crazylazy.info

Is everybody being deceptive?

When we're not there, we aren't there to know that we're not there.

I recently listened to the 7th episode of the Social Engineering podcast. - That made me take some notes, and I think I remember some quotes.
In short it was simply about using familiar routines - or those routines which should be familiar - in order to successfully blind somebody else's mind into a routine workflow.

It's the famous data-kraken! He'll get us all.

When I was playing around with Facebook lately to setup an excuse account with my valid eMail address, in case some retard wants to impersonate me, I found out that social networks not only collect member data. Newer (iPhone/i* - stuff) applications for example make users synchronize their phone contacts into these web-services.

IDEA is OpenSource now

IntelliJ's IDEA 9 has an OpenSource community edition that is freely available for Windows, MacOS and Linux. It has got tons of features, even in the free edition. Most stuff that's not in the free Community Version isn't stuff I'd use for private programs. IDEA - in any version - has got Git support, best Java support out there, nice GUI builders, JUnit support, and a neat debugger. Things it lacks are some Emacs features I'm accustomed with. But the unique project structure lets us use any editor we want in order to perform the following workflow:

Active editing in short

adjustable split keyboard, trackball, good monitor... that's essential and often forgotten

Most probably my last post for this year. I didn't post too much security related stuff lately. - But I'm very sure that will change soon.

This nerdy problem: all keyboards suck!

A rough overview

Vitalization and its flavours... man that stuff blew up. Because it's really mind-blowing if you're setting up virtualization for every-day use here's a rough overview on what flavours exist and how well they scale. Most times I use combined approaches depending on the needs of applications.

No more emulation

When it comes to the commandline administrators all over the Windows worlds nowadays think of Cygwin or Powershell. However Cygwin is a special layered environment and Powershell is .Net dependant and not very reactive.
Therefore I tend to turn back to the good old DOS-like commandline and add some stuff to the environment path in order to ease my life. However many people may think that extending your commandline tools doesn't help you in situations where you don't find these tools: on Windows the commandline is just an extra. The following stuff of course doesn't help you to do post-exploitation or to show of at your friends machine. But it helps to save time. My time ;).

UnixUtils

wishi's Fuzz-Box

A Fuzz-Box for me is a standalone machine. It has to:

• host multiple virtual machines at once (max 2 in my case)
• effectively manage ~4 GB RAM
• be Linux compatible with, stable clean device drivers
• energy efficient and ergonomically able to run 24h/day 7d/week...

Scaling Hardware?

You don't want a performance monster. - Or a gaming machine. And you do not want trash, because you're going to spend valuable time with it.