Thursday, May 22, 2014 - 22:32

Offline Hacking with QR Codes.

QR Codes are quite useful to transport extra information. Specifically in campaigns. You can put a lot more Mumbo Jumbo on a website compared to a poster with limited space for a badly shopped photo and a bullshit slogan. But they can have a quite nasty side effect.

Tuesday, April 22, 2014 - 16:19

Patching a backdoor to make it a more 'proper' backdoor.

Remember when in December 2013 Synacktiv's Eloi Vanderbeken found a pretty nasty backdoor in commercial routers that were widely deployed?
Friday, April 11, 2014 - 01:53

[Heartbleed]: Havoc caused by not checking your boundaries.

The OpenSSL heartbleed bugs demonstrates the problems with sloppy coding and sloppy review on a 1 to 10 fuck-me-seriously? scale with a solid 10. 2 years of potential to wreak havoc. Just because one sloppy coder who made a mistake you're simply not supposed to make and one reviewer who didn't see the obvious...including everyone else who looked at that code and didn't see it either.
Thursday, April 3, 2014 - 06:41

Software to fix on the go seems to be getting more popular than ever

I despise stable releases that aren't working because some moron thought tests aren't necessary because he knows the code well enough to skip the 5 minutes it would take to install and realize something's not quite going to be overly stable after all.
Friday, February 28, 2014 - 01:13

GCHQ snoops into Yahoo webcams

According to the Guardian the GCHQ runs a program dubbed Optic Nerve to bug Yahoo webcam chats of an estimated 1.8 million users in just over a six month period.
Thursday, January 30, 2014 - 17:14

Microsoft joins the Open Compute Project with a surprisingly big package

Microsoft joined the OC project with a surprising bang contributing hardware specifications as well as software, management APIs and protocols. All in all it's a pretty big package.
Wednesday, January 22, 2014 - 01:40

16M gehackte Email Adressen und der etwas verunglückte BSI Sicherheitstest

Das BSI warnt aktuell, dass Millionen von Email Accounts gehackt wurden. Laut BSI über ein Botnetz. Dazu bietet es einen einfachen und schnellen Test an. Dieser ist aber reichlich verunglückt.
Sunday, January 19, 2014 - 00:21

Neues von der Redtube-Abmahn-Front: Das Gutachten und der Umzug

Der Mainzer Kanzlei MMR ist es gelungen das ominöse Gutachten in die Finger zu bekommen. Es ist in etwa das, was ich von einem Auftragsgutachten erwartet hatte. Man bohrt blos nicht zu tief, um den Kunden nicht anzupissen. Aber dieses Exemplar ist schon arg gnädig.
Saturday, January 4, 2014 - 09:39

Hacking ATMs to rob a bank

There was a great speech at 30C3 dealing with hacking ATMs. Basically robbing a bank the digital way. One that is exploited. The basic process is rather simple and reveals severe design flaws with some of these machines.
Monday, December 30, 2013 - 23:48

Hangouts. Wasn't it supposed to be spam free?

Last time I checked there was no more federation with Talk to prevent spam. An obvious BS argument in the first place.