Daily Digs – 08.27.2009
It's Thursday and so, so very close to the weekend! That's the good news. The bad? I was surprised nobody picked up on the easter egg that was in yesterday's digs. We'll do one again soon, so keep an eye out. On to the short list for today (and it is a short list, as there wasn't a whole lot that was genuinely interesting).
Some juicy Skype trojan sourcecode is available for download. Yes, you read that right, it's like it's being featured as your run of the mill download over on Megapanzer. My favorite part? The author says "If you don't like this... well I can't help you". Awesomesauce.
[Skype Trojan Sourcecode Available for Download]
I'm not the biggest fan of the "Insecurity Complex" blog over on CNET, but I'll give this one to Elinor. Probably because I'm a fan of Dino and Charlie, but the article shed a little bit of extra light on both these hacker extraordinaires.
[Researchers Who Hack the Mac]
Get stuck on the Brucon wifi puzzle? Didier Stevens to the rescue with a fabulous, and illustrated, run down of one way to solve.
[The Brucon Wifi Puzzle]
C'mon Greg - Apple's not completely ignorant. The stance that "Apple doesn't want to tarnish the reputation..." because there's been little fanfare around the new malware detection in Snow Leopard is a slight stretch in my mind. In the end it's a good thing and if Apple wanted to spin it they could just come out and say that it's there because a vast majority of platforms are now running virtualization or could potentially benefit in Boot Camp scenarios from it. Rant rant rant that Apple is lackadaisical on the security front and then the only thing industry "experts" have to say is that it's hidden to avoid defeat? You be the judge, but I'll take it for $29 and a slice of pie.
[Apples Secret Security Update]
DLP, aren't thou just like NAC - great in theory but el suck in reality? Short answer: yes. DLP is not "prevention" in any sense and for Symantec to market the product like that is just sheer bull shit. DLP is signature based just like failing A/V of today with some lightly bake heuristics baked in to say that they can detect anomalies. Long story short is that DLP is only useful (today) in situations where legit employees accidentally try to disseminate data or don't understand the problem with it. But at the end of the day if I want to get it out the door big yellow's software surely won't stop me. I'm more interested in how Symantec even lets blog posts like that get posted - Jonathan did a good job of throwing his company under the bus by explaining how Symantec "buys" security which screams "we-can't-develop-it-ourself".
[Could DLP Have Prevented the Goldman Sachs Issue]
Well boys and girls that's the short list for today. Check back this weekend for the first redux in a while!
-windexh8er
Tags
Random Musings
Twitter: windexh8er
- @marcusjcarey Yeah, makes Ruby feel - well, boring / convoluted. Been all about Scapy lately, you won't go back. :)
- Haha, giving away hardware as bribery to get people to take a survey so the "analysis" can suck less. Enough for me for today! #out
- Getting sick of 1Password's suck on Android. LastPass is my project for this weekend. Still need to put my XT in the MBP too! :(
- @llsecurity Ubuntu is what I would put my parents on. Arch doesn't get in the way - much faster out of the box. Pacman & AUR > deb.
- @llsecurity Polish, as in the sausage? ;) Arch is the way to go, happy medium of "polish" and power.
August 28th, 2009 - 10:48
How the hell do you have time to have this many comments daily!?!?!
August 31st, 2009 - 22:59
I try.
Do you find them useful?