· What is the Matrix? (November 2003 )

What is the Matrix? (hint: it's not a movie)...

· ha! ()

This article started off with the funniest thing I've read all day:Microsoft Corp. is preparing a major PR assault over Windows' perceived security failings in which it will criticize Linux for taking too long to fix bugs, we have learned.I almost had to post this under the "Humour" category!...

· nothing like a speedy response... (October 2003 )

When I first saw the headline "Ballmer Launches Security Blitzkrieg", I thought to myself, "It's about time... I'm glad Microsoft has decided to actually address the security problems. Then I read the article. Ballmer is saying that Microsoft will release new service packs for Windows XP and Windows Server 2003 in, wait... I need to make this bolder... mid to late 2004 This hardly seems to me to be dealing with "the security crisis [which is] a defining moment in company history"....

· top ten web application vulnerabilities (January 2003 )

Dana pointed to this page about web application vulnerabilities... something to keep in mind for later....

· for even more reference later (January 2003 )

SubInAcl Syntax...

· also for later... ()

From the Nomad Mobile Research Centre: Also for later -- how to forcibly take access over local folders you don't have access to....

· link for later... ()

NTSEC Manual Set of Windows 2000 security tools. download here....

· eek! (November 2002 )

Serious Internet Explorer Defect This is a bad one. Essentially, a webpage can reformat your hard drive through IE. Gotta love that commitment to security Microsoft has right now, eh? The page is steadily being slashdotted, so I've copied the page's text inside this entry. More information, including sample code, can be found here....

· new trojan (November 2002 )

Could be of interest to some people who read this site... Libpcap and tcpdump trojaned on tcpdump.org For the time being, it might not be such a bad idea to remove TCPDump and libpcap from your Linux systems....

· gotta love howstuffworks.com (July 2002 )

Howstuffworks "How Lock Picking Works"...

· linux.ramen.worm... (July 2002 )

If you're running RedHat 6.2 or 7, you owe it to yourself to check this out. There's a new Linux worm in town, that operates on port 27374. Make sure your RedHat system is updated, and secured!...

· love that IE security... (March 2002 )

ie6 security issue This page will open a copy of notepad.exe on your Win2k/XP (and probably '98) system in IE 5.5, and 6.0. It also seems to work around any security settings in the browser; I have IE set to prompt me any time a script calls an external program - IE completely ignored the security settings and ran the program happily. Good to see such things out of a company that's focussing on security. Here's the source, so you don't have to go to the site:...

· new virus transport method... (January 2002 )

One of the QA guys at work passed this on to me. It's the first known Shockwave virus. It's a very low-priority threat, as it requires several conditions to exist before it can become a problem.... but it's interesting that the creators found a way to do it....

· Fighting for Canadian Freedoms (January 2002 )

Electronic Frontier Canada -- www.efc.ca Hat-tip to foz...

· how would you like to be screwed today? (November 2001 )

Office XP Debug Feature May Send Sensitive Documents to Microsoft...

· this email santized for your convenience... (November 2001 )

Since it came up on a list I'm on, here's a great procmail script for trapping and removing emails with suspect attachments....

· great... just what we need... (November 2001 )

Want to know where you got that latest email virus from? It could have been the FBI. The FBI has released "Magic Lantern" - a trojan horse, which captures local keystrokes and sends them to the FBI's mainframe... Great idea for the Bugsy Malone types, but it ain't gonna work for anyone *really* interested in cybercrime (who will, no doubt, have very strict firewall rules in place)...

· the dark internet... (November 2001 )

SecurityFocus has an interesting piece on the Dark Internet -- a phenomenon that leaves 100 million hosts unreachable from portions of the 'net -- and the security prblems lurking within it....

· Fingerprinting port 80 attacks (November 2001 )

Fingerprinting Port 80 Attacks hat tip to foz....

· Fix for IE Security Vulnerability (October 2001 )

Andrew Clover came up with this fix for the IE about: vulnerability: Go to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults and add a DWORD, name 'about', value '4'. This puts about: URLs in the Restricted Sites Zone. Hurrah!...

· New IE Vulnerability (October 2001 )

Just read of a nifty little vulnerability in IE with regards to the about: handler... read on for more info......