| |
| I am a hacker and you are afraid and that makes you more dangerous than I ever could be. |
|
|
|---|
| Topic: Miscellaneous |
11:04 am EST, Dec 15, 2008 |
You won't buy our shitty cars.
So we'll be taking your money anyway.
The 2009 Bailout Car Ad |
|
President Bush at Summercon |
|
|
|---|
| Topic: Miscellaneous |
10:22 am EST, Dec 15, 2008 |
Billy: [slurred] If I'm not making any sense ya'll just throw a shoe at me or something... [WHUMP!] (as shoe hits projector screen) Billy: ... Well ok then... [continues drunken hacker con preso] President Bush at Summercon |
|
Content Handling Mechanisms |
|
|
|---|
| Topic: Miscellaneous |
11:17 am EST, Dec 11, 2008 |
Content handling mechanisms The task of detecting and handling various file types and encoding schemes is one of the most hairy and broken mechanisms in modern web browsers. This situation stems from the fact that for a longer while, virtually all browser vendors were trying to both ensure backward compatibility with HTTP/0.9 servers (the protocol included absolutely no metadata describing any of the content returned to clients), and compensate for incorrectly configured HTTP/1.x servers that would return HTML documents with nonsensical Content-Type values, or unspecified character sets. In fact, having as many content detection hacks as possible would be perceived as a competitive advantage: the user would not care whose fault it was, if example.com rendered correctly in Internet Explorer, but not open in Netscape browser - Internet Explorer would be the winner. As a result, each browser accumulated a unique and very poorly documented set of obscure content sniffing quirks that - because of no pressure on site owners to correct the underlying configuration errors - are now required to keep compatibility with existing content, or at least appear to be risky to remove or tamper with.
Content Handling Mechanisms |
|
Browser Rider - A hacking framework for browser exploitation |
|
|
|---|
| Topic: Technology |
11:18 am EST, Dec 3, 2008 |
“Browser Rider” is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit. Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out there are unmainted, not updated and not documented. Browser Rider wants to fill those gaps by providing a better alternative.
This is neat. Check out the video and the online demo. Also the source if available. Browser Rider - A hacking framework for browser exploitation |
|
|
|---|
| Topic: Miscellaneous |
10:27 am EST, Dec 3, 2008 |
On Tuesday, software-as-a-service company Zoho announced CloudSQL: a new, cloud-friendly middleware layer giving cloud applications access to its SaaS reporting and database software, Zoho Reports. Though still in its early stages of development, CloudSQL will bridge the gap between software-as-a-service, cloud computing, and on-premises software by allowing cloud developers to access data on Zoho's servers through web services, and on-premises developers to access it using SQL as if it were a conventional database.
Latency? CloudSQL? |
|
|
|---|
| Topic: Miscellaneous |
9:43 pm EST, Dec 2, 2008 |
Do an HTTP GET on http://www.ad-tech.com:80/ny/ and you get a 200
Do an HTTP HEAD and you get a socket close. Odd. |
|
Are you fucking kidding me? |
|
|
|---|
| Topic: Miscellaneous |
8:42 pm EST, Dec 2, 2008 |
On Monday, in response to a question about vuln disclosure, I had someone in Switzerland tell me "Why are you wanting to help other companies find and fix bugs or vulnerabilities in their products. That's not our business" Today I had someone in the UK tell me that, despite making an international detour to visit 3 countries on his behalf, his group would not be paying for the travel. After I've already made the trip. Are. You. Fucking. Kidding. Me? Its only Tuesday and I've already got 2 reasons to pull one of these... [breath breath breath, go to your happy place] |
|
