Michal Zalewski (aka lcamtuf) has just announced that google is changing the terms of its vulnerability purchase program. The google announcement says: Today, to celebrate the success of [the program] and to underscore our commitment to security, we are rolling out updated rules for our program — including new reward amounts for critical bugs: $20,000 …
I am not a cliche
“all your snacks are belong to us”
webcam on the slug
trivia’s visitors
the latest from El Reg
- 'Dated and cheesy' Aero ripped from Windows 8 2012/05/21
- Google snubs Euro watchdog's 'abuse of dominance' claims 2012/05/21
- ALL NHS patient records online by 2015 2012/05/21
- IBM parks parallel file system on Big Data's lawn 2012/05/21
- NVIDIA VGX VDI: New tech? Or rehashed hash? 2012/05/21
- Audi proposes PC-packing stunt bikes 2012/05/21
- Met cops' CSI mobe-snoop tech sparks privacy fears 2012/05/21
- Does private cloud follow virtualisation? 2012/05/21
- IP law probe MPs hunt for smoking gun, find plenty of smoke 2012/05/21
- Nasdaq red-faced after software snafu stalls Facebook IPO 2012/05/21
- Core Wars: Inside Intel's power struggle with NVIDIA 2012/05/21
- Ouch! Facebook falls below IPO value in pre-trading on Nasdaq 2012/05/21
- What's copying your music really worth to you? 2012/05/21
- Brussels throws antitrust settlement lifeline to Google 2012/05/21
- Resistance is futile? Memristor RAM now cheap as chips 2012/05/21
- Another NHS trust coughs up £90k fine for lax fax acts 2012/05/21
Tag Archive: network security
Apr 18 2012
now switch it back on
Bugtraq can be an interesting list. Back in June 2008 I noted that one Craig Wright had posted an advisory about a vulnerability in an Oral B toothbrush. Well, just over a week ago a chap called Gabriel Menezes Nunes posted a proof of concept remote denial of service attack on a Sony Bravia television …
Jan 22 2012
moxie’s proxy
Moxie Marlinspike, a security researcher probably best known for his SSL proxy tool, likes google even less than I do. His googlesharing website says: “Google thrives where privacy does not. If you’re like most internet users, Google knows more about you than you might be comfortable with. Whether you were logged in to a Google …
Jan 12 2012
t-mobile resets its policy?
As I have mentioned in other posts here, I run my own mail server on one of my VMs. I do this for a variety of reasons, but the main one is that I like to control my own network destiny. Back in October last year I noticed an interesting change in my mail experience …
Dec 19 2011
tunnelling X over ssh
OK, yes, I know there are probably already a gazillion web pages on the ‘net explaining exactly how to do this, but I got caught out by a silly gotcha when I tried to do this a couple of days ago, so I thought I’d post a note. Firstly, X is not exactly a secure …
Jul 18 2011
who are you going to call
Like most email users I get my fair share of spam and other internet crud. Mostly I ignore it, but I received an intriguing email a couple of days ago which purported to be a mailer daemon “Delivery Status Notification” informing me of a failed delivery to some address I had not even heard of. …
Jan 23 2011
damn, I think I got hit by a 419er
I am normally pretty careful about my on-line security and privacy. I take a lot of care to ensure that my home network is nailed down tightly and all the clients and servers on it are also nailed down as well as I know how. I don’t use software which is susceptible to the majority …
Sep 25 2010
professional ability
I was skimming through a series of security related sites last week when I came across an article referring to someone described as something like “A Person, M.Inst.ISP, CISM, CISSP, MBCS, CITP, BSc, Director of etc…..” and I found myself wondering what that all actually meant. Yes, I know what the letters stand for, hell …
Aug 01 2010
autossh – or how to use tor through a central ssh proxy
Since I first set up a remote tor node on a VPS about this time last year, I have played about with various configurations (and used different providers) but I have now settled on using two high bandwidth servers on different networks. One (at daily.co.uk) allows 750 Gig of traffic per month, the other (a …
Aug 02 2009
zf05
I really missed the old phrack magazine. Some of the “loopback” entries in particular are superb examples of technical nous, complete irreverance and deadpan humour. One of my favourites (from phrack 55) appears in my blogroll under “network (in)security”. I am particularly fond of the observation that details of how to exploit old vulnerabilities are …
why phbs are phbs
the national security debate
are you sure you want that mobile phone?
unix gurus in hell
