Mac
Understanding PEAP In-Depth
tl;dr We reported a long standing PEAP bug in all Apple devices that would allow an attacker to force any Apple device (iOS, macOS or tvOS) to associate with a malicious access point, even if the authentication server (RADIUS) couldn’t prove knowledge of the password. To understand it fully, we go on a deep dive into EAP and MSCHAPv2. PEAP at a High LevelMSCHAPv2Decrypting the Inner TunnelThe Inner MSCHAPv2 ExchangeByte-Level…
Is the writing on the wall for general purpose computing ?
The Apple iPad announcement set the interwebs alight, and there is no shortage of people blogging or tweeting about how it will or wont change their lives. I’m going to ignore those topics almost completely to make one of those predictions that serve mainly to let people laugh at me later for being so totally wrong.. Heres my vision.. Its not just the Hipsters and college kids who get iPads,…
80 minutes to Apples Tablet..
In 80 minutes Apple will announce the tablet, and the interwebs is almost bursting with excitement and anticipation.. You absolutely have to give shouts to Apple for being able to create a following like this, anticipation like this, without once ever having officially stated that they were launching the tablet today.. I know lots of people are quick to point out the fan-boyism, but it has to be said, that…
About:SnowLeopard
Sure it only cost $29, but when you consider the number of people bowing down and thanking our Cupertino overlords you have to consider the following: If the Emperor was given his new clothes today, #emperors_clothes would be trending on twitter (with ppl thanking the tailors for reduced closet space requirements) /mh
Apple vs Microsoft as a malware target.. stop saying market share..
I really enjoy listening to Mac Break Weekly.. Leo Laporte is an excellent host and i would tune in just to hear [Andy Ihnatko’s] take on the industry and the (possible) motivations behind certain players moves. (he is sometimes wrong, but always worth listening to). The only time the things ever get a little cringe-worthy is when talk switches to malware and security (although both Andy and Leo for the most…
Apple gets some clue points?
At [DeepSec] last year i had the pleasure of hearing Ivan Krsti? speak. While some of his arguments had (small) holes in them (which the audience were quick to pounce on), he raised the ugly fact that people like me like to ignore.. That some of us spend a lot more time thinking of elaborate ways to break stuff than we do designing less breakable stuff.. I think for most…
Only an idiot will install a beta os on his primary phone..
and i am that idiot… Developers signed up with Apples Dev Program get to take iPhoneOS3.0 out for a spin, so that the app store can have ver3 apps when the new OS launches.. A quick download (as quick as it gets in South Africa), a prayer (or 10) during install: and now i too have a phone that can handle cut n paste! (tho admittedly it feels surprisingly fiddly…
Open source (and lightning fast) Safari ?
While im into posting mac-links.. Check out [Webkit] A little while back i mentioned not understanding why anyone would run a closed source browser while a decent open source version existed.. Then i was forced to use Safari while doing some testing, and was impressed by its snappiness.. it impressed me more when it didnt flinch at me opening ans surfing thousands of tabs.. blergh.. suddenly my firefox was losing…
Applescript for HTTP BruteForcing..
A long time ago i blogged on the joys of using VBS to automate bruteforcing [1|2]when one didnt want to mess about duplicating an applications functionality at the protocol level.. Yesterday i had need to brute-force a web application which tried hard to be difficult and annoying.. Normally i would have used crowbar, Suru or a ugly mangled Python script, but the application was strangely difficult.. i.e. the login process…
Follow-up (OS X BSOD Win32 Icons)
Of course, Leopard’s new improved ™ finder includes an Itunes’esque “Cover Flow” view (which includes quick view thumbnailing quite impressively).. Of course, it means you get a better look at the win32 – BSOD :>
Page 1 of 2
Next