Skip to content
← home

tag

#security

98 posts

The technical heart: vulnerability research, disclosure, threat analysis, the craft of finding and fixing

Security

A thought re vulnerability research clustering

The fact that insecure software pipelines are exploitable feels a little like the idea that bugs exist in old F/OSS code, or that a chip design might not be 100% perfect. It's almost QED - but in the defensive realm, people weren't looking there.…

10 Feb 2021 · 3 min read
Security

Help! My Social Media has been hacked!

I know you do security stuff with computers and my Twitter/Facebook/Instagram/etc has been hacked! It's posting all kinds of strange stuff that isn't from me. What do I do to stop this???…

11 Jan 2021 · 7 min read
Security

Van Buren v. United States — Oral Argument

The Supreme Court heard oral argument in Van Buren v. United States, a case concerning a statute of the Computer Fraud and Abuse Act (CFAA) and violations of terms of service agreements.…

01 Dec 2020 · 41 min read
Security

Krebs Has A Posse

14 Nov 2020 · 1 min read
Security

Vulnerability annihilation since 1851

"What Hobbs had in mind was not the usual cajoling of a provincial bank into an upgrade, but exposing weaknesses in the British Empire itself by revealing the faults of one of Day and Newell’s competitors."…

05 Oct 2020 · 1 min read
Security

Information Asymmetry and the 1950s Nuclear Bounty

Props to Matt Ploessel for calling out this one... I'd not heard of a bounty around nuclear weapons until today.…

29 Sep 2020 · 3 min read
Security

Are you making a Walkman? Or an iPod?

When the walkman was introduced, it created a category. It's brand also became the term of description for that category.…

29 Sep 2020 · 3 min read
Security

The Nth Country Experiment and Coincident Vulnerability Discovery

Nth Country Experiment - Nuclear MuseumCould any country with the right knowledge and technology build a nuclear bomb? From May 1964 to April 1967, the…

31 Aug 2020 · 1 min read
Security

Forbes: Accelerating secure software development

7. Expect and plan for mistakes. Expect mistakes, and plan to capture and mitigate them quickly. After all, to err is human. Establishing a…

09 Aug 2020 · 1 min read
Security

DEF CON Black Hat 2020: Top 10 Tips

While it feels illegal to hang out with your friends right now, the pandemic is no match for the dedicated folks who unite for…

06 Aug 2020 · 3 min read
Security

WTF is happening on tcp:0? 2020 edition — Update 1

tl;dr: 0.06% of the publicly-addressable IPv4 space is listening to and responding on TCP Port 0. Why? idk……

03 Aug 2020 · 1 min read
Security

WTF is going on with TCP:0?

tl;dr: 0.06% of the publicly-addressable IPv4 space is listening to and responding on TCP Port 0. Why? idk... Note: Never interact…

30 Jul 2020 · 3 min read