The slides | tool | paper from BlackHat07/DefCon07 have been posted online for your wget’ing pleasure. More details on squeeza (the tool) can be found on the squeeza page, but in a nutshell is a...
I meant to blog this whilst I was still in Vegas, but only got around to it now. Its arb, but worth a bit of thinking… Kenneth Geers’ talk titled ‘Greetz from Room 101’ was on which countries have...
Ok.. so its a lot later than i promised, but i did mention that i would post some feedback on some of the talks i ended up catching at this years BlackHat. By far the talk that grabbed the most...
OK.. So as i mentioned before, I saw Robert Graham from Erratasec demo hamster live on stage and wondered if hamster was doing useful input/output sanitization.. If it wasn’t, he was setting...
SensePost is an exciting & dynamic young company with strong values & a world vision. We specialize in high-end technical security services & we’re looking for exceptional people to help grow our...
Hernan Ochoa from Core has released the Pass the Hash Toolkit which is very cool.. It basically means that you dont have to bother cracking a password on a taken machine anymore, you can simply...
I suspect somewhere there exist cardinal rules of blogging which would state that using a single post to make 2 completely un-related posts is a no-no.. I will now promptly ignore it 2 push out 2...
For all those guys who usually scoff at CSI / Police Movies where the detective shouts “enhance image” or remove that person, you have to admit that life dos indeed imitate art.. (Click image or...
BMC did his 90 minute engedu talk on DTrace at google to show some of its coolness (and from the looks of things to help get a Linux port going). DTrace looks awesome for system instrumentation...
Some of you will know that i finally moved out of the shoe box i lived in for 6 years and moved into a house (about 3 months ago) Since then i have replaced 3 different light bulbs at different...
I cant recall who said it in yesterdays meeting, but my response is simple: http://begthequestion.info/
In Vegas I bought Herman “Exploiting Online Games” by Greg Hoglund and Gary McGraw. Being the saint that I am, I looked at the book thoroughly on the plane on the way home. Fortunately I was able...
For those of you haven’t yet seen, the J.S.E listed SecureData bought 100% of the shares in SensePost late last week.. We have had many offers over the past few years and while the money was...
If a picture is worth a 1000 words, then i dont want to know what this reads…
I’ve ranted a few times about things i hate about the way we “do medicine”. (Doctors are not alone here.. i cant believe that in the age where we operate on the eye with lasers and see production...
ok.. so a long time ago we tried the you-tube mentos stuff and happily wasted time (and coke) in the office parking lot.. (of course this was after half assed attempts to mimic the experiments...
Steven Murdoch over at lightbluetouchpaper did an investigation into the Privila internship program.. What was also cool however was that he threw together a quick visualization of the data Moving...
Courtesy of afx:
A recent maillist thread shows that the DC15 videos are anow available online [here] Our video (although my voice sounded alot better in my head than it does on video) is available [here]
In early 2002 i suggested that we could solve some computer problems and south africas street-kid problem by setting up a network of street=kids with basic education to handle tasks computers...
’twas only a matter of time before various FaceBook developers started cashing in on the amount of personal info they can collect… http://www.theregister.co.uk/2007/09/12/facebook_compare_people/...
These days its almost impossible to read a book on security or vuln-dev without a gratuitous IDA-Pro screenshot. IDA has proven itself so valuable at reversing that its near impossible to find...
The Symantec Security blog has an article titled “Botnets: not just for spamming anymore“. Interestingly we are now starting to see the use of botnets for more than just simple spamming (or...
but the last Scott Adams posting on the Iranian presidents US visit has to be the best piece i have read in a long long time..
This will probably get cleaned up soon, but thats a huuuuuuuge robots.txt [ http://www.whitehouse.gov/robots.txt]
saw this in my RSS reader, the null poison byte makes a comeback! Until it gets fixed, you can view here.
We just finished presenting an HBN Bootcamp and an HBN Combat Edition in Lausanne, Switzerland. A lot of people don’t know that we do this format – small courses on location worldwide. Its a...
Something we preach very strongly in our training is the importance of an understanding of the underlying technology / application / issues, and being able to dig into the core of an issue, not...
Royal pingdom did a quick check on what was running at some of the more popular sites on the Internet and end up with the following table: Its intersting for a whole bunch of reasons that im...
Way back in 2000 i bought my kid sister a Sony PlayStation.. I have never been a big gamer (not since arcade games when i was tiny) but a reliable source at work convinced me to play Metal Gear –...