Microsoft and double standards

Well said Joe: http://www.microsoft-watch.com/content/operating_systems/the_great_double_standard.html To be fair the stock has risen to its highest point in like 7 years . . . I’m almost afraid to talk about it for fear of scaring it away . . .

1

Wherever you go – there you are! (If you own a Mac with Leopard)

Also a classic line from The Adventures of Buckaroo Bonzai Across the 8th Dimension and also very applicable to that fruit company’s new OS.http://www.isfym.com/Site/Blog/Entries/2007/10/27_Don%E2%80%99t_go_Back_to_My_Mac.html What could *possibly* go wrong? 🙂I imagine this will make both malicious hackers and security researchers alike look at the .Mac authentication / SSO infrastructure with renewed interest. 🙂I have to wonder…

1

DD-WRT kicks ass!

Over the weekend I decided to try something cool at home.  I have a Buffalo WHR-HP-G54 wifi g-router that I got a few weeks back via Slickdeals.  It’s a great router – very strong wifi signal / range and it was cheap – like $50 or something . . . but the HTTP based management GUI…

1

LOLCODE.NET

I give you – the newest CLR language: http://blog.notdot.net/archives/32-LOLCode.net-Now-your-LOLCats-can-use-the-CLR!.html🙂  

1

It begins . . . (PDF spam run)

F-Secure is reporting that a PDF spam run has started that exploits the Adobe URI handler vulnerability (that is really sort of our vulnerability – where Acrobat is simply the current attack vector). Couple things: The Adobe Acrobat update has been released as of October 22nd so make sure you update Acrobat ASAP. If you can’t…

3

Elcomsoft password cracking – now 25x faster?

Thanks to the parallel processing ower of modern GPUs:  http://technology.newscientist.com/article.ns?id=dn12825&feedId=online-news_rss20 I’m surprised they didn’t jump on the Sony PS3 / Cell processor bandwagon . . . On an related note – remember – the password hash is pretty much as good as the password  . . . if the bad guy has your hash –…

0

Getting Microsoft Updates offline . . .

So I just got done reading Larry’s article on XP SP3 over here: http://www.eweek.com/article2/0,1759,2204198,00.aspNear the beginning of the article he mentions something about needing an offline / disk based version of the update process for people who can’t connect to Microsoft Update each month to get up to date.  I shot him an email but…

5

This kid’s a speed freak!

Unbelievable talent . . . http://www.cnn.com/video/#/video/living/2007/10/16/intv.one.handed.rubiks.champ.cnnAnd all he wants to buy with his $700 prize is . . . .

1

Redhat fixes their 1,000th CVE

We now have several years worth of solid CVE / vuln data that has accrued (both for us and our competitors) and some folks like us are improving (by needing to fix fewer security vulns year over year) and others . . . not so much. 🙂http://blogs.technet.com/security/archive/2007/10/16/red-hat-enterprise-linux-4-passes-1000-vulnerabilities.aspx

1