| |
I am a hacker and you are afraid and that makes you more dangerous than I ever could be. |
|
Topic: Miscellaneous |
4:48 pm EDT, Aug 19, 2009 |
Its 2009. If your company advertises their security product as doing "CGI auditing" no one is going to take your Layer 7 offering seriously... |
|
Schneier on Security: The Continuing Cheapening of the Word 'Terrorism' |
|
|
Topic: Miscellaneous |
3:28 pm EDT, Aug 19, 2009 |
The Continuing Cheapening of the Word "Terrorism" "Terroristic threats"? A pickup truck driver is accused of trying to run over a bicyclist and then coming after him brandishing an ax after a road-rage incident in Burnsville last weekend. The driver, Mitchel J. Pieper, 32, of Burnsville, was charged in Dakota County District Court on Tuesday with making terroristic threats, a felony, in connection with the altercation Saturday. The bicyclist was not seriously hurt. Seems like a normal threat to me. Or assault, with intent to do bodily harm. What's wrong with those criminal statutes? Let's save the word "terrorism" for things that actually are terrorism.
Exactly. I'm getting pretty annoyed with all these DA recently who are pursuing overblown charges to get some bona fides for their political future. Maybe this has always happened and I just didn't notice it because it was not in the computer/national security space. Schneier on Security: The Continuing Cheapening of the Word 'Terrorism' |
|
Microsoft Monopoly hurts again. |
|
|
Topic: Miscellaneous |
2:40 pm EDT, Aug 19, 2009 |
Yup, I think you read that correctly (if you can see the type). No processor over 2GHz, no screen over 10.2-inches, only 1GB of RAM, at most 250GB of hard drive space.
This is pretty lame. Heard a report on Marketplace yesterday that Netbooks make up 20% of all laptop sales. This is a pretty clear example of Microsoft's monopoly and the problems that causes. Clearly there is a demand in the market place of the Netbook product class. Clearly it is in the interests of Microsoft and the traditional Laptop OEMs to sell laptops instead of netbooks due of the margins they make. Microsoft is using its operating system dominance to harm the Netbook market. It is artificially and arbitrarily restricting OEMs from using the low cost versions of Windows except on an extremely small subset of current and future Netbooks. Instead, it requires OEMs use a more expensive version of Windows 7 which will make the current Netbook market price-point impossible. Should companies be able to decide for themselves the price and usage of their products? Of course, because if their decisions do not satisfy the market someone else can come in and fill that need. The problem is Microsoft is a monopoly and so no one else can easily come in and address the need. Microsoft's business interests are in direct conflict with the market and the consumers' interests. Due to its size Microsoft will win and we all lose. I have a fundamental problem with this. Microsoft Monopoly hurts again. |
|
Timefire: On Reducing the Size of Compressed Javascript (by up to 20%) |
|
|
Topic: Miscellaneous |
1:55 pm EDT, Aug 19, 2009 |
One idea I started to think about was to repurpose Document Clustering techniques towards code. Document Clustering is commonly used in information retrieval systems to find related documents. Typically, a document is encoded using some technique to measure word importance, such as representing each word by its term frequency inverse document frequency. Then, any two documents can be compared by some distance metric, for example, taking the tf-idf weightings of terms as a vector in N-space and computing the cosine between them. In this case, we'd let each function be a separate document, and the entire program be like the corpus of documents. We'd then choose some encoding to weigh Javascript grammar nodes by importance in a way that would produce good LZ77 matches, and then proceed in a bottom-up clustering fashion. First, we'd construct all the pairs of functions which match best. Pick a function, pair it with its best match, call that Cluster 1. Pick another function, pair it with its best match, call that Cluster 2, and so on. After this procedure is done, pick a Cluster, and find its nearest Cluster (according to some metric) and pair them up in a Cluster of 4 functions. After that's done, pair up 4-Clusters into Clusters of 8, and so on, until the final cluster encompasses the whole program.
The idea to rearrange the layout of functions in a JS file to better utilize the sliding window characteristics of the Deflate compression algorithm is very sexy! Timefire: On Reducing the Size of Compressed Javascript (by up to 20%) |
|
Bad Behavior Anti-bot Screener not very good |
|
|
Topic: Miscellaneous |
12:57 pm EDT, Aug 17, 2009 |
Instead, Bad Behavior pioneered an HTTP fingerprinting approach. Instead of looking at the spam, we look at the spammer. Bad Behavior analyzes the HTTP headers, IP address, and other metadata regarding the request to determine if it is spammy or malicious. This approach has proved, as one user said, “shockingly effective.” After all, spammers write their bots on the cheap, and have little incentive to code very well. If they could code very well, they probably wouldn’t be spammers.
Ran across a blog "protected" by this today. Pretty liberal use of the word "fingerprint." It doesn't even check if the "Accept" header value is valid for a given "User-Agent" header. In fact, base bones all you need is:
GET / HTTP/1.1
Accept: */*
Host: [host]
blog.xmpp.org uses this so you can play with any HTTP editor. Bad Behavior Anti-bot Screener not very good |
|
Feds Support $1.92 Million RIAA File Sharing Verdict | Threat Level | Wired.com |
|
|
Topic: Miscellaneous |
4:58 pm EDT, Aug 14, 2009 |
The Obama administration told a federal judge Friday the $1.92 million jury verdict against a Minnesota woman for sharing 24 music tracks on Kazaa was constitutionally sound, despite defense claims it was unconstitutionally excessive.
Oh you got to be kidding me! Feds Support $1.92 Million RIAA File Sharing Verdict | Threat Level | Wired.com |
|
Topic: Miscellaneous |
4:50 pm EDT, Aug 14, 2009 |
John Terrill: Its 8am Airport bar doesn't open yet. Although, if it was I'd be there. And them pull some airport bathroom booty. Like larry craig minus the gay. Billy: I'm putting this on Memestreams. John:I would expect nothing less of you ;) on a side note, I just told some chick that I invented velcro shoes when I was a kid so now I'm retired. She wants me.
|
|
Career Limiting Moves: #1 |
|
|
Topic: Miscellaneous |
4:00 pm EDT, Aug 13, 2009 |
Career Limiting Moves #1: Shooting the big boss in the temple with a rubber band. |
|