Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »

Hacker News › Comments

Hacker News
Understanding the 3 Goals of Security - http://blog.seaninman.com/...
In elementary school the game of telephone is used when the teacher wants to demonstrate a lesson like the importance of listening or the problem with gossip. The teacher leans into the first student’s ear and provides a simple sentence to be repeated to each person in the line. For example, the teacher leans into [...] - Hacker News
Hacker News
Reality check please! You are about to enter the NAC Twilight Zone - http://www.ashimmy.com/2009...
You know I am big fan of the people at SC Magazine. From Illena Armstrong on down I really like the folks from Haymarket. Also, over the years at StillSecure, the magazine has been very kind. StillSecure has won its... - Hacker News
Hacker News
PaulDotcom Security Weekly - Episode 180 Videos - http://pauldotcom.com/2009...
Deviant comes on the show and we talk about locking picking, bumping, and raking! Make sure you visit the show notes page for this episode to get the Powerpoint slides and videos associated with the interview: Using OSVDB to find vulnerable software, SQL injection by example, Fake Steve jobs article enlightens the PaulDotCom crew: - Hacker News
Hacker News
Have smartphone will travel - http://www.ashimmy.com/2009...
Image by Getty Images via Daylife Yesterday the news was all about yet another blackberry outage. When it isn’t blackberry, it is AT&T. Sprint, Verizon, Metro – lets face it, they all suck. It really becomes a question of '”who... - Hacker News
Hacker News
Adding points on an elliptic curve - http://superconductor.voltage.com/2009...
An interesting identity that can be proven for the Weierstrass ℘-function is that det ℘(z1) ℘′(z1) 1 ℘(z2) ℘′(z2) 1 ℘(z1+z2) -℘′(z1+z2) 1 = 0 If we think about this for a while, we see that this is explains why... - Hacker News
Hacker News
Job Hunting? These Companies Are Hiring - http://www.liquidmatrix.org/blog...
Hi Folks, Here is a round up of a few jobs that we had sent in to us (tips SHIFT2 liquidmatrix DOT org) as well as a few that we gleaned from the tubes of the Internet. This is a weekly listing that we will continue to build out in the new year. (Note: These links [...] - Hacker News
Hacker News
WordPress.org Updates Blog Platform, Now At Version 2.9 - https://infosecurity.us/...
Kudos to WordPress.org on their late in the year, and highly anticipated codebase update. Now at version 2.9, the popular blog platform’s release heralds a significantly enhanced blogging environment with a welcome focus on improved authoring and management functions, along with increased capabilities in SSL functionality. More information, direct from the official WordPress blog, appears [...] - Hacker News
Hacker News
Security Briefing – December 23rd - http://www.liquidmatrix.org/blog...
Morning all! Giving Dave a break today since he has been so good lately. This is probably our last post on here for a while with the holidays and all so I hope you all have a happy, healthy, and safe vacation. For those of you who don’t get off of work I hope you [...] - Hacker News
Hacker News
LoadDLLViaAppInit [Didier Stevens] - http://blog.didierstevens.com/2009...
How do you load a DLL in every new process on a Windows machine? One way to do this is the AppInit_DLLs registry key (this key is frequently abused by malware). Every new process loading user32.dll, also loads the DLLs listed in AppInit_DLLs on startup. But you can’t use this key to load hook-createprocess.dll, because it [...] - Hacker News
Hacker News
Howard Schmidt appointed to Cybersecurity Coordinator job - http://www.thetechherald.com/article...
After months of waiting, the Obama Administration has named Howard Schmidt as the White House Cybersecurity Coordinator. While Schmidt getting the job is great news, there are still some questions regarding the position that the appointment has not answered. One such question goes toward the level of actual authority that the job comes with. W. - Hacker News
Hacker News
2009 has been a very adventuresome year for me. There have been high’s, low’s, up’s and down’s. As I look back on it I see that lots has happened and I have lots to be grateful for. I’d like to take a few minutes and say thanks to a few people and organizations. I know [...] - Hacker News
Hacker News
IT Expert Voice: Windows 7 and IPv6 - Useful at Last? "DirectAccess combines IPv6 with Internet Protocol security (IPSec) to provide a high-speed and ultra-secure Virtual Private Network (VPN)" - http://www.rootsecure.net/...
IT Expert Voice: Windows 7 and IPv6 - Useful at Last? "DirectAccess combines IPv6 with Internet Protocol security (IPSec) to provide a high-speed and ultra-secure Virtual Private Network (VPN)" - Hacker News
Hacker News
The Register: Hackers break Amazon's Kindle DRM - http://www.rootsecure.net/...
The Register: Hackers break Amazon's Kindle DRM - Hacker News
Hacker News
Links for 2009-12-22 [del.icio.us] - http://delicious.com/anton18...
Russian hacker gang who 'stole millions from Citibank' under investigation | Technology | The Guardian Top 8 Security Threats of 2010 Cisco MARS Timeline | NetworkWorld.com Community - Hacker News
Hacker News
Silent Noise was hacked? - http://msmvps.com/blogs...
See here: http://matchent.com/wpress... What is interesting is the IP address that the author of the blog post cites as the source of the trouble - 72.167.232.86. 72.167.232.86 belongs to GoDaddy (p3nlh036.shr.prod.phx3.secureserver.net). The server at that IP is host to over 4,000 web sites. As for how Silent Noise was hacked – that I cannot answer. My first guess was that they were using WordPress but it looks like they may have migrated to Drupal (according to a blog post back in 2008). If Drupal, there are security advisories for the Drupal Core, as well as “contributed projects” that should be investigated. For example, look at this one: http://drupal.org/node/579482 The description of the vulnerability reveals that: “The core OpenID module does not correctly implement Form API for the form that allows one to link user accounts with OpenID identifiers. A malicious user is therefore able to use cross site request forgeries to add attacker controlled OpenID identities to... - Hacker News
Hacker News
icabbages: B&N EPUB key derivation algorithm - http://www.rootsecure.net/...
icabbages: B&N EPUB key derivation algorithm - Hacker News
Hacker News
Blackberry Outage, (Wed, Dec 23rd) - http://isc.sans.org/diary...
Several readers have told us that their Blackberry PDAs have not been working for the past few hours ...(more)... - Hacker News
Hacker News
Russ = Rogueware: Is nothing sacred? - http://holisticinfosec.blogspot.com/2009...
You know you've hit the big time when...;-)Alright, maybe not, but you still may have to step aside for my ego.Wait, you already have to do that.Fine. Never mind.But this is kinda funny.Full disclosure:I use Google Alerts for my name (Russ McRee) and m... - Hacker News
Hacker News
FBI Investigating Citibank Hack - http://theitsecurityguy.blogspot.com/2009...
The FBI is looking into a breach at Citibank by a Russian cybergang, the Wall Street Journal reported today. The gang apparently began breaching Citibank over the summer and was uncovered by investigators in the US who noticed suspicious traffic from ... - Hacker News
Hacker News
Tell us about your Christmas Family Emergency Kit, (Wed, Dec 23rd) - http://isc.sans.org/diary...
If you read this diary, then you are probably one of those people who will be asked to fix various f ...(more)... - Hacker News
Hacker News
This is my last post of the year and given that it is the holidays, I wanted to do something a little festive.  Granted, fraud is in no way festive.  But maybe protecting yourself from fraud is?? Either way, McAfee released a report on the “12 Scams of Christmas“.  While this is relevant now, most of [...] - Hacker News
Hacker News
PRC Internet “most free” - http://www.thedarkvisitor.com/2009...
My 中文 isn’t nearly as good as Heike’s (as demonstrated here) but I do believe that this pic posted to sunwear’s baidu blog says that the PRC Internet is the most free.  You might remember sunwear – he is the one that arp-jacked metasploit.com. - Hacker News
Hacker News
Network Security Podcast, Episode 178 - http://www.mckeay.net/2009...
A Tonight’s show is a bit longer than usual thanks to a segment with our wayward contributor Zach and an interview with Metasploit founder HD Moore. HD is now also the CSO of Rapid7, making him quite the busy boy. And, since we can’t help ourselves, Rich and Martin still cover some of this week’s [...] - Hacker News
Hacker News
Off The Wall show for December 22, 2009 - http://www.2600.com/news...
Off The Wall show for December 22, 2009 - Hacker News
Hacker News
Ph4nt0m Security webzine number four - http://www.thedarkvisitor.com/2009...
The well-known ph4nt0m security group has made their latest edition available here:  zh-cn | google xlate. ToC: Introduction ———- by root Flashsky interviews ———- by flashsky Struts2 framework of the security flaws ———- by kxlzx To focus on IP spoofing ———- by papaya Fuzz client-side storage objects, looking for client ddos ———- by woyigui Point defects in the use of application software [...] - Hacker News
Hacker News
Hello Karmic Koala! [/dev/random] - http://blog.rootshell.be/2009...
Finally, I did it! I just upgraded my corporate laptop with the latest release of Ubuntu (9.10) aka “Karmic Koala”. Available for a few weeks, I preferred to wait for some holidays before the upgrade. First, because without laptop, I can’t work! In case of big issue, my off-days would be helpful to restore to [...] - Hacker News
Hacker News
Its the total cost of a security solution that gets you every time - http://www.ashimmy.com/2009...
Image via CrunchBase Last week I wrote a post about a managed SIEM service from FishNet Security that Larry Walsh over on channel insider reported on. Larry had made it out that the FishNet offering solved many of the biggest... - Hacker News
Hacker News
CNN: Hotshot Hackers Compete - http://www.rootsecure.net/...
CNN: Hotshot Hackers Compete - Hacker News
Hacker News
H Security: Beware of Christmas presents with non-volatile memory - http://www.rootsecure.net/...
H Security: Beware of Christmas presents with non-volatile memory - Hacker News
Hacker News
美国将正式任命Chief of Cybersecurity (cyber czar) - http://hi.baidu.com/secway...
YY已久的Cyber czar已经尘埃落定, Howard A. Schmidt Schmidt曾经担任Bush政府cybersecurity adviser, 既有企业界的经验, 也有深厚军方和司法界的背景. 另外很重要的两点: 1. Schmidt将只汇报给National Security Council,而不是此前所说的那样--同时也要汇报给"National Economic Council" 2. Schmidt will also “have regular access to the president,” 全文: Obama to Name Chief of Cybersecurity http://www.nytimes.com/2009... 阅读全文 类别:Cybersecurity 查看评论 - Hacker News
Other ways to read this feed:Feed readerFacebook