Entropy is not what it used to be.

  • XKCD: hack the stars

    This is pretty awesome, from the XKCD cartoons

  • So true: code quality

    From Lifehacker

  • Quis hackiet ipsos hackes?

  • HeartBleed: we’re sslcrewed

    The year 2014 is only a hundred days old, and this is probably the security bug of the year. In case you haven’t heard it, and shame on you if you didnt. HeartBleed is an exploit on a OpenSSL’s TLS Heartbeat extensions. It goes well undetected, and nearly half a billion (yes, B) of websites…

  • the state of Mixed Mode

    When a browser grabs a webpage over HTTPS, *nobody* (aside from revelations that governments can see our SSL traffic) can see what’s happening between your browser and the target webserver.  You are protected against the prying eyes of an evil network admin, proxy admin or even government. Modern websites often import JavaScripts files from multiple…

  • The closeness of software, and its dangers.

    Craig of /dev/ttys0 has discovered an interesting backdoor in D-Link routers; by setting your user agent to a particular string it is possible to circumvent the admin authentication challenge. While this is just one of the cases, who knows how many devices have been “backdoored” over the year, either by manufacturers; or by telecom operators…

  • But the camera rocks

    On my way home form a merely thought-inspiring movie, I passed by a few girls sharing a cigarette on your typical San Francisco cafe’s terrace. One of them was showing her (?) phone to the other, who told her friend “…but the camera rocks”. It made me, continuing the movie’s aftermath realize how we’ve given…

  • How the semantic web should come back, and is.

    The web has come a big way. Sir Tim Berners-Lee’s invention that changd the world has undergone a large metamorphosis in the way how it provides millions – and now billions – of human beings information, communication and entertainment. Early websites had a fair amount of content, but it was surrounded by flashing marquee’s, background…

  • Phone numbers as default eLife WiFi keys

    The UAE’s internet is pretty much provided by two ISP’s: Etisalat and Du who provide broadband services to its customers. Focusing on the largest of the two, Etisalat, they provide a eLife program that allows triple play services into the homes of their customer base, which include a WiFi network. The problem though is that…

  • Browa10: Brute force script for OWA 2010 servers

    To quickly test the strength of passwords used by users on a domain, through an OWA (Outlook Web Access) 2010 interface. Here’s the ruby code, and its README. Please use this script responsibly and only against servers you’re authorized to audit.

Got any book recommendations?