Our Blog
BotNets not just for SPAM any more
The Symantec Security blog has an article titled “Botnets: not just for spamming anymore“. Interestingly we are now starting to see the use of botnets for more than just simple spamming (or simpler DoS attacks). Its pretty cool (in a twisted sort of way), because this is one of those things we called out a long time ago, predicting that botnets were way under-used as a form of cheap distributed…
Introducing Hex-Rays…
These days its almost impossible to read a book on security or vuln-dev without a gratuitous IDA-Pro screenshot. IDA has proven itself so valuable at reversing that its near impossible to find texts that fail to mention it. (Even ancient texts from fravia and woodman will make reference to it). Well.. for a long long time people have wondered why ilfak (ida’s main author) didnt get into the point and…
’twas only a matter of time before various FaceBook developers started cashing in on the amount of personal info they can collect… http://www.theregister.co.uk/2007/09/12/facebook_compare_people/ This was something Marco and I chatted about a few weeks ago – not from the “financial gain” perspective, but rather from the large amounts of data one would be able to collect from Facebook by playing with the FaceBook API. Unfortunately, there has been no time…
Alas.. i could have made squillions (aka – Amazon MTURK)
In early 2002 i suggested that we could solve some computer problems and south africas street-kid problem by setting up a network of street=kids with basic education to handle tasks computers still struggled with. At the time we were concerned with low-false positive, agentless remote detection of defaced web-sites, but also ran into the idea when we first built e-or, our early web application scanner. I suspect i didnt broach…
Defcon talks – Videos available online..
A recent maillist thread shows that the DC15 videos are anow available online [here] Our video (although my voice sounded alot better in my head than it does on video) is available [here]
Heheh.. Elite! snakes on a #$#%@# plane!
Courtesy of afx:
Awesome data visualization stuff…
Steven Murdoch over at lightbluetouchpaper did an investigation into the Privila internship program.. What was also cool however was that he threw together a quick visualization of the data Moving graphs are always cool, and the fact that he got it together so quickly was impressive.. a quick check shows that he used the Prefuse toolkit which is a totally BSD lic. visualization toolkit that looks simple to use with…
Another attempt at you-tube science, aka how to save 36c when changing the batteries on your remote!
ok.. so a long time ago we tried the you-tube mentos stuff and happily wasted time (and coke) in the office parking lot.. (of course this was after half assed attempts to mimic the experiments imperfectly.. given the typical office makeup, this ensured that we tried it with various other softdrinks, various other sweets and at one point even tried microwaving the drink cause roelof thought “the cold was ruining…
Medical Doctors.. bah! hambug..
I’ve ranted a few times about things i hate about the way we “do medicine”. (Doctors are not alone here.. i cant believe that in the age where we operate on the eye with lasers and see production ready nano-tech. we consider yanking teeth with a pair of pliers a reasonable option) Recently i heard an interview with the head of MS Research where he spoke about some of the…
How Gentoo got hacked.. holy #@^%&!!
If a picture is worth a 1000 words, then i dont want to know what this reads…