Haroon Meer
Introducing Hex-Rays…
These days its almost impossible to read a book on security or vuln-dev without a gratuitous IDA-Pro screenshot. IDA has proven itself so valuable at reversing that its near impossible to find texts that fail to mention it. (Even ancient texts from fravia and woodman will make reference to it).
Well.. for a long long time people have wondered why ilfak (ida’s main author) didnt get into the point and click vuln finding / point-and-click disassembler business.. For a long time he (and datarescue stayed out of it), till now..
Alas.. i could have made squillions (aka – Amazon MTURK)
In early 2002 i suggested that we could solve some computer problems and south africas street-kid problem by setting up a network of street=kids with basic education to handle tasks computers still struggled with. At the time we were concerned with low-false positive, agentless remote detection of defaced web-sites, but also ran into the idea when we first built e-or, our early web application scanner. I suspect i didnt broach the subject with enough sensitivity (and in retrospect suggesting that remote controls for automatic gates could be replaced by 2 low cost street-kids (one as a spare)) might not have helped my cause..
Defcon talks – Videos available online..
A recent maillist thread shows that the DC15 videos are anow available online [here]
Our video (although my voice sounded alot better in my head than it does on video) is available [here]
Heheh.. Elite! snakes on a #$#%@# plane!
Courtesy of afx:
Awesome data visualization stuff…
Steven Murdoch over at lightbluetouchpaper did an investigation into the Privila internship program.. What was also cool however was that he threw together a quick visualization of the data
Moving graphs are always cool, and the fact that he got it together so quickly was impressive.. a quick check shows that he used the Prefuse toolkit which is a totally BSD lic. visualization toolkit that looks simple to use with some awesome examples..
Another attempt at you-tube science, aka how to save 36c when changing the batteries on your remote!
ok.. so a long time ago we tried the you-tube mentos stuff and happily wasted time (and coke) in the office parking lot.. (of course this was after half assed attempts to mimic the experiments imperfectly.. given the typical office makeup, this ensured that we tried it with various other softdrinks, various other sweets and at one point even tried microwaving the drink cause roelof thought “the cold was ruining it”.)
Medical Doctors.. bah! hambug..
I’ve ranted a few times about things i hate about the way we “do medicine”. (Doctors are not alone here.. i cant believe that in the age where we operate on the eye with lasers and see production ready nano-tech. we consider yanking teeth with a pair of pliers a reasonable option)
Recently i heard an interview with the head of MS Research where he spoke about some of the same things.. i.e. that 9/10 people are visiting the doctor for the same thing (that new strain of flu going around) and that we could help alot of things with a simple “if you have a fever, and a runny nose and red spots today, u have the latest X going around.. take 2 of X and get some rest”. This would handle the majority of the ppl walking in..
How Gentoo got hacked.. holy #@^%&!!
If a picture is worth a 1000 words, then i dont want to know what this reads…
SensePost, now a company of SecureData…
For those of you haven’t yet seen, the J.S.E listed SecureData bought 100% of the shares in SensePost late last week.. We have had many offers over the past few years and while the money was generally good, the fit was not.. We believe we found this fit with SecureData (formerly ERP.com) as an independent company within the SecureData stable.
The deal changes very little operationally for SensePost, with all management and directors staying exactly where we are.. We wont be moving offices (and i still wont be wearing a suit any time soon!). Our independence remains and we will remain product agnostic. (if anything it will now mean that we will get a bunch of kit to break from/for SecureData :> ) Our reports remain privileged information between us and our clients, and our advice like always will be whatever we believe is in the customers best interests.. Both SensePost and SecureData believe that this impartiality is important and we would not be going forward with the deal without this being agreed on in spirit and on paper..
It begs the question…
I cant recall who said it in yesterdays meeting, but my response is simple: http://begthequestion.info/