It is Persistence

Do some people have the magical skill to find vulnerabilities with ease while others don’t! Of course not! I disagree with the whole tendency to believe that technical understandings is all that is needed to find vulnerabilities.

It is mostly persistence that plays a role. Most of the researchers I know have almost zero knowledge on the subjects they dive into. [...]

more | comments | comments rss | posted by

Pareto Principle in the Informtion Security Industry

Over the weekend I had time to read some great books on economics and as such and I’ve become more aware of a phenomenon known as the Pareto Principle or the 80/20 rule.

Vilfredo Pareto was an Italian economist who was living and working during the 19th century. During his career he had discovered a law of nature which was later known as the 80/20 rule. The rule simply states that for many events, 80% of the effects come from 20% of the causes. [...]

more | comments | comments rss | posted by

The Public Perception of the Image of Hackers

It’s been a long day. I am happy to inform you that the House of Hackers community has reached remarkable 80 members since its opening 10 hours ago. It even have got some exposure on Dark Reading (
Hackers in the House), thanks to Kelly Higgins.

The reason I am bringing all this to your attention is because of HD Moore’s comment regarding the House of Hackers initiative:

I think that this comes down again to the public perception of the image of hackers. [...]

more | comments | comments rss | posted by

The State of WiFi security

One of the fundamental rules, which you wont read about in any security book and you can learn only through experience is that everything is in symbiosis. This means that the security models of the individual components in a system are co-dependent. For example, the security of a server is dependent on the security of the individual clients connected to it and the the security of the clients depend on the security of the servers they are interacting with. [...]

more | comments | comments rss | posted by

The value of automated Security Tests

I think that I should speak up how I feel about automated security tests. I don’t think that this post will bring much value to you but at least you will be able to see what it feels like from the field. I will try to keep my thoughts short and clean and emphasize on the main points without going too much out of scope. I think that this topic has been already widely discussed so there is no need to waste more time on it. Everyone should make up their own mind. [...]

more | comments | comments rss | posted by