Daily Digs – 08.13.2009
Ohhh we were so close to a Friday the 13th. Some of the stories for today may have been better served by that date / day combination. I suppose it felt like it for Robert Carr (CEO of Heartland) though as Mogull laid the open-letter-smackdown fo' sho'. All in all it's been an interesting day with some great news so let's get to the digs!
First up is an interesting analogy of cracks to Microsoft. The "dorky tale" can be had over at EvilFingers and is, well, lighthearted in nature.
[Patching the Patches]
It seems to me as if Firewire is always ripe with authentication bypass flaws. Help Net Security has a paper that you can download to read all about it. What OS are we talking about here? None other than the shiny new Windows 7.
[Firewire Based Physical Security Attacks]
There's not a whole lot to say about this one because Rich Mogull said most of it already. If you haven't already read the open letter to Robert Carr you'll want to.
[An Open Letter to Robert Carr]
From the are-you-completely-stupid-bin we pull out the misunderstandings of non-technical government officials. This time, however, the stupid policies being pushed aren't originating out of DC! Belgium wants to keep all email traffic for two years. Supposedly this will help in some way, shape, or form to combat criminal activity. Because, there's not fabulous free encryption out there or anything.
[Belgium Would Like to Track Your Email for Two Years?]
I'm jealous. Joel Esler was raving about the SourceFire Exploit Development class today. He makes the comment about those typical classes where 80% of the content is rather trivial and the other 20% you could have figured out anyway and how this class is not that type. Again, I'm jealous and might actually take this class later this year if I can swing the time off in December. Thanks Joel!
[SourceFire's Exploit Development Class]
Think you know enough about ERP, dB, gain, etc. with regards to 802.11 antennas? Well, then you probably haven't a clue on the changes in 802.11n antennas. There's a great article on SearchNetworking today with links to a few other antenna references.
[Understanding 802.11n Wireless Antennas]
Your organization still running IE6? That's too bad, maybe you should inject some code into the front page of their site displaying your disgrace for the browser that just won't die (but kills machines).
[IE 6 No More!]
Oh, joy -- pretty much every Linux kernel running on the planet is broken, and can allow remote exploitability. Yes, pretty much every kernel since early 2001. This will be a great exploit for time to come!
[Bug Exposes 8 Years of Linux Kernel]
We leave you this week with some great key size explanation by Luther Martin of Voltage. If I could sum it up as well as his post was written I'd do just that, but it's easier for you to read his explanation.
[Comparing Key Sizes]
Have a great weekend everyone! We'll be in touch with some of the things we talked about earlier in the week.
--windexh8er
Tags
Random Musings
Twitter: windexh8er
- Zoom whitening - more painful than expected but white white teeth!
- Inception in VIP at Showplace Icon FTW to celebrate resignation! Wooo hooo!
- Coke has hybrid electric delivery trucks, interesting. http://twitpic.com/27usw6
- Mog vs Rdio, the battle for my $10/month... (Mog is now on Android)
- Wow... TrueCrypt 7 benchmarks at 1GB/sec encrypt and decrypt on the i7 in the MBP. Too bad FileVault doesn't use AES-NI. :(