SHA-1 Pseudocode —
Pseudocode for the SHA-1 algorithm. Pretty straight-forward for being so insanely useful.
en.wikipedia.org
08:20
Dangerous Gems —
Yep. Rubygems’s system of security is really very lax compared to any Linux distro or other system-level package management system I’ve come across. I think the bigger problem, though, is that there’s a cultural acceptance to running gem as root. You don’t really think before installing a gem, you just “sudo gem install FOO”. There’s an attack waiting to happen any time you’re using sudo out of convention like that.
tbray.org
03:30
Why You're Better Off Avoiding the iPhone —
My feelings exactly. I can’t believe I’m going to consciously purchase something that’s so over the top defective-by-design, but I’m definitely going to buy it.
lifehacker.com
22:16
Javascript online massive social password cracking ? —
Yes! Please. Make your friends on myspace work for you. Idle CPU is wasted CPU, dontchaknow.
ardoino.com
21:03
Zero Sign On - 1 better or Infinitely better than Single Sign On? —
This is so right. Why didn’t client certificates ever catch on in the browser? Or signed emails? Neither are hard to get set up but nobody uses it. It’s weird.
drnicwilliams.com
18:54
Chroot in OpenSSH —
“… adds a chroot(2) facility to sshd, controlled by a new sshd_config(5) option ‘ChrootDirectory’. This can be used to ‘jail’ users into a limited view of the filesystem, such as their home directory …”
undeadly.org
18:11
My Open Wireless Network —
Schneier adds a bit to his Wired article last week on running an open wireless network.
schneier.com
01:15
Steal This Wi-Fi —
Schneier advocates running an open wireless network at home. I’ve been doing this for about a year because I couldn’t get the Wii to work with security enabled. When I thought about it, I came to many of the same conclussions Bruce does in the article.
wired.com
04:03
Nmap for Beginners —
I can never remember nmap args for some reason…
blog.fourthirty.org
00:42
http://xkcd.com/327/ —
“Did you really name your son Robert'); DROP TABLE Students;—?”
xkcd.com
05:31
Ruby on Rails Security Guide —
Comprehensive look at common Rails security concerns with links out to in-depth articles.
quarkruby.com
00:55
Life Support: Let the children go on foot and on bike —
“Although statistics show that rates of child abduction and sexual abuse have marched steadily downward since the early 1990s, fear of these crimes is at an all-time high.”
post-gazette.com
16:09
schneier.com
14:47
Bruce Schneier on War On Terror —
Bruce nails it. (Crypto-Gram/2006-09-15)
schneier.com
06:32
HP DRM Talk —
A sequel to Doctorow’s “Microsoft DRM Talk”
craphound.com
20:36
Whitedust: The Hunt Is On —
How to not be fucked with…
whitedust.net
19:16
Schneier on Security: Disarming Soldiers —
“FAA regulation that requires soldiers — all of whom were armed with an arsenal of assault rifles, shotguns and pistols — to surrender pocket knives, nose hair scissors and cigarette lighters.”
schneier.com
09:35
When is a hacker a "hacker" and when is software flawed? —
that’s what i’m saying, bro..
adigio.com
09:45
SHA-1 "Broken" —
Sam Ruby with one of the better write-ups on the impact of the SHA-1 break. Short and accurate.
intertwingly.net
07:45
New Security Vulnerability: Clueless Users —
Oh man that’s sad..
schneier.com
05:53