Haroon Meer
Spammers need love too..
-snip- From: Haroon Meer <haroon@sensepost.com> To: Marc Schneider <marcs@mplw.net> Subject: Re: http://www.sensepost.com – Contact needed Hi Dr Schneider. * Marc Schneider [marcs@mplw.net] seemed to say: >I am Dr. Marc Schneider and I work for Multilingual Search Engine >Optimization Inc. in Washington DC ( Tel: 1 202-250-3645) – I would >like to speak with the person in charge of your international >clientele. Who is my contact? Who should I speak to??…
Dvorak, on Windows 7, Microsoft and attention to details..
The other day i tweeted a link from John Dvorak reviewing Windows 7. He basically said that Microsoft was dying, and said the product was “made with the same cheap Microsoft vodka.” Dvoraks not new to this[1], (i recall reading his columns in PC magazine in the early 90’s, so he has been around). He slates Microsoft, not because of the code in windows7, but because (he feels) Microsoft has…
*sigh* alas poor kindle…
my wife might have a kindle, which i might have bought in the US, which she might have loved dearly.. Buying books might have been possible using the “gift card hack” or the “US Postal Address hack” – but alas! It seems as if i can no longer transfer my money from me to Amazon this way.. Must our beautiful friendship end this way amazon? Will this geofilter come between…
2 pieces of coolness…
a) was the politely dropped kaminsky firefox bug [http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070620.html] It still requires a click for command execution, but considering its multi platform firefox ownage sans shellcode, i think its cool.. i think its even cooler that dan dropped it sans any fanfare.. b) has to be Pusscat‘s attack on the SMBv2 Remote bug published on [the VRT blog..] From the post: “we get lucky here as well in that there…
Fasm2009 – Videos online..
The “Fasm conference is an informal meeting of coders interested in x86 assembly programming.” Some of the videos can be grabbed [sp_local|Other] /mh
About:SnowLeopard
Sure it only cost $29, but when you consider the number of people bowing down and thanking our Cupertino overlords you have to consider the following: If the Emperor was given his new clothes today, #emperors_clothes would be trending on twitter (with ppl thanking the tailors for reduced closet space requirements) /mh
John Viega’s “the myths of security”.. Really??
i go through a ton of books. Over the past 10 years, this has been dominated by books on computer security, computer science, programming (and some sprinklings of management classics). I generally stay away from writing reviews, but was genuinely suprised at the number of 5 star reviews Viega’s new book had received and felt i had to chime in. I picked up “the myths of security” (what the computer…
Watch out Amazon…
’cause theres some serious cloud computing competition on the horizon.. A google search for Cloud Provider returns the following paid ads.. Now i know conventional logic says its a bad idea to judge a book by its cover, but..
Apple vs Microsoft as a malware target.. stop saying market share..
I really enjoy listening to Mac Break Weekly.. Leo Laporte is an excellent host and i would tune in just to hear [Andy Ihnatko’s] take on the industry and the (possible) motivations behind certain players moves. (he is sometimes wrong, but always worth listening to). The only time the things ever get a little cringe-worthy is when talk switches to malware and security (although both Andy and Leo for the most…
Excellent paper from MSFT Research on inline proxies vs. SSL
Ron Auger sent an email to the [WASC Mail list] on some fine work presented recently by Microsoft Research. The paper (and accompanying PPT), titled [Pretty-Bad-Proxy: An Overlooked Adversary in Browsers’ HTTPS Deployments] is pretty cool and shows several techniques for a malicious inline proxy to sniff SSL sessions passing through the proxy. Its genuinely a bunch of cool findings and has been handled neatly (with the exception of some…