If you like this, you can use flattr. ;)
- Quickpost: Inspiring Windows software profilers and checkers
- 0x41 - back to bugs
- low footprint/hardware assisted virtualization with Linux and GrSec
- Postfix troubleshooting - a security nightmare
- New content soon
- 0x41 - (weekly) exploitation matters - Vista Heap, scripting debuggers with debug libs and how to learn to use that knowledge
- 0x41 - weekly exploitation matters - Shellcode and frameworks
- Explicit and implicit security in software development - measures and change
- 0x41 - weekly exploitation matters - Heap overflow fundamentals
- 0x41 - weekly exploitation matters - About
- wishinet: checking out GDB with Dtrace support for OS X... (1.9.2). Should be interesting.
- wishinet: RT @bfoo: Worth reading: http://merbist.com/2010/08/22/discussion-with-a-java-switcher/
- wishinet: nächstes Jahr Taikai in Nürnberg (http://www.taikai.de/) - und nu aus Nürnberg total groggy in die Falle! ;)
UnprotectedHex - about formal software verification
Sean's blog
Xecurity - a security feed collecter
Reddit RCE group
Freedom To Tinker
Emergent Chaos
Woodmann RCE forums
OpenRCE community forums
SecViz - security data visualization
DAVIX Live - for security metrics
Hex Live
Security Metrics
Immunity's Free Software
Core Security's OpenSouce research
Zynamics Blog
regulation
Explicit and implicit security in software development - measures and change
Tue, 03/23/2010 - 22:28 | wishi
Fix your bugs!
I recently had an interesting discussion with several people involved into software-development of certain product that not the most secure in the planet. In fact it's one these projects whose names regularly pop up in various advisories. What a great popularity push...
It doesn't seem to bother anybody. Because: "Soon Vista will be the standard and that will mitigate these attacks."
Implicit and explicit
Implicit security - let's define that for a moment - is security that is built in into a platform. If you plan to deploy for Windows Vista there're a bunch of security enhancements that come with the newer operating system. Therefore you passively inherit at least some security - as long as you don't run stuff in compatibility mode.
Tags: So fast - so weekly: teaching the hacks
Sun, 05/17/2009 - 19:17 | wishi
nowadays with "Agent Smith sunglasses" and TFT
We don't teach you...
I recently joined a channel on Freenode IRC and asked where to find some documentation for a special Metasploit auxiliary module, that was very new in the SVN repro. hdm sometimes is lurking around, people there normally are very friendly and helpful. It turned out not to be that typical day: "We don't teach you how to hack [...] use Google" - But we use your exploits?!
Greetings from Chinopa - about the art of indirect restrictions
Tue, 05/05/2009 - 19:20 | wishi
old DDR customs official's watchtower
There's no censorship in free democratic states?
The Federal Republic of Germany begins to restrict information access for its citizens (again) - in the uttermost dubious and ineffective way. Due consistent lack of technical knowledge and unnatural high resistance against arguments freedom of speech is about to cease to exist. Within the borders where some time ago poets, thinkers and libertines had a right to simply express themselves, those troublemakers nowadays are to be silenced.
So fast - so weekly: Hackers used for US budget affairs
Sun, 04/26/2009 - 17:14 | wishi
All I can say: yes, affordable now.
Keeping the tradition of the blog up... just a short write-up this week. Lots of other dings to do. Nevertheless I had some fun with the recent top security news.
