| |
I am a hacker and you are afraid and that makes you more dangerous than I ever could be. |
|
Topic: Technology |
1:25 pm EST, Feb 1, 2007 |
Why oh why does Firefox send an HTTP request when I click "View Source?" I already have the source! Its being rendered! Its in the cache! Why the hell are you fetching it again? This is especially nasty when looking at the source for the response to an HTTP POST. That's it. Firefox is going on my "punch in the face" list. |
|
Topic: Arts |
3:27 pm EST, Jan 31, 2007 |
Saw this today on RocketBoom. Step 1- Get Some Maggots Step 2- Dunk them in paint Step 3- Profit! Maggot Art |
|
GNUCITIZEN - JavaScript Remoting Dangers |
|
|
Topic: Technology |
11:49 am EST, Jan 31, 2007 |
For those unfamiliar, GNUCITIZEN is quite possibly the best site on the internet for web security research that is not affiliated with a vendor. pdp has covered topics such as backdooring Quicktime files, building XSS attack libraries, improving existing protscanners and history stealers, and even a JavaScript web crawler (which is currently receiving a massive improvement...). Much of his work ends up appearing in live attacks a few months after the info is released. Needless to say I was really happy when pdp asked me to write a blog entry for his site. I wrote up a meaty overview of the different methods JavaScript can use to send HTTP requests, as well as the pros and cons of each. GNUCITIZEN - JavaScript Remoting Dangers |
|
Topic: Technology |
11:23 am EST, Jan 31, 2007 |
The MT-85 is a LoCo manual swipe magstripe encoder-reader that allows financial cards, ID badges, or passbooks to be instantly encoded and issued to customers. Its compact footprint and rugged design make it an ideal choice for magstripe card, badge, or passbook issuance at financial institutions, schools, businesses, and government environments. An RS-232 interface and simplified command set allow for quick integration with software applications. An LED provides clear status indications to the operator. Available in either Track-2 only, or Track 1, 2, 3 configurations, the MT-85 encodes and read-verifies magnetic data per the ISO 7810 low-coercivity magstripe standards.
These guys give C code driver examples. They ROCK. This is a good reason to start working on StripeSnoop some more. I haven't touched the project since I graduated from GaTech in spring of 2005, but there is still a fair bit of interest in it. Elliot over a Hack a Day tells me its one of the best magstripe suites out there and people love it. MT-85 |
|
Worldmapper: The world as you've never seen it before |
|
|
Topic: Society |
7:07 pm EST, Jan 30, 2007 |
Worldmapper is a collection of world maps, where territories are re-sized on each map according to the subject of interest. 366 maps and PDF posters will be finished by February 2007. Use the menu above or click on a thumbnail image below to view a map.
Update: for a tour of this dataset, see <a href= Worldmapper: The world as you've never seen it before |
|
5 Things You don't know about Me |
|
|
Topic: Miscellaneous |
6:14 pm EST, Jan 30, 2007 |
1- I was on the high school swim team for 3 years, and went to the Georgia State swim meet for my junior year. I was supposed to go my senior year, but got kicked off. My crime? While doing a can-opener as my last dive for the last regular swim meet, I purposely mooned the entire crowd, included the superintendent for Cobb County Schools. 2- I've forgotten my mom's brithday on at least 3 different occasions. She's never been mad, just sad. 3- I was born in a hospital less than 2 miles from where I currently work. 4- My Brother has been around the world and climbed some of the tallest mountains. I've never left the western hemisphere and I've only been west of the Mississippi river 5 times, 3 of which were in the last year. 5- I have 2 Hillary Duff songs on an iPod playlist. I sing them when I drive.
|
|
Topic: Current Events |
2:21 pm EST, Jan 30, 2007 |
The Nuclear Regulatory Commission concluded Monday it is impractical for nuclear power plant operators to try to stop terrorists from crashing an airliner into a reactor. Plant operators instead should focus on limiting radioactive release from any such airborne attack, the agency said in a revised defense plan for America’s nuclear plants. The agency approved the new defense plan, most of which is secret, by a 5-0 vote at a brief hearing in which it was not discussed in any detail. "The strength of nuclear power plants against aircraft impacts has been thoroughly analyzed in state-of-the-art computer simulations. These tests have shown that, while plants would sustain damage, sturdy, robust structures that safely contain radioactive materials would not release their contents."
[Gen. 'Buck' Turgidson voice] : Just throw some Patriot Missle Batteries at this, Mr. President! Now I'm not saying we wouldn't get our hair mussed. But I do say no more than ten to twenty million killed, tops. Uh, depending on the breaks. Securing Nuclear plants |
|
Police use stun guns on greased, naked student! |
|
|
Topic: Miscellaneous |
11:40 am EST, Jan 30, 2007 |
And now, your moment of zen... A high school lunch period was disrupted Monday by a greased, naked student who ran around screaming and flailing his arms until police twice used a stun gun on him, authorities said. Police said that an administrator ordered Killian to stop, but that the student made a sexual gesture and kept running. Killian is in jail and charged with inducing panic, public indecency, resisting arrest and disorderly conduct. A message seeking comment was left at Killian's home.
Police use stun guns on greased, naked student! |
|
Topic: Technology |
2:36 pm EST, Jan 29, 2007 |
The Amazon Elastic Compute Cloud (Amazon EC2) web service provides you with the ability to execute your applications in Amazon's computing environment. To use Amazon EC2 you simply: 1. Create an Amazon Machine Image (AMI) containing all your software, including your operating system and associated configuration settings, applications, libraries, etc. Think of this as zipping up the contents of your hard drive. We provide all the necessary tools to create and package your AMI. 2. Upload this AMI to the Amazon S3 (Amazon Simple Storage Service) service. This gives us reliable, secure access to your AMI. 3. Register your AMI with Amazon EC2. This allows us to verify that your AMI has been uploaded correctly and to allocate a unique identifier for it. 4. Use this AMI ID and the Amazon EC2 web service APIs to run, monitor, and terminate as many instances of this AMI as required. Currently, we provide command line tools and Java libraries, and you may also directly access our SOAP or Query based APIs.
Think Sun's Grid computing, only cheaper, with virtualized machine images. I've got an immense project needing lots of CPU power and RAM but it should only last a few weeks if I do it right. This might be the ticket. Amazon - EC2 |
|
ActiveX DoS in all IE < 7 |
|
|
Topic: Technology |
10:54 am EST, Jan 29, 2007 |
Ok, DoS against a browser isn't too interesting, but look at the code:
<script language="JavaScript">
obj = new ActiveXObject("giffile");
obj.bgColor;
</script>
That it!?! How did someone miss that! A simple programming mistake would have caused this! ActiveX DoS in all IE < 7 |
|