Security
The technical heart: vulnerability research, disclosure, threat analysis, the craft of finding and fixing
A thought re vulnerability research clustering
The fact that insecure software pipelines are exploitable feels a little like the idea that bugs exist in old F/OSS code, or that a chip design might not be 100% perfect. It's almost QED - but in the defensive realm, people weren't looking there.
Help! My Social Media has been hacked!
I know you do security stuff with computers and my Twitter/Facebook/Instagram/etc has been hacked! It's posting all kinds of strange stuff that isn't from me. What do I do to stop this???
Van Buren v. United States — Oral Argument
The Supreme Court heard oral argument in Van Buren v. United States, a case concerning a statute of the Computer Fraud and Abuse Act (CFAA) and violations of terms of service agreements.
Krebs Has A Posse
Vulnerability annihilation since 1851
"What Hobbs had in mind was not the usual cajoling of a provincial bank into an upgrade, but exposing weaknesses in the British Empire itself by revealing the faults of one of Day and Newell’s competitors."
Information Asymmetry and the 1950s Nuclear Bounty
Props to Matt Ploessel for calling out this one... I'd not heard of a bounty around nuclear weapons until today.
Are you making a Walkman? Or an iPod?
When the walkman was introduced, it created a category. It's brand also became the term of description for that category.
The Nth Country Experiment and Coincident Vulnerability Discovery
Nth Country Experiment - Nuclear MuseumCould any country with the right knowledge and technology build a nuclear bomb? From May 1964 to April 1967, the Lawrence Radiation
Forbes: Accelerating secure software development
7. Expect and plan for mistakes. Expect mistakes, and plan to capture and mitigate them quickly. After all, to err is human. Establishing a vulnerability disclosure and/o
DEF CON Black Hat 2020: Top 10 Tips
While it feels illegal to hang out with your friends right now, the pandemic is no match for the dedicated folks who unite for Black Hat and DEF CON every year. In 2020,
WTF is happening on tcp:0? 2020 edition — Update 1
tl;dr: 0.06% of the publicly-addressable IPv4 space is listening to and responding on TCP Port 0. Why? idk…