Create an Account
username: password:
 
  MemeStreams Logo

Curiouser and Curiouser

search

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
I am a hacker and you are afraid and that makes you more dangerous than I ever could be.

iPod dominos
Topic: Technology 1:36 am EDT, Oct  3, 2006

Fun commerical. iPods do make a satisfying smack

iPod dominos


On Six Apart and the dropping of the 0day
Topic: Technology 2:34 pm EDT, Oct  2, 2006

So to settle all this craziness about disclosing Firefox 0day, I decided to call Six Apart's press office, as Mischa Spiegelmock claimed he works there.

A gal named Jane Anderson, who has a killer accent BTW, talked with me and here what I found out.

-Mischa does work for Six Apart
-Mischa didn't tell them he was doing this
-The company has contacted Mozilla, but Six apart has nothing to do with getting the issue (issues?) resolved
-Any future information regarding this flaw (flaws?) will not be released/discussed by Six Apart
-Six Apart believes in responsible disclosure
-It is the understanding of Six Apart that the presentation was supposed to be funny, but people didn't seem to take it that way. How exact stack overflows in FF's JavaScript interpreter are funny was never really explained to me
-Jane has be *very* busy for the last day or so and this is causing them some major issues

I thanked Jane for talking so frankly with me but truth be told, they need to fire this guy. Immediately.

On Six Apart and the dropping of the 0day


Stealing Search Engine Queries with JavaScript
Topic: Technology 7:28 pm EDT, Sep 29, 2006

Short and sweet: I can find out what you have been searching Google for from JavaScript. I can put this JavaScript on any site either because I own it (How much do you trust memestreamas.net?) or because I have a XSS vuln that lets me inject JavaScript in the site.

Think the AOL leakage... only for everyone on the internet.

Some fun use cases:

-HMO’s website could check if a visitor has been searching other sites about cancer, cancer treatments, or drug rehab centers.

-Advertising networks could gather information about which topics someone is interested based on their search history and use that to enchance their customer databases.

-Government websites could see if a visitor has been searching for bomb-making instructions.

Whitepaper: http://www.spidynamics.com/assets/documents/JS_SearchQueryTheft.pdf
Proof of concept: http://www.spidynamics.com/spilabs/js-search/index.html

My name is Billy, and I want to destroy the Intarweb with JavaScript.

Stealing Search Engine Queries with JavaScript


On the Assed-ness of Chaps
Topic: Miscellaneous 5:57 pm EDT, Sep 22, 2006

Erik Peterson: Thackery [our main tech writer] has assless leather chaps when he rides his motorcycle

Me:... uhhhhhhh ... why are you telling me this?

Bryan Sullivan: Wait, aren't all chaps assless? I'm mean, otherwise, they would just be leather pants.

Me: I don't think chaps cover the back of the leg like pants do

EP: I don't really care, its just so great to say "assless leather chaps"

Chet (our gay tech writer): What I don't understand is why three straight men are talking about assless chaps. Have I left work already?

I so love my work environment.


RE: Create your own South Park Characters
Topic: Miscellaneous 1:27 pm EDT, Sep 22, 2006

Catonic wrote:
This website will let you create your own South Park characters.

I wasn't able to find hair that represents mine all that well though.

Here's me, thought I wish there had been a plaid flannel shirt!

RE: Create your own South Park Characters


NIST- Guide to secure web services
Topic: Technology 10:39 pm EDT, Sep 21, 2006

NIST's guide to locking down web services, including WS discovery mechanisms like WSDLs.

Remember web hackers, authentication.asmx?WSDL is your friend

NIST- Guide to secure web services


Ahhhh Mix Tapes...
Topic: Arts 10:08 pm EDT, Sep 20, 2006

I ran across a mix tape I made in the Summer 1997 between my Sophmore and Junior years in highschool.

Side 1
Session, The Offspring
Clones, Smashing Pumpkins
I want to conquer the world, Bad Religion
Don't Stay Home, 311
Sunday Morning, No Doubt
Torn Apart, Stabbing Westward
Paranoid Android, Radio Head
Ain't My Bitch (Live), Metallica
Breathe, Prodigy
Battle of Britian, David Bowie
Intermission, The Offspring

Side 2
Flat Earth Society, Bad Religion
Jenny Says, Cowboy Mouth
Tainted Loves, Shades Apart
Throw-away Culture, Trinket
All I want, The Offspring
The Becoming, Nine Inch Nails
Basket Case, Greenday
Under The Bridge, Red Hot Chilli Peppers
Zero, Smashing Pumpkins
Lucy Can't Dance, David Bowie
London Calling, The Clash
Money Wrench, Foo Fighters
Ta Ta, The Offspring


Thailand's king gives blessing to coup
Topic: Current Events 8:40 pm EDT, Sep 20, 2006

A guy from Thailand was in my microeconomics class this morning and told me the real story behind all this coup stuff. Apparently, the PM was a satelite communications mogul who bought them from the gov't and didn't pay any taxes on them. He's the 4th richest person in Thailand, and his approval rating in the city is only about 20%. In the country its much higher, however that's more than likely because he bribes the peasants to vote for him. His main goal in life? To be the 1st richest person in Thailand.

I doubted my classmate until he concluded that his mom lives over there and says there hasn't been an ounce of rioting. Of course there's no rioting when it's what the people want.

Fuck our call to "return to democracy"...these guys seem to be making their own stew just fine.

-janelane, please someone glue Bush's mouth shut

Thailand's king gives blessing to coup


NewsHour: Interview with Gen. John Abizaid
Topic: Current Events 7:55 pm EDT, Sep 20, 2006

A very good interview with Gen John Abizaid on tonight's NewsHour with Jim Lehrer. Gen Abizaid is the commander of the Central Command, which includes all U.S. forces in Iraq and Afghanistan.

The General talked a lot of why he feels the situation in Iraq is improving. And by, "situation in Iraq" he really means "in the areas where we've applied military forces. The overall numbers show a slight decrease [in violence]; I wouldn't say [the decrease in violence is] substantial."

... ... well that sure is good to know. He did discuss trying to turn over more and more responsiblity to the Iraqi's, though he ducked a question about how many resources the US is spending on training new Iraqi solders to kill the new insurgents as opposed to cutting out the middle man and doing that ourselves.

There was one thing that certainly shocked me, especially that such a high ranking general made such a point calling our attention to it.

And then the final thing I'd say is it's hugely important for us to keep in mind that the flow of oil and the flow of natural resources through the Straits of Hormuz, the Bab-el-Mandeb, and the Suez Canal have got to continue. And that falls to the United States Armed Forces, which is why we currently have about 215,000 Americans serving in my region.

I'm not such a crazy lefty that I don't realize that Oil is a strategic resource and we want to protect our resources (especially when "our" resources are in other country's borders), but when the General in charge of all military operations in the Middle East says that safe guarding the flow of oil is "why" we have almost a 1/4 million troops there is a little shocking.

NewsHour: Interview with Gen. John Abizaid


Disclosure survey
Topic: Technology 11:03 am EDT, Sep 14, 2006

Oracle: Oracle encourages independent security researchers to follow a 'responsible disclosure' policy. Researchers notify vendors about a vulnerability and do not publicly disclose information regarding the vulnerability until we have released a patch for it.

... which is all well and good under you realize that Oracle is horrible about patching security issues, regularly taking not weeks, not months, but years to release a patch. If Oracle thinks security researchers are going to wait years, they are mistaken. At that point, its irresponsible not to release a public notice.

Disclosure survey


(Last) Newer << 78 ++ 88 - 89 - 90 - 91 - 92 - 93 - 94 - 95 - 96 ++ 106 >> Older (First)
 
 
Powered By Industrial Memetics
RSS2.0