Our Blog
Dino Dai Zovi is such a Rock Star..
Dino is the guy who added much shellcode coolness to MetaSploit, gave the world Karma, released the first virtualization rootkit for Intel (Vitriol), and gave much credibility to the Matasano crowd while he was there.. Although he left the consultancy gig, he popped up briefly again during the year to claim his macbook in the Cansec Hack the Mac challenge and popped up again to break second-life.. http://www.securityevaluators.com/sl/ – -snip-…
The fine line between failure and success
So…because I don’t have a report to write this weekend I’ve had some time to ponder and reflect on stuff (and read my mail)- I thought I’d share some stuff that came to the fore of my mind again now when reading a newsletter. Since the early days of playing competitive sport (in those days it was paintball) I’ve always been astounded as to the intensity of the emotions involved…
Google as an MD5 Cracker..
Slashdot picked up on the blog post from Light Blue TouchPaper commenting on the fact that a researcher was suprised to discover that simply putting an md5 hash into google returned a hit with a mapping to the original word.. This is an interesting concept.. A while back, we decided to fiddle with the concept of using googles indexing and spidering as a new take on the time/space trade-off for…
Follow-up (OS X BSOD Win32 Icons)
Of course, Leopard’s new improved ™ finder includes an Itunes’esque “Cover Flow” view (which includes quick view thumbnailing quite impressively).. Of course, it means you get a better look at the win32 – BSOD :>
Rational vs Emotional Commitment
I’ve spoken before on how I like some of Simon T Bailey’s stuff and his general leetnesses…he has some gems… This one, on rational vs emotional commitment is quite leet and touches on a discussion we had over lunch… -snip- You might be wondering about the difference between rational and emotional commitment. Rational commitment is the “what†that you agree to give an organization when youâ€re hired: your time, talent…
i know this has been blogged all over the interwebs..
but Leopards default icon for windows machines has to rank up there with dvwssr.dll (yeah.. thats a BSOD) /mh ok.. who’s old enough? what was the similarity between this and dvwssr.dll ?
Mind Control, Big Cats, Feynman && kiosks…
Aka… A good weekend.. The weekend got off to a slow start, when Amazon claimed it would take a little longer than planned to ship us the “Web Application Hackers Handbook”. Fortunately it picked up after that.. The first ray of light was finding a new strange bug on a huge application that smells a lot like full remote code execution.. Then the office had a power-outage and i felt…
PauldotCom Interview, Part I
OK.. so part one of our pauldotcom interview has hit the interwebs.. it was fun and involved a power failure and a dog that chewed through charl’s microphone cable about 15 minutes before the interview started.. My thoughts on it were best expressed earlier on irc.. -snip- 12:04 <+MH> i sounded (cleverer/less annoying/less nasal) in my head.. 12:04 <+MH> apparently hearing ur own voice through ur teeth explains (3).. (1)…
22:30 to 23:30: the quiet hour
while waiting around for the PSW guys last night, it seemed like a good time to test our mettle on the foosball table. we’ve witnessed rapid development of general foos skills in the office since the introduction of the table a few weeks ago, and the improvement in shot speed has been noticeable. of course, questions always remain as to the difference between actual and perceived velocity of shots, and…
9 days to leopard…
You can almost taste the fanboy excitement.. but im guessing there will also be the mandatory rush for the first big bug announcements.. There are a few things that look cool.. Apple joins the right decade with ASLR and native multi-desktops looks cool.. DTrace on osx seems like a winner too.. Of course, theres also the much touted: “Back to my mac” feature: [watch video of it in action] i…