As is common with many blogs, my public ramblings on this site are made possible through the ease of use and flexibility of the mysql/php based software known as wordpress.. And again, as is common to much php/mysql based software, that package has vulnerabilities – sometimes serious, remotely exploitable vulnerabilities. When vulnerabilities are made public, …
I am not a cliche
“all your snacks are belong to us”
webcam on the slug
trivia’s visitors
the latest from El Reg
- 'Dated and cheesy' Aero ripped from Windows 8 2012/05/21
- Google snubs Euro watchdog's 'abuse of dominance' claims 2012/05/21
- ALL NHS patient records online by 2015 2012/05/21
- IBM parks parallel file system on Big Data's lawn 2012/05/21
- NVIDIA VGX VDI: New tech? Or rehashed hash? 2012/05/21
- Audi proposes PC-packing stunt bikes 2012/05/21
- Met cops' CSI mobe-snoop tech sparks privacy fears 2012/05/21
- Does private cloud follow virtualisation? 2012/05/21
- IP law probe MPs hunt for smoking gun, find plenty of smoke 2012/05/21
- Nasdaq red-faced after software snafu stalls Facebook IPO 2012/05/21
- Core Wars: Inside Intel's power struggle with NVIDIA 2012/05/21
- Ouch! Facebook falls below IPO value in pre-trading on Nasdaq 2012/05/21
- What's copying your music really worth to you? 2012/05/21
- Brussels throws antitrust settlement lifeline to Google 2012/05/21
- Resistance is futile? Memristor RAM now cheap as chips 2012/05/21
- Another NHS trust coughs up £90k fine for lax fax acts 2012/05/21
Category Archive: security
Aug 02 2009
zf05
I really missed the old phrack magazine. Some of the “loopback” entries in particular are superb examples of technical nous, complete irreverance and deadpan humour. One of my favourites (from phrack 55) appears in my blogroll under “network (in)security”. I am particularly fond of the observation that details of how to exploit old vulnerabilities are …
Jul 05 2009
tor on a vps
I value my privacy – and I dislike the increasing tendency of every commercial website under the sun to attempt to track and/or profile me. Yes, I know all the arguments in favour of advertising, and well targeted advertising at that, but I get tired of the Amazon style approach which assumes that just because …
Mar 29 2009
bad science and worse
I’m a big fan of Ben Goldacre’s “bad science” column in the Guardian. He is particularly scathing about quackery and spurious medical science. His views of “Dr” Gillian McKeith in particular are well worth reading. Whilst I was reading one of his columns recently, I was reminded of another “Dr” who seems to get away …
Dec 24 2008
and yet more DNS lunacy
A company called Unified Root is offering to register new top level domains in advance of the proposed ICANN changes. The company describes itself in the following terms: “UnifiedRoot (Unified Root) is an independent, privately owned company, based in Amsterdam, which makes corporate and public top-level domains (TLDs) available worldwide. Through our own efforts and …
Dec 24 2008
more DNS silliness
I came across an interesting post on Avert labs site recently. That post pointed to an earlier SANS posting, which in turn, referenced a Symantec discussion of a new Trojan called Trojan.Flush.M. This trojan is an interesting variant of a class of trojans which hijack local DNS settings to force the compromised machine to use …
Sep 25 2008
gun, foot, shoot
As a chartered member of the British Computer Society (BCS) I recently received through the post my voting forms for the 2008 AGM. The process gives me the option of voting electronically using a website run by Electoral Reform Services. My security codes (two separate numeric IDs, one of six characters, the other of four) …
Sep 12 2008
webanalytics – just say no
I have just built myself a new intel core 2 duo based machine to replace one of my older machines which was beginning to struggle under the load of video transcoding I was placing upon it. The new machine is based on an E8400 and is nice and shiny and fast. Because it is a …
Aug 10 2008
trusting DNS
Dan Kaminsky has (quite rightly) been hitting the press a lot in the weeks since 8 July when he announced the work done to fix a flaw he had discovered in DNS. The vulnerability itself was new, but its impact (cache poisoning) was not. Indeed, we’ve known about the dangers of poisoned DNS caches for …
Jul 22 2008
implementing mailman and postfix with lighttpd on debian
I recently needed to set up a mailing list for a group of friends (my bike club). I had become tired of mail bounces and failures because we were all relying on an out of date list of addresses originally cobbled together by one member. That list of addresses was routinely used in “reply all” …
why phbs are phbs
the national security debate
are you sure you want that mobile phone?
unix gurus in hell
