Archive for July, 2007

DEFCON 15

DEFCON15 is this Friday and I’ll be in Vegas Thursday night. I’ll be without Internet access this weekend, but I’ll try and post something up for Sunday. If anybody wants to meet up, send me an email. Gonna be a good weekend. Some of the talks I’m interested in:

Dirty secrets of the security industry — […]

Preventing and Detecting Sensitive Data on P2P Networks

Recently, we’ve heard a lot of talk about P2P apps and data leakage concerning various members of Congress. It started with this article over at NetworkWorld, followed up by the guys at nCircle, directing criticism towards Congree from Techdirt, comments from LonerVamp, and lately a rambling from Alan Shimel on how NAC will solve the […]

Interview with Richard Bejtlich — GE Director of Incident Response

Back in May, I attended a meeting to get a feel for the company and group I would be working for this summer as an IT Security Intern. Much to my surprise, Richard Bejtlich was in attendance and as it turned out we’d be working for the same company. Anyways, Richard agreed to do be […]

Phrack a Day — Revitalizing what has been lost

I’d like to introduce a new segment we’ll be doing called “Phrack a Day.” Casey and I are going back to the roots of the hacking and phreaking culture and reading through every Phrack article, beginning with the first one to the most current. We’ll be outlining the main points from each, provide some commentary, […]

Firefox + httpOnly? While we’re at it…

kuza55 noted this morning that Firefox 2.0.0.5 has implemented support for httpOnly cookies. It’s not perfect, as ma1 pointed out in the comments, but it’s better than nothing.
The Firefox browser could be made even more secure by building NoScript, LocalRodeo, CookieSafe, SafeHistory, and SafeCache into the Firefox codebase. In addition an option to run only […]