago at ShmooCon 2007, presented (*.mp4) his custom Field-programmable gate array optimized for cracking WEP and WPA encryption. It performed in some cases over 400% faster than a Pentium 4 or Athlon64. The reason why the chip performs so [...]
Posted by Marcin on Tuesday, April 17, 2007 in
Security and
Tech.
LonerVamp had a post yesterday on preventing Firefox from sending referrer messages. I'll add to that and show how you can prevent websites from resizing the browser window. In about:config, set the value of dom.disable_window_move_resize to true. Also, [...]
Posted by Marcin on Monday, April 16, 2007 in
Tech.
ITT was fined $100 million for illegally exporting classified technical data relating to night vision equipment overseas. In addition to being fined, they must "invest $50 million over five years to accelerate development of night vision technology, and [...]
Posted by Marcin on Saturday, March 31, 2007 in
Defense,
Politics,
Security and
Tech.
Thanks to the amount of feedback on Ideastorm, Dell is seriously considering pre-installing Linux on desktop systems. Having had the chance to play with the Core 2 Duo systems Dell puts out, I can definitely say they are pimpin'. I want one, but my main [...]
Posted by Marcin on Thursday, March 15, 2007 in
Linux and
Tech.
If you haven't heard, a keygen was released that brute-forced the correct CD key for Windows Vista. Martin McKeay did the math and let's just say, it'll take a really long time for anybody to brute force a key with available processing power we have [...]
Posted by Marcin on Sunday, March 4, 2007 in
Security and
Tech.
Do tools make us dumber? I don't agree with the idea exactly, as they are just that, tools. Tools are just another level of abstraction from thinking at a lower level. It's what distinguishes an engineer from a kit builder. Who here wants to program in [...]
Posted by Marcin on Sunday, February 25, 2007 in
Intelligence,
Security and
Tech.
Why are so many conferences filled with so much marketing dribble? I planned on going to a lot more talks while at SCALE but only attended one in its entirety. Some presenters started off their presentation stating they would "market" their product for [...]
Posted by Marcin on Monday, February 12, 2007 in
Other and
Tech.
While in L.A. at SCALE, I attended "Admin++, What root Never Told You," by Ron Gorodetzky, sysadmin for Digg.com and Revision3. His presentation gave some insight and tidbits on the things you forget when you have your own startup, and the other problems [...]
Posted by Marcin on Monday, February 12, 2007 in
Linux and
Tech.
I'm heading out to Los Angelos for the 5th Annual Southern California Linux Expo. I'll try and post inbetween sessions (that is... whenever I can). I'll be attending these talks: Leveraging the IT Community (This talk is focused on a building a new broad [...]
Posted by Marcin on Friday, February 9, 2007 in
Linux,
Security and
Tech.
Pretty funny: http://www.youtube.com/watch?v=X4FF_aT_mE8
Posted by Marcin on Tuesday, February 6, 2007 in
Security and
Tech.
Linus released kernel v2.6.20 (tar.bz2) to the public today, adding virtualization support through KVM and relocatable kernel support for x86, among other changes. The latter feature is an interesting one from a security perspective and for kdump users. [...]
Posted by Marcin on Sunday, February 4, 2007 in
News,
Security and
Tech.
My staging servers cannot boot from CD-ROM, therefore I use a boot disk. For this reason alone, I have floppy drives in all my systems. I also save time by booting from floppy disk and installing operating systems over the network. A tip for anyone who's [...]
Posted by Marcin on Wednesday, January 31, 2007 in
Security and
Tech.
Literally right after RSA, SCALE is happening February 10th and 11th. I plan on making the drive out with several other friends from school. The presentations I'm looking forward to: New & Improved: How a More Modern IT Security Model Can Better Protect [...]
Posted by Marcin on Tuesday, January 30, 2007 in
News,
Security and
Tech.
Guy Kawasaki has a very interesting blog and today posted "The top 10 stupid ways to hinder market adoption." Supporting only Windows Internet Explorer. What Guy fails to mention, is having a website that's always available to its users. Supporting only [...]
Posted by Marcin on Monday, January 29, 2007 in
Security and
Tech.
A couple students at my school hacked our Christmas tree. You can control it. You'll have to open up two browser windows to view the cameras and control it simultaneously(to prevent abuse). It's been featured on Make and some more pictures here. The web [...]
Posted by Marcin on Monday, December 4, 2006 in
Links and
Tech.
If investing into an IT services company is something you are interested in, Morningstar published their Picks Among U.S. IT Service Providers. Great for the personal investor looking to make a couple bucks in their trading account, but if you're a [...]
Posted by Marcin on Friday, November 17, 2006 in
Tech.
A new version of Gaim has been released, 2.0.0beta5. I cannot find release notes on this version, but I am going to try it out now. We'll see if they have fixed the url translation bug when using the Jabber protocol.
Posted by Marcin on Friday, November 10, 2006 in
Tech.
With all the problems and flaws in electronic voting machines being exposed over the past couple months, I'd like to know why there hasn't been any effort in designing a new voting system from scratch. What does an electronic voting machine need to be [...]
Posted by Marcin on Monday, October 30, 2006 in
Links,
Security and
Tech.
Pat unleashed Slackware 11.0 tonight, with an official announcement. Xfce 4.2.3.2, a lightweight and fast desktop environment is now available along with KDE. Still included is the tried and true 2.4.33.3 kernel, with an available 2.6.17.13 or 2.6.18 [...]
Posted by Marcin on Tuesday, October 3, 2006 in
Tech.
Woohoo! This free PDF reader finally reached version 2. Best thing about Foxit Reader is that it's fast, self-executable, and takes up a small memory footprint. Grab it here, thank me later.
Posted by Marcin on Wednesday, September 13, 2006 in
Tech.
The Firefox development team released Firefox 2 Beta 2 today. I have a couple visual gripes in version 2, like the inability to easily remove red "X" on tabs through an options menu item, and the addition of a green "go" arrow to the right of the address [...]
Posted by Marcin on Friday, September 1, 2006 in
Tech.
Everytime I see Bigfoot's "Killer" NIC being mentioned on websites and forums, I just have to laugh. It's got interesting features like: bypassing the Windows TCP/IP stack and processing within the hardware, and running embedded Linux that's accessible [...]
Posted by Marcin on Wednesday, August 30, 2006 in
Tech.
