All Stories
Anthology of practical freeware
Like its former topic, but for freewares. Be sure to include if it’s Windows/Linux/Mac. I’ll start off with 10 random applications since I have to leave in a min.
In Jan 01, 2010Mutli Threaded Digital Rights Management
After Sony’s DRM rootkit fiasco, I started thinking about the concept of threaded digital rights management. The concept is simple enough. Let’s say you have two computer programs. On...
In Jan 01, 2010Detecting Malice With ModSecurity
Ryan Barnett has a new series he’s doing called Detecting Malice with ModSecurity that I wanted to spend a minute talking about. Firstly, it’s personally interesting, because he’s usi...
In Jan 01, 2010WordPress SEO CSRF
Well, it’s with a bit of a saddened heart that in the first few minutes of checking through the WordPress code for CSRF I found my first vulnerability. I sat on it for a week or so un...
In Jan 01, 2010Anti DNS Pinning Without Using a Firewall
Kanatoko found a vulnerability in the DNS pinning used withing modern web browsers that can be exploited by simply shutting down an open port. This is far easier than the previous tec...
In Jan 01, 2010Example of an Old Gmail XSS Exploit on Android
This post documents an XSS vulnerability that I discovered in the default Gmail app (v1.3) provided by Google in Android 2.1 and prior. All versions included in Android up to and incl...
In Jan 01, 2010FireSheep Reviews
I go back and forth on whether I think FireSheep is interesting or not. Clearly, it’s old technology re-hashed. But it is interesting not because it works, but that it surprises peopl...
In Jan 01, 2010APWG and OpenDNS
After reading a comment by David Ulevitch on a post by Dragos Lungu I was pretty interested in reading a new press release from OpenDNS on how they are “partnering” with the anti phis...
In Jan 01, 2010Detecting Privoxy Users and Circumventing It
TOR is a pretty cool idea. It’s partially a rip off of a very old project that I helped out with in it’s inception with a bit of peer to peer built on top of it to help with anonymiza...
In Apr 20, 2009