You know, being away from the blog does not mean that I did not have fun. Not at all. What’s wrong with this picture?
Btw, this is absolutely authentic. Apart from the 64bit encryption, pay attention on the two fields after that. Ouch!
Here is a thought for you: The entire information security industry today is based on fear. The fear of getting hacked and your integrity and reputation being publicly jeopardized and challenged.
This is what gives security vendors the power to sell you useless products which you don’t really need.
Please don’t take this post as a rant towards all the virtualization hackers out there. You are doing a great job and there is no doubt about that. My sole purpose is to get to the bottom of a problem which I believe is widely ignored when it comes to the purpose of virtualizations.
In Krakow I had a very interesting discussion with Joanna Rutkowska, the famous rootkit security researcher (if you don’t know her, google her work, it is a good read). [...]
Ok, so I have been busy. But soon you will see why. In the meanwhile I would like to draw your attention on a very interesting discussion me and ap have started some time ago.
For those of you who don’t know, SaaS stands for Software as a Service, which is the new hot topic on the market. It is so hot, it radiates light. Of course all vendors are jumping into the SaaS bandwagon, and for a reason. [...]
If you haven’t noticed yet, a lot of the useless sections of this site have been removed. The microblogs are also gone since they were kind of redundant. Nevertheless, I still have the urge to post random thoughts that I would like to share. So I will keep this information within the blog which is probably the best place this type of information can be listed.
So this is not a rant but observation which made me question whether humans are capable of seeing further then their nose. [...]
This is just a quick update regarding our previous post which details how to extract the default admin password for the latest firmware of the BT Home Hub (6.2.6.E at time of writing). I recommend you to read the previous post if you have not done so yet.
The BT Home Hub’s serial number - which is the default admin password - can also be found on UPnP description XML files. [...]
So BT added a new security feature on the latest version of the BT Home Hub firmware (6.2.6.E at time of writing) which changes the default admin password from admin to the serial number of the router. From BT Support and Advice site:
When I first noticed this new feature I thought it was quite cool and definitely a good move from BT. [...]
We’ve created several promo videos for the fans of GNUCITIZEN.ORG. You will be able to find them here or on our YouTube channel.
If you believe in our way of thinking, or you simply support our cause, you may want embed any of these videos into your site with a link pointing to GNUCITIZEN.ORG. We hope that you enjoy our promos.
My favorite tech quote is from Giorgio Maone. It goes like this: If today’s malware mostly runs on Windows because it’s the commonest executable platform, tomorrow’s will likely run on the Web, for the very same reason. Because, like it or not, Web is already a huge executable platform, and we should start thinking at it this way, from a security perspective.
Part of my job at GNUCITIZEN is to spot trends. [...]
A special guest blogger for this month is Eduardo Vela, also known as sirdarckcat, a security researcher from Mexico. Eduardo has been on the field for a couple of years, mainly focusing on web-app based vulnerabilities, privilege escalation, and IDS/filter evasion. Today, he is a student of computer sciences, does some research on his free time, and works for an important website as a security engineer. [...]