Our Blog

Something about sudo, Kingcope and re-inventing the wheel

Reading time: ~5 min
Willems and I are currently on an internal assessment and have popped a couple hundred (thousand?) RHEL machines, which was...

Privilege Escalation in SQL Server (Depending on some dodgy requirements)

Reading time: ~3 min
I was playing with a few SQL server idiosyncrasies more than a year ago before becoming so completely distracted with...

Is the writing on the wall for general purpose computing ?

Reading time: ~3 min
The Apple iPad announcement set the interwebs alight, and there is no shortage of people blogging or tweeting about how...

Happy New Year! (No predictions.. promise..)

Reading time: ~1 min
It’s the last few hours of 2009 here in South Africa so i wanted to take the opportunity really quickly...

John Viega’s “the myths of security”.. Really??

Reading time: ~4 min
i go through a ton of books. Over the past 10 years, this has been dominated by books on computer...

Zappos number 1 priority

Reading time: ~1 min
[Zappos.com] is one of those companies people love to write about. They make headlines for their use of new media...

Attack Vector based Risk Management?

Reading time: ~1 min
Interesting post by Michael Dahn at pcianswers.com discussed (again) the difference between compliance and security. Do you know the joke about...

You know you are getting old..

Reading time: ~1 min
When you blog a link to poetry: [The man watching] is a poem by Rainer Maria Rilke, that i picked...

On working when everyone else is asleep…

Reading time: Less than a minute
This quote reminded of something H always says: “When opportunity comes… its too late to prepare” – John Wooden –...

Is URL / Variable Name the new Port Number ??

Reading time: ~1 min
There has been a fair bit of blog buzz about the new SQL Injection worm that ran around infecting sites....

The myth of the expert

Reading time: ~3 min
Something we preach very strongly in our training is the importance of an understanding of the underlying technology / application...

Medical Doctors.. bah! hambug..

Reading time: ~3 min
I’ve ranted a few times about things i hate about the way we “do medicine”. (Doctors are not alone here.....

MTBF and Light Bulbs..

Reading time: ~1 min
Some of you will know that i finally moved out of the shoe box i lived in for 6 years...

2 Un-related thoughts.. on Echelon and the recent Skype Outage..

Reading time: ~2 min
I suspect somewhere there exist cardinal rules of blogging which would state that using a single post to make 2...

mh.blackhatFeedback(Side-jacking, Hamster)

Reading time: ~2 min
Ok.. so its a lot later than i promised, but i did mention that i would post some feedback on...

On hacking and politics

Reading time: ~2 min
I meant to blog this whilst I was still in Vegas, but only got around to it now. Its arb,...

Have a (one) care sir….

Reading time: ~2 min
Someone in the office was discussing Microsoft’s recent horrible foray into the anti-virus market. Apparently an online source held one-care...

In Defense of Testing Pens… (aka how to keep your soul while being a pen-tester)

Reading time: ~7 min
A short while back, a discussion broke out on a mailing list about the nature of being a pen-tester. The...

and then there was one….

Reading time: ~1 min
First IBM announced their interest in Watchfire, and now HP announces their interest in SPI Dynamics. “Consolidation in the industry”...

Shuttleworth comments on Microsoft/Ubuntu deal rumours

Reading time: ~1 min
Mark Shuttleworth on his blog makes it clear -snip- “We have declined to discuss any agreement with Microsoft under the...

Do you group your passwords?

Reading time: ~1 min
This has probably been pondered, but something occurred to me whilst entering my new home.. The guard house grants access...