Yeah, I bought a Macbook Air I cannot deny that it’s an awesome device and all that, but I’m still getting used to a new OS. The major work’s rediscovering the right tools and, of course, learning OS X’s keyboard shortcuts. Thankfully, it seems like a nice OS and all the work seems worth it. [...]
Read more →For me, the very foundations of Hacker-dom is based on three very fundamental steps: 1. Grasp the fundamentals 2. Question everything 3. Question everything, without being a fanatic As ironical (or rather illuminating, depending on the way you see) it may sound; as I start my very first step to understand the fundamentals of Indian [...]
Read more →DEMO This post was due since the Bank of India hack incident, and was fueled by PDP’s Drive-by Java post, which is a very simple, yet a well thought of extension (sort of) to the Drive-by Download attack. This post is aimed to provide a clearer understanding of the Drive-by Download attack (via a demo). [...]
Read more →Update: I somehow managed to make a blunder. A part of slide no. 12 was taken from David Kierznowski’s (of GNUCitizen and Blogsecurity group) presentation for OWASP Belgium Conf. I missed out on mentioning David’s name is the credits. Apologies David. I’ve updated and re-uploaded it. Yesterday, I presented my first Webinar (Seminar on Web). [...]
Read more →Update: Aah. It’s not that there couldn’t have been any better news , but today’s News is that Ma1 has agreed to provide feature to block frames through NoScript from the next version (1.1.7). NoScripts Rocks. Oh and Yes! Ma1 Rocks too …;) I have been pretty busy since the last few weeks (and this [...]
Read more →ZDNet Asia reports that Google Security team has discovered as “Dangerous Java Flaw that threaten’s Virtually Everything“. The interesting part of this news is that, apart from a few scary statements, it doesn’t inform you anything else. The Sun advisory page on this flaw, however, informs you about two flaws which are nothing but Buffer [...]
Read more →I hope you remember the young Indian security researchers Vipin Kumar (22) and Nitin Kumar (23), the TPM Boys [I guess, that's the way they call themselves. At least their blog confirms that. ]They presented a Paper “Vboot Kit: Compromising Windows Vista Security” at Blackhat Europe – 2007. The talk explained the (different) booting process [...]
Read more →The Month of Search Engine Bugs by MustLive has come to an end. MutLive reports: In the project took part 33 search engines (30 web engines and 3 local engines) of 19 vendors, some vendors have several engines. The list of project’s participants (in order of appearance): Meta, Yahoo, HotBot, Gigablast, MSN, Clusty, Yandex, Yandex.Server [...]
Read more →The title may lure you to assume that I am going to talk about some security bug. Well, I am not… or I’d rather say I haven’t yet thought of any ways to exploit it. If you come up with something, do let us know. Now back to the topic. Almost all the huge players [...]
Read more →I stay back in the office during night and return back at around 6-7 am, when everybody is coming . These nights are supposed to be LONELY as I am the only one in the building (actually in all the four buildings combined), apart from the security guards and office boys, of course. However, I’ve [...]
Read more →Q. Where do you think will you find an amazingly crafted code that would give priority to a Screensaver over a Keyboard/Mouse interrupt? No Kidding. Think. Ans. If you guessed it to be an Operating System designed by the Redmond Giant, you are stupid. It’s not something to be guessed.I just posted to let you [...]
Read more →I was returning back to my room at around 6:30 in the morning after spending the whole night, as usual, in office. Suddenly this though struck me. I always talk about codes and related stuff and ask people to map their algorithms to real life while coding, especially in OOP languages. I asked myself, what [...]
Read more →First thing first. I hate these sites meant for so called “socializing”. Sites like: Orkut, MySpace, etc. Ditto with games like SecondLife. Heck Man. Just get out of these places and get a life…. [Be more like Swen, the GBCD ] Anyways. There is this guy who created a, so called, WORM for MySpace. It [...]
Read more →In an ironical/laughable/insightful event, http://zone-h.org was defaced today by Saudi Hackers. Irony because Zone-H maitains (probably the largest) archive of defaced site. Below is the screenshot of the (defaced) homepage of zone-h. The words “your security got bypassed .. see more security next time” are clear enough to announce that security is not an feature [...]
Read more →Update: This hack doesn’t work any more. I’ll post the latest pretty soon. Hopefully. I loved this performance by Tina & Hussain. It left me breathless, and wet-ted my eyes . I wanted it s badly. Did a l’ill research, found a hack, and here I am, sharing [& open sourcing it ]. You can [...]
Read more →