| |
|
Cisco's wiretapping system open to exploit, says researcher |
|
|
|---|
| Topic: Miscellaneous |
4:57 am EST, Feb 5, 2010 |
The IBM researcher, Tom Cross, notified Cisco of the issues back in December, and recommends revisions to the standard that will ensure that it is more secure by default. That might be helpful, but it still wouldn't deal with the problems posed by unpatched systems—Cross himself apparently recognizes that network administrators can be hesitant to risk the disruption of service that may come with updating major pieces of equipment.
Tom is on Ars Technica Today. Go Tom! Cisco's wiretapping system open to exploit, says researcher |
|
|
|---|
| Topic: Miscellaneous |
11:32 pm EST, Dec 1, 2009 |
evil begets stupidity. An organization that wins by exercising power starts to lose the ability to win by doing better work
two things struck me -- well more but I just wanted to say ...
I WANT a hand held dev machine
and from the Hustler Fast Eddie: How should I play that one, Bert? Play it safe? That's the way you always told me to play it: safe... play the percentage. Well, here we go: fast and loose. One ball, corner pocket. Yeah, percentage players die broke, too, don't they, Bert?
[he makes the shot and the spectators applaud]
Fast Eddie: How can I lose?
fast and loose "launch-fast-and-iterate" yeah baby Evil begets stupidity |
|
Treatment of Alan Turing was “appalling” - PM | Number10.gov.uk |
|
|
|---|
| Topic: Miscellaneous |
1:18 pm EDT, Sep 12, 2009 |
So on behalf of the British government, and all those who live freely thanks to Alan’s work I am very proud to say: we’re sorry, you deserved so much better.
Appalling does not even begin to describe systematic and unconscionable destruction of one of the greatest minds in the history of Computer Science all because of his sexuality. Professional exile, revoked security clearances, threatened imprisonment, and forced chemical castration all of which culminated in suicide. Utterly Disgraceful. Treatment of Alan Turing was “appalling” - PM | Number10.gov.uk |
|
The Great Brazilian Sat-Hack Crackdown |
|
|
|---|
| Topic: Miscellaneous |
8:28 pm EDT, Apr 22, 2009 |
On the night of March 8, cruising 22,000 miles above the Earth, U.S. Navy communications satellite FLTSAT-8 suddenly erupted with illicit activity. Jubilant voices and anthems crowded the channel on a junkyard's worth of homemade gear from across vast and silent stretches of the Amazon: Ronaldo, a Brazilian soccer idol, had just scored his first goal with the Corinthians. It was a party that won't soon be forgotten. Ten days later, Brazilian Federal Police swooped in on 39 suspects in six states in the largest crackdown to date on a growing problem here: illegal hijacking of U.S. military satellite transponders. null
This is so ridiculously and awesomely Gibson-esque. Hordes of low tek from The Sprawl hacking military satellites with homebrew gear and hacker know-how. Unbelievably Excellent! The Great Brazilian Sat-Hack Crackdown |
|
|
|---|
| Topic: Miscellaneous |
6:57 am EDT, Apr 9, 2009 |
The familiar .com, .net, .org and 18 other suffixes — officially "generic top-level domains" — could be joined by a seemingly endless stream of new ones next year under a landmark change approved last summer by the Internet Corp. for Assigned Names and Numbers, the entity that oversees the Web's address system. Tourists might find information about the Liberty Bell, for example, at a site ending in .philly. A rapper might apply for a Web address ending in .hiphop. "Whatever is open to the imagination can be applied for," says Paul Levins, ICANN's vice president of corporate affairs. "It could translate into one of the largest marketing and branding opportunities in history."
ICANN needs to be stopped. They proposing and prompting concepts that will irrevocably damage the Internet with essentially no one to keep them in check. Something seriously must be done about the pollution of the TLDs. From RFC 1591 in 1994: 2. The Top Level Structure of the Domain Names In the Domain Name System (DNS) naming of computers there is a
hierarchy of names. The root of system is unnamed. There are a set
of what are called "top-level domain names" (TLDs). These are the
generic TLDs (EDU, COM, NET, ORG, GOV, MIL, and INT), and the two
letter country codes from ISO-3166. It is extremely unlikely that
any other TLDs will be created.
Postel must be screaming in his grave to know ICANN rolled like a dog in heat to special interests and already created bullshit TLDs like: *.aero
*.asia
*.biz
*.cat
*.coop
*.info
*.jobs
*.mil
*.mobi
*.museum
*.name
*.pro
*.tel
*.travel This is insanity. ICANN's mission statement is not to facilitate "the largest marketing and branding opportunities in history." Its to manage and preserve the operational stability of the Internet's addressing systems! When the hell did it become being a stooge for the world's ISPs? Fuck. This. Shit. ICANN == Whores |
|
Saturday Night Live - Palin / Biden Debate |
|
|
|---|
| Topic: Miscellaneous |
2:25 pm EDT, Oct 5, 2008 |
I believe marriage is meant to be a scared institution be a between 2 unwilling teenagers. But don't think I don't I tolerate gay people because I do. I tolerate them with all my heart.
Priceless. Saturday Night Live - Palin / Biden Debate |
|
Quotes from work: Trend by sheep |
|
|
|---|
| Topic: Miscellaneous |
7:09 am EDT, Aug 1, 2008 |
From my meeting about reports today: Joe: This is too much of one color for an executive summary. They needs lots of colors or they think the report is worthless
And the oddest exchange: Joe: So you want multiple "Trend By" reports?
Ray: Yeah, like "Trend by Severity," "Trend by Risk Score," Trend by anything.... "Trend by Sheep" even.
Billy: Wow, I want to see a "Trend by Sheep" report.
Ray: Yeah! Sheep! But with Velcro gloves. Otherwise they can get away! ... [awkward silence] ... Billy: I'm posting this to Memestreams.
Quotes from work: Trend by sheep |
|
Ajax Security Book Out! Awesome buzz! |
|
|
|---|
| Topic: Technology |
10:39 pm EST, Dec 20, 2007 |
Ajax Security is out and the feedback I'm getting is incredible. Andrew van der Stock The Executive Director of OWASP reviewed a draft of Ajax Security and here is what he had to say about it: If you are writing or reviewing Ajax code, you need this book. Billy and Bryan have done a stellar job in a nascent area of our field, and deserves success. Go buy this book. Is it just a re-hash of old presentations? No. The book breaks some new ground, and fills in a lot of the blanks in all of our presentations and demos. I hadn’t heard of some of these attacks in book form before. The examples improved my knowledge of DOM and other injections considerably, so there’s something there for the advanced folks as well as the newbies. I really liked the easy, laid back writing style. Billy and Bryan’s text is straightforward and easy to understand. They get across the concepts in a relatively new area of our field. The structure flows pretty well, building upon what you’ve already learnt ...
there is advanced stuff, but the authors have to bring the newbie audience along for the ride. Billy and Bryan spend a bit of time repeating the old hoary “no new attacks in Ajax” meme which is big with the popular kids (mainly because their products can’t detect or scan Ajax code yet and still want money from you), and then spend the rest of the book debunking their own propaganda with a wonderful panache that beats the meme into a bloody pulp and buries it for all time.
Web security guru dre offers up this review of Ajax Security: It’s quite possible that many Star Wars Ajax security fans will be calling Billy Hoffman, the great “Obi-Wan”, and pdp “Lord Vader” to represent the “light” and “dark” sides that is The Force behind the power wielded by Ajax. The book, Ajax Security, covered a lot of new material that hadn’t been seen or talked about in the press or the security industry. The authors introduced Ajax security topics with ease and provided greater understanding of how to view Javascript malware, tricks, and the aberrant Java... [ Read More (0.2k in body) ] Ajax Security Book Out! Awesome buzz!
|
|
Fuck you Dean Hachamovitch |
|
|
|---|
| Topic: Miscellaneous |
5:59 am EST, Dec 6, 2007 |
So, yes, the version after IE7 is IE8. We looked at a lot of options for the product name. Among the names we considered and ruled out: Of course, some people care about other aspects of IE8 much more than they care about the name. As I’ve walked different people through the plan, I’ve gotten “Does it have feature X?” “When is the beta?” “When does it release” and even the more thoughtful “What are you trying to accomplish with this release?” You will hear a lot more from us soon on this blog and in other places. In the meantime, please don’t mistake silence for inaction. Dean Hachamovitch
General Manager
Dear Dean Hachamovitch, General Manager Internet Explorer Team. Fuck you Fuck you for thinking a browser with some tabs and RSS support somehow warrants praise
Fuck you for Notepad as "View Source"
Fuck you for the CSS hacks I shouldn't have to do
Fuck you for your phony adoption rate and security comparison reports
Fuck you for the hell that is IE/JavaScript debugging Fuck you for winning the web browser wars and then stagnating innovation
Fuck you for 6 years of inaction and silence
Fuck you for telling the world how the web is going to be
Fuck you for your utter contempt of web developers and web standards Fuck you Dean Hachamovitch and fuck the team you lead. You are hurting us far more than you are helping us This shit has got to end Sincerely,
Billy Hoffman Fuck you Dean Hachamovitch |
|
