Hinweis
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, sich anzumelden oder das Verzeichnis zu wechseln.
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, das Verzeichnis zu wechseln.
Software Security . . . and stuff.
This week's Fail Open Goat Award goes to - Credit Card Processing
https://www.veracode.com/blog/2008/10/credit-cards-failing-open/
Date: 11/02/2008
Microsoft SideSight?
Looks cool: https://www.gearlog.com/2008/10/microsofts_sidesight_something.php
Date: 10/29/2008
SmoothHD
Akamai / IIS7 / SilverLight 2.0 / VC-1 == HD over broadband happiness. It's sort of cool - the video...
Date: 10/29/2008
Mass SQL Injection : The Chinese Way
The blog pretty much speaks for itself:...
Date: 10/23/2008
Out of band security update planned for today (MS08-067)
Updated 10/23/2008 @ 1:17pm ESTWe have pushed the update live - here's the direct link to the...
Date: 10/23/2008
Flash 10 & IE8b2 Per Site ActiveX
So I've got IE8b2 installed on all of my machines and I've noticed that since installing Flash 10...
Date: 10/22/2008
Flash 10 is out - install it like . . . yesterday.
If I were a bad guy and I wanted to pwn lots of people via the web - I'd probably focus my efforts...
Date: 10/17/2008
MAPP + Exploitability Index == Protected Customers, Better Security Update Prioritization
Today we officially launched our MAPP program...
Date: 10/14/2008
Shostack on "Threat Modeling"
Adam Shostack is incredibly smart - and he also happens to be responsible for managing the threat...
Date: 10/13/2008
iPhone running WM 6.1?
Okay - I'm not sure if this is real or not - but the interview itself is hilarious - the questions...
Date: 10/13/2008
I'm a PC and I fight for the users . . .
Tron Guy makes a cameo in our "I'm a PC" video wall:...
Date: 09/22/2008
Extreme Ad Makeover - We are now entering "the 2nd phase"?
You know, I have one simple request. And that is if we are to have an ad campaign with sharks, that...
Date: 09/18/2008
Zune 3.0 - Using wifi to download songs right from the ZMP (speed test)
Today a friend asked me how fast downloading songs / albums from the ZMP was and I had to admit - I...
Date: 09/17/2008
GOVCERT.NL and German authorities recommend against installing Chrome!?
It was only a matter of time - the first few days worth of bugs were so bad I gave up covering them...
Date: 09/12/2008
Why I'm not running Chrome anymore (back to IE8 beta 2 for me)
https://www.milw0rm.com/exploits/6367Long strings leading to stack overruns? Really Google? Srsly? I...
Date: 09/05/2008
It begins . . .
UPDATE: Go here and watch the video - it's higher resolution and better:...
Date: 09/05/2008
On Chromium and Practical Windows Sandboxing
UPDATE 9/13/2008: The authors of the Chromium whitepaper linked to below wrote to me the day after I...
Date: 09/03/2008
Google Chrome coming today? Launch early and iterate? srsly?
UPDATE: Reading the Google chrome comic that I received offline - man, I have to admit, this does...
Date: 09/02/2008
The truth about the Dowd / Sotirov Vista memory protection bypass stuff
Good short interview with Sotirov who clarifies what actually happened at Blackhat for some folks:...
Date: 08/12/2008
Happy Patch Tuesday - Random thoughts
The SnapShot Viewer 0-day that has seen limited exploitation in the wild is now patched - here's an...
Date: 08/12/2008
VMWare Fail Closed Goat Award
Here's one for the schadenfreude files - VMWare users running ESX 3.5.x Update 2 will be unable to...
Date: 08/12/2008
OpenID Fail Open Goat Award
Really interesting that CRL checks aren't baked into a lot of open source OpenID providers:...
Date: 08/08/2008
Today's Fail Open Goat Award goes to: Insecure 3rd party software updaters
You'll notice Microsoft's auto-updaters (Windows Update / Microsoft Update / Automatic Updates) are...
Date: 07/29/2008
2% of a big number, is a big number
Don't be evil.https://blogs.pcmag.com/securitywatch/2008/07/google_blogger_hosts_2_of_worl.php
Date: 07/24/2008
Microsoft Mojave
"We are here in San Francisco, where we've secretly replaced the fine operating system these people...
Date: 07/24/2008
Antivirus fail . . .
Lately I'm not a big fan of AV and it amazes me that AV hasn't been beaten up more badly than it has...
Date: 07/24/2008
DNS Fail Open Goat Award
Kaminsky's flaw has a metasploit module: https://www.caughq.org/exploits/CAU-EX-2008-0002.txt On the...
Date: 07/23/2008
Pwnie Awards - Vista nominated for . . .
Most Epic Fail: https://pwnie-awards.org/2008/awards.html#fail Gee . . . I hope we . . . win? No . ....
Date: 07/22/2008
Dan's DNS checker - We need a new ship!
Heres' an interesting, somewhat reflective blog from Kaminsky on security researcher drama, and how...
Date: 07/13/2008
Chris Rohlf joins Matasano
I have mad respect for Matasano and I can't believe a friend of mine now works...
Date: 07/13/2008
Memory dumpers for Windows
So I still get IR related questions on occasion . . . one of which being 'what is the best way to...
Date: 07/03/2008
Adobe Acrobat 9 - Creamy Security Goodness (on Vista / WS2008)
So I noticed yesterday that Adobe had quietly released Acrobat 9 to the web. I decided to download...
Date: 07/03/2008
Dino secretly wants Apple to release 64bit Vista
Interesting article from Dino: https://blogs.zdnet.com/security/?p=1325 Vista x64 has like . . . 4.5...
Date: 06/24/2008
Today's FOGA goes to Google for (implicitly) admitting they have a problem (via stopbadware.org)
Man - not sure why this didn't grab the media's attention until today:...
Date: 06/24/2008
SQL injection is teh suck . . .
So do something about it:...
Date: 06/24/2008
Security 'silly season' has officially begun . . .
In Formula 1, silly season usually begins near the middle to end of the F1 calendar (although it...
Date: 06/24/2008
Microsoft Blogs and Web Resources about Security
This guy has spent an insane amount of time collecting and organizing useful security links . . ....
Date: 06/19/2008