I've been real busy lately, but I came across several blogs and articles this week that I'd like to share, Andrew Hay style. =) CEO Crime & Punishment -- Ben Horowitz, CEO of Opsware Inc., shares his thoughts on what entices executives to commit white [...]
Posted by Marcin on Thursday, June 28, 2007 in
News,
Privacy,
Security and
Tech.
Several people in the corporate IT security group where I'm interning this summer have been working hard on creating a program to educate users on the company's acceptable use policies and some basic security awareness. They've done a great job and the [...]
Posted by Marcin on Tuesday, June 26, 2007 in
Security and
Work.
If you have too many tags, scripts, ads, etc on your site. Thanks to Tyler for saying what we've all been wanting to say. Just look at this.
Posted by Marcin on Wednesday, June 20, 2007 in
Other.
These two stories are interesting.. I wonder if Adam from Emergent Chaos has seen them: The most misused SSN of all time was (078-05-1120). In 1938, wallet manufacturer the E. H. Ferree company in Lockport, New York decided to promote its product by [...]
Posted by Marcin on Wednesday, June 20, 2007 in
Privacy.
Using Yahoo! Pipes, I tied in over 100 different security blogs into a single feed, sorted by newest on top, and encompasses all areas of security. When I have some more time I'll add security news sites like DarkReading, SecurityFocus, etc. I know Mark [...]
Posted by Marcin on Wednesday, June 20, 2007 in
Security.
I saw this on Slashdot last week, an article regarding "Getting the best deals from Dell." One bullet point really stuck out, about financing offers: 9. DPA/Dell Preferred - This is the Dell credit card, like a Sears, Macy's or Radio Shack credit card. [...]
Posted by Marcin on Monday, June 18, 2007 in
Politics.
I went ahead and tried to run Burp suite on my laptop running Ubuntu today. First, check the readme.txt, which says I need JRE 1.4 or later installed. marcin@thinker:~/burpsuite_v1.01$ java --fullversion java full version "gcj-1.4.2" Okay... 1.4.2, but [...]
Posted by Marcin on Sunday, June 17, 2007 in
Linux.
I was directed through RSnake's blog to a XSS defect in Yahoo! Services and had a couple questions concerning secure design of web applications... So here's the scenario, A user is authenticated by a device between himself and the application he's [...]
Posted by Marcin on Friday, June 15, 2007 in
Security.
Over the course of a day, I could log in to five different systems I'm currently working on. On each I'll get a Bash or Tcsh shell and it's almost guaranteed I'll need to edit a text file at some point during the day. On my home system, my choice of [...]
Posted by Marcin on Sunday, June 10, 2007 in
Linux.
I came across a neat little command that will allow you to SSH through an http-proxy. Useful for when you're at a library or elsewhere and need to make an outbound SSH connection and the only thing stopping you is a proxy. Features of connect.c are: [...]
Posted by Marcin on Saturday, June 9, 2007 in
Security.
Mikko @ F-Secure made a post on their blog about whether or not law enforcement organizations should be permitted to utilize security tools and hacking techniques in investigations that got me thinking. To me the answer to this question is very clear -- [...]
Posted by Casey on Tuesday, June 5, 2007 in
Politics,
Privacy and
Security.
I started working on a project that has no doubt, been done before. It's something no one has publicly posted information on and it's not new -- something everybody wants yet every vendor says is impossible. The problem with this project, is it can't be [...]
Posted by Marcin on Saturday, June 2, 2007 in
Security and
Work.