February 27, 2004

Paranoia abounds

'Mr Ferrer can't be with us tonight', via Ask's notes.

Posted by roam at 12:59 PM

February 26, 2004

Trojans as spam robots: the evidence

A TheReg article confirms what we've all suspected (if not known for sure) for some time: viruses "call home" from infected PC's, and the writers - or the managers of the trojan network thus created - give or sell the addresses of the drones to spammers.

Posted by roam at 11:46 AM

February 25, 2004

Is Internet Explorer the problem?

Another thought-provoking Virtuelvis article: Internet Explorer is the problem. While I do not completely agree, still I think that IE and a couple of related programs have gone a *long* way towards dumbing down users to the point that the vast majority of users are either absolutely unaware of most of the risks lurking on the Internet, or - even scarier - absolutely unconcerned, because it could never happen to them.

I really think I may write a bit more on the subject tomorrow, but right now, I'm already kinda sorta late for the first class of the Network Security course for the second semester.

Posted by roam at 07:04 PM

MovableType plug-ins

A nice O'Reilly article on developing MovableType plug-ins. Seen in a comment on the Learning Perl blog.

Posted by roam at 11:01 AM

February 24, 2004

The Curse of the O'Neills

I think I'll write something more about this in my blog proper, but for the present, here's a great write-up by Mark O'Neill about web application security, SQL Injection, and the curse of the O'Neills. Thanks to Tony Bowden.

Posted by roam at 05:37 PM

Does Barliman Have a Beard? And Other Important Fannish Issues

A funny read, via anima.

Posted by roam at 02:14 PM

BSD / Linux - the ongoing rivalry :P

bsdlinux.png ;)

Update: As it turns out, this is just one illustration in a book called Unix Network Administration Guide for PC Unix-like OS's - Linux, *BSD, etc. Quoting Norikatsu Shigemura, "Its sales point is to contain many cute illustrations, in-depth and maniac descriptions and comments, and talking with girls (called scene)." Sounds like a good read, pity it seems to be in Japanese :)

Posted by roam at 12:29 PM


When we get to buffer and context overflows in the Network Security course, env-overflow and cmd-overflow might come in handy as demonstrations - interesting automated tools for placing shellcode into environment variables or command-line parameters.

Posted by roam at 10:15 AM