Day one of PWN2OWN was unsuccessful, which is no big surprise.  But today, I am really hoping for something — otherwise we’ll have to wait until tomorrow for the third-party clieint-side exploits.
Here’s a little summary I wrote a bit back on how to increase the likelihood of exploiting the three systems.
Are Linux and Mac OS [...]

Here’s a new 2008 security prediction for you –
The iPhone camera is an odd device. There is no notification that a picture is being taken, so the only requirement for malware is to wait for user activity and then start taking pictures.
My prediction is that malware will be written to do just this and [...]

The default user environment on OS X is not exactly very productive. On my Linux and FreeBSD systems I prefer to work in a highly customized user environment that allows me to work faster and more efficiently. I have tried numerous ways of accomplishing this; customizing bash, using alternate shells such as zsh [...]

So this week, we’ve had a roundup of posts on Apple’s latest OS X release, Leopard, and the security “features” that went into it, where they fall short, and what’s missing. Thomas Ptacek has a great post over at Matasano with even more insightful comments on the security of Apple’s latest OS. (To those less [...]

Over the last few years I have been finding ways to tweak my FreeBSD systems for better security and performance. One of the techniques that I used most often was tweaking kernel parameters using sysctl. As you may have known from previous posts I am now an OS X fanboy. Sysctl parameters [...]