2008
Dont look now, but it seems they broke the Interwebs again..
Those pesky hackers!
Alex Sotirov (of heap feng shui fame, famous for breaking everything from Vista, to web browsers, to facebook) and Jacob Applebaum (of cold-boot attack fame, and more importantly of “knuth is my homeboy” fame) will be talking in a few hours at the 25c3 conference in Germany and by all accounts its going to be an “Internet Breaker”.
There is a fair bit of speculation on the nature of the bug (though most people some confident that its routing protocol related) and HD Moore has blogged that the pair have sought legal advice pre-publishing.
We going to sue and make Squillions…..
or maybe not…
The twitters informed me that Singe uncovered a case of brand plagiarism!!!1!
-snip-
-snip-
So lets review..
the logo looks shockingly the same they no doubt, behind closed doors refer to themselves as SP too just based on their staff numbers, they probably have 16 good looking people there too! i had the lawyers lined up but decided to dig more info. on them first..
… Scrapy…
(an open source web crawling and screen scraping framework written in Python..)
i promised deels i wld stay off the interwebs for a few days, which means my quick stops are filling up my bookmarks list..
This looks worth checking out.. http://dev.scrapy.org/
/mh
Ted Speaker List up and Free hackin9
(aka 2 completely unrelated topics)
You can grab a free copy of the Hackin9 magazine [here] And you can view the speakers list for Ted09 [here]… /mh
Penetration Testing in 2009 – Opposing Viewpoints
The last few weeks have brought some fairly interesting predictions for 2009 to bear in CSO Magazine columns. Two recent articles caught my eye from a penetration testing perspective.
In the first, Brian Chess, CTO of Fortify (they make source code review and software security tools, and he has written a great book on static analysis) predicted that penetration testing as we know it will die in 2009.
The premise of his argument is that penetration testing will die and be reborn in a different form, aiming more at preventing bugs from occurring, rather than identifying them (rolling things into QA / SDLC etc). Granted, it’s a fairly valid point *in some respects*, albeit a biased one if you consider what he does for a living.
More Conn News – PCI Johannesburg
I got contacted the other day (via LinkedIn actually, which is a 1st for me) about a PCI conference some folks are trying to organize here in Johannesburg in January next year. I don’t really know the people (or the conference) but it seems like something that’s sorely needed here and maybe worth making a small investment in.
Here’s where you can get the lowdown – http://www.pci-portal.com/events/event-info/event/pci-johannesburg
ITWeb Security Summit 2009 – CFP Reminder
I wanted to remind folk that the CFP for the ITWeb Security Summit closes on 26 Jan 2009. You can check it out at http://www.itweb.co.za/events/securitysummit/2009/. Local (ZA) should please make themselves heard, but the organizers are also sponsoring travel for international speakers so if you ever wanted to visit the gool ol’ RS of A (that’s in Africa) then here’s your chance….
Wikto 2.1 XMAS edition
The latest version of Wikto (2.1) is available for download here. New features include time anomaly reporting and easier access to findings. A few bugfixes have also been made (thanx to some valuable user feedback). Happy holidays from the research and dev team.
./frankieg
(v2.1 XMAS image)
Microsoft BlueHat, Videos Posted
Microsoft has posted selected videos of the latest BlueHat talks [here]. It’s pretty cool that they are now releasing these videos to the planet..
You get to see Matt Miller (skape), Scott Charney and even za’s very own Roelof Temmingh.
SensePost’ers can grab copies of the talks [here]
/mh
Linux on iPhone..
While i normally find “Linux ported to run on your [nintendo/toaster/foo] stories only academically interesting, i think the thought of Linux running on 1st Gen, 2nd Gen iPhones (and iPod Touch) a particularly awesome thought.
a) it suddenly means all sorts of possibilities for cute intelligent devices all over the house (with cool sensors – once they can be acessed)
b) it means possibly really cheap, really portable *nix (really pretty) in your pocket
Page 1 of 8
Next