Hacker News › Comments

In elementary school the game of telephone is used when the teacher wants to demonstrate a lesson like the importance of listening or the problem with gossip. The teacher leans into the first student’s ear and provides a simple sentence to be repeated to each person in the line. For example, the teacher leans into [...] - Hacker News

You know I am big fan of the people at SC Magazine. From Illena Armstrong on down I really like the folks from Haymarket. Also, over the years at StillSecure, the magazine has been very kind. StillSecure has won its... - Hacker News

Deviant comes on the show and we talk about locking picking, bumping, and raking! Make sure you visit the show notes page for this episode to get the Powerpoint slides and videos associated with the interview: Using OSVDB to find vulnerable software, SQL injection by example, Fake Steve jobs article enlightens the PaulDotCom crew: - Hacker News

Image by Getty Images via Daylife Yesterday the news was all about yet another blackberry outage. When it isn’t blackberry, it is AT&T. Sprint, Verizon, Metro – lets face it, they all suck. It really becomes a question of '”who... - Hacker News

An interesting identity that can be proven for the Weierstrass ℘-function is that det ℘(z1) ℘′(z1) 1 ℘(z2) ℘′(z2) 1 ℘(z1+z2) -℘′(z1+z2) 1 = 0 If we think about this for a while, we see that this is explains why... - Hacker News

Hi Folks, Here is a round up of a few jobs that we had sent in to us (tips SHIFT2 liquidmatrix DOT org) as well as a few that we gleaned from the tubes of the Internet. This is a weekly listing that we will continue to build out in the new year. (Note: These links [...] - Hacker News

Kudos to WordPress.org on their late in the year, and highly anticipated codebase update. Now at version 2.9, the popular blog platform’s release heralds a significantly enhanced blogging environment with a welcome focus on improved authoring and management functions, along with increased capabilities in SSL functionality. More information, direct from the official WordPress blog, appears [...] - Hacker News

Morning all! Giving Dave a break today since he has been so good lately. This is probably our last post on here for a while with the holidays and all so I hope you all have a happy, healthy, and safe vacation. For those of you who don’t get off of work I hope you [...] - Hacker News

How do you load a DLL in every new process on a Windows machine? One way to do this is the AppInit_DLLs registry key (this key is frequently abused by malware). Every new process loading user32.dll, also loads the DLLs listed in AppInit_DLLs on startup. But you can’t use this key to load hook-createprocess.dll, because it [...] - Hacker News

After months of waiting, the Obama Administration has named Howard Schmidt as the White House Cybersecurity Coordinator. While Schmidt getting the job is great news, there are still some questions regarding the position that the appointment has not answered. One such question goes toward the level of actual authority that the job comes with. W. - Hacker News

2009 has been a very adventuresome year for me. There have been high’s, low’s, up’s and down’s. As I look back on it I see that lots has happened and I have lots to be grateful for. I’d like to take a few minutes and say thanks to a few people and organizations. I know [...] - Hacker News

IT Expert Voice: Windows 7 and IPv6 - Useful at Last? "DirectAccess combines IPv6 with Internet Protocol security (IPSec) to provide a high-speed and ultra-secure Virtual Private Network (VPN)" - Hacker News

The Register: Hackers break Amazon's Kindle DRM - Hacker News

Russian hacker gang who 'stole millions from Citibank' under investigation | Technology | The Guardian Top 8 Security Threats of 2010 Cisco MARS Timeline | NetworkWorld.com Community - Hacker News

See here: http://matchent.com/wpress... What is interesting is the IP address that the author of the blog post cites as the source of the trouble - 72.167.232.86. 72.167.232.86 belongs to GoDaddy (p3nlh036.shr.prod.phx3.secureserver.net). The server at that IP is host to over 4,000 web sites. As for how Silent Noise was hacked – that I cannot answer. My first guess was that they were using WordPress but it looks like they may have migrated to Drupal (according to a blog post back in 2008). If Drupal, there are security advisories for the Drupal Core, as well as “contributed projects” that should be investigated. For example, look at this one: http://drupal.org/node/579482 The description of the vulnerability reveals that: “The core OpenID module does not correctly implement Form API for the form that allows one to link user accounts with OpenID identifiers. A malicious user is therefore able to use cross site request forgeries to add attacker controlled OpenID identities to... - Hacker News

icabbages: B&N EPUB key derivation algorithm - Hacker News

Several readers have told us that their Blackberry PDAs have not been working for the past few hours ...(more)... - Hacker News

You know you've hit the big time when...;-)Alright, maybe not, but you still may have to step aside for my ego.Wait, you already have to do that.Fine. Never mind.But this is kinda funny.Full disclosure:I use Google Alerts for my name (Russ McRee) and m... - Hacker News

The FBI is looking into a breach at Citibank by a Russian cybergang, the Wall Street Journal reported today. The gang apparently began breaching Citibank over the summer and was uncovered by investigators in the US who noticed suspicious traffic from ... - Hacker News

If you read this diary, then you are probably one of those people who will be asked to fix various f ...(more)... - Hacker News

This is my last post of the year and given that it is the holidays, I wanted to do something a little festive.  Granted, fraud is in no way festive.  But maybe protecting yourself from fraud is?? Either way, McAfee released a report on the “12 Scams of Christmas“.  While this is relevant now, most of [...] - Hacker News

My 中文 isn’t nearly as good as Heike’s (as demonstrated here) but I do believe that this pic posted to sunwear’s baidu blog says that the PRC Internet is the most free.  You might remember sunwear – he is the one that arp-jacked metasploit.com. - Hacker News

A Tonight’s show is a bit longer than usual thanks to a segment with our wayward contributor Zach and an interview with Metasploit founder HD Moore. HD is now also the CSO of Rapid7, making him quite the busy boy. And, since we can’t help ourselves, Rich and Martin still cover some of this week’s [...] - Hacker News

Off The Wall show for December 22, 2009 - Hacker News

The well-known ph4nt0m security group has made their latest edition available here:  zh-cn | google xlate. ToC: Introduction ———- by root Flashsky interviews ———- by flashsky Struts2 framework of the security flaws ———- by kxlzx To focus on IP spoofing ———- by papaya Fuzz client-side storage objects, looking for client ddos ———- by woyigui Point defects in the use of application software [...] - Hacker News

Finally, I did it! I just upgraded my corporate laptop with the latest release of Ubuntu (9.10) aka “Karmic Koala”. Available for a few weeks, I preferred to wait for some holidays before the upgrade. First, because without laptop, I can’t work! In case of big issue, my off-days would be helpful to restore to [...] - Hacker News

Image via CrunchBase Last week I wrote a post about a managed SIEM service from FishNet Security that Larry Walsh over on channel insider reported on. Larry had made it out that the FishNet offering solved many of the biggest... - Hacker News

CNN: Hotshot Hackers Compete - Hacker News

H Security: Beware of Christmas presents with non-volatile memory - Hacker News

YY已久的Cyber czar已经尘埃落定, Howard A. Schmidt Schmidt曾经担任Bush政府cybersecurity adviser, 既有企业界的经验, 也有深厚军方和司法界的背景. 另外很重要的两点: 1. Schmidt将只汇报给National Security Council,而不是此前所说的那样--同时也要汇报给"National Economic Council" 2. Schmidt will also “have regular access to the president,” 全文: Obama to Name Chief of Cybersecurity http://www.nytimes.com/2009... 阅读全文 类别：Cybersecurity 查看评论 - Hacker News