Bookmarks

Tags: security*

180 bookmark(s) - Sort by: Date / Title ↑ /

Some of you may be aware of the technique of banner grabbing to find out what software is running on a remote machine. It is done by reading out transmitted data that contains a product name and/or version, such as HTTP's "Server:" response header. Like virtually every content sent by a server, the server is totally free what to send, i.e. this can be easily faked by an HTTP server's admin, and is sometimes even done.

Tags: http, web, server, __blog__, security, fingerprinting by Benjamin Schweizer (2008-06-01)

ACM Classic: Reflections on Trusting Trust

Reprinted from: CACM 27/8, pp. 761-763 » .

Tags: acm, cacm, ken thompson, paper, programming, security by Andreas Turtschan (2008-08-02)

Amazing mystery of the new AACS key leak

boing boing reports that the brand new hddvd encryption key was leaked one weak after its rollout. grats.

Tags: __blog__, hddvd, hacking, security by Benjamin Schweizer (2007-06-01)

An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments (PDF)

Tags: paper, qemu, sandbox, security, virtualization, vm, vmware, xen by Benjamin Schweizer (2007-04-24)

Antifork Research, Inc.

Tags: security, hacking by Benjamin Schweizer (2006-10-13)

apeg.pdf (application/pdf Object)

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications. David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng.

Tags: paper, security, patch, exploit by Andreas Turtschan and 1 other (2008-04-24)

Apple just gave out my Apple ID password because someone asked

I tried to log in to Apple Developer Connection this morning to find out that my password had been changed and the email associated with my account was now a yahoo.com address that wasn't mine. Luckily, my "security question" was still the same, so I was able to reset the password and email address back.

Tags: security, email, apple, __blog__ by Benjamin Schweizer (2008-07-09)