Day one of PWN2OWN was unsuccessful, which is no big surprise.  But today, I am really hoping for something — otherwise we’ll have to wait until tomorrow for the third-party clieint-side exploits.
Here’s a little summary I wrote a bit back on how to increase the likelihood of exploiting the three systems.
Are Linux and Mac OS […]

I’ve been doing some work lately with text files and have been using various shell command techniques to manipulate them for whatever purposes I need. This isn’t a HOWTO guide as much as it is a reference for myself and others that just need something quick to work off of.
The first command I reach for […]

Marcin and I were talking a bit about mainframe security today. I recalled how fantastic mainframes were while he had his hands in the trenches. Yes, I know that IBM renamed MVS to z/OS (as well as other things) years ago. However, the concepts remain the same: TSO, ISPF, and JCL are […]

Lesson 3: After the first few days, we’ve covered securing WiFi, as well as basic software assurance tools to get you started with a web browser and crawler. This is just the beginning.
Part 1: Information assurance vulnerability assessment — Sandboxing insecure defaults and unnecessary services
Sandboxing is often referred to by many things, such as […]

So this week, we’ve had a roundup of posts on Apple’s latest OS X release, Leopard, and the security “features” that went into it, where they fall short, and what’s missing. Thomas Ptacek has a great post over at Matasano with even more insightful comments on the security of Apple’s latest OS. (To those less […]