Simmoril’s Domain

success fail Nov JAN Apr 26 2005 2007 2008 140 captures 04 Jun 2003 - 04 Apr 2017 About this capture COLLECTED BY Organization: Alexa Crawls Starting in 1996, Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to the Wayback Machine after an embargo period. Collection: 36_crawl this data is currently not publicly accessible. TIMESTAMPS

Simmoril’s Domain

Putting the voices in my head on paper.

01.14.07

‘Hold Button’ Menus in Firefox 2.0 for OS X

Posted in General at 10:08 pm by Simmoril

If you’re a Mac OS X user like me, and you’ve noticed that you can’t get a pop-up menu by holding down the mouse button like you used to (the menu you get when you right-click in Windows), you’re not alone. After a little digging around online, I found out that this behavior is turned off in Firefox 2.0 by default, because it doesn’t match the behavior of other OS X applications.

To turn this behavior back on, type about:config in the location bar, and in the Filter field, type in ui.click_hold_context_menus. Set this option to true by double-clicking on it.

[Found via Metafilter]

Permalink Comments

12.22.06

Passwords Are NOT Dead

Posted in General at 12:39 pm by Simmoril

Over the past few months, I’ve read stories (and even attended a meeting) where people claim that passwords are dead because no matter how complex your password is, a brute-force attack such as L0phtcrack or rainbow tables is going to crack it.

But every time I read these stories, no one talks about the mechanisms that can be put in place to stop these sort of brute-force attacks. Like salts. Add a salt and precomputing attacks like rainbow tables are completely stymied. Or, use a hashing scheme that has a high time complexity, like OpenBSD’s bcrypt. A miniscule delay for each user login translates into intractible running times for something like L0phtcrack.

Cracking attacks have definitely raised the level of play as far as password schemes are concerned, but they are far from having killed passwords completely.

Permalink Comments

12.19.06

Pwn3d!

Posted in General at 5:57 pm by Simmoril

I guess it was only a matter of time…

[found via Ero Carrera’s blog ]

Permalink Comments

11.21.06

Matasano Strikes Again!

Posted in General at 10:37 pm by Simmoril

I swear, these guys could fill an entire bash.org site by themselves! From today’s post:

Here’s what I have to say about that: if you can’t connect the dots between protected memory and OS security, we’re not writing for you. We are having a different conversation than you are, and you are not communicating with us.

Oooo, snap!

Permalink Comments

11.13.06

Wow. Just… WOW.

Posted in General at 11:01 pm by Simmoril

Very rarely in my life do I see a piece of film as powerful and as moving as this animation. Incredibly, the creator has done in two minutes what many movie makers cannot do in two hours (and without dialogue, no less!).Don’t worry if you don’t get it the first time, I didn’t.

Kiwi

Permalink 1 Comment

10.16.06

Honey, I Shrunk The Binary

Posted in General at 10:24 am by Simmoril

Found this interesting challenge/response:

Challenge: Create the smallest possible PE that downloads a file from the internet and executes it.

Response: 411 bytes! Gil Dabah, (one of the guys who worked on the ZERT VML patch) has packed this functionality into less than half a K! That’s pretty freakin’ tiny! You can download the binary here.

I didn’t really get much of the explanation as to how he did this, but still, a very cool accomplishment. Kudos!

[found via DailyDave]

Permalink Comments

10.14.06

I, Fanboy

Posted in General at 6:51 pm by Simmoril

Much as I hate to admit it, I am becoming quite the little infosec fanboy!

Purely by random chance, I ran into (and finally met in person) John Steven last Thursday at the monthly meeting of the local chapter of OWASP, and I was absolutely blown away! Although we only had a little time to talk, John’s knowledge of automated source code analysis and java was just staggering! If you’re currently attending CWRU I highly recommend attending one of his talks; you won’t be disappointed.

Now if only I could trick John into hiring me…

Permalink Comments

« Previous entries ·

Design by Beccary and Weblogs.us · XHTML · CSS