ssl - Dave's Blog


Search

Hijacking user sessions with the Heartbleed vulnerability · Matt's Life Bytes

10 days ago

Just a quick tutorial on exploiting heartbleed for session hijacking. Is it worse to use https than http today?

PermalinkCommentstechnical security ssl heartbleed session-hijack

Serious Sam’s DRM Is A Giant Pink Scorpion

2011 Dec 7, 12:48

“Serious Sam 3′s DRM is brilliantly cruel, punishing only those who pirated it. By relentlessly pursuing them with a giant invincible armoured scorpion.”

PermalinkCommentsgame video-game scorpion serious-sam

Malware Signed With a Governmental Signing Key - F-Secure Weblog : News from the Lab

2011 Nov 16, 12:19

“It’s not that common to find a signed copy of malware. It’s even rarer that it’s signed with an official key belonging to a government.”

PermalinkCommentstechnical ssl

Man-in-the-Middle Attack Against SSL 3.0/TLS 1.0

2011 Sep 23, 4:37PermalinkCommentstechnical

Chromium Blog: SSL FalseStart Performance Results

2011 May 22, 10:44Links to the IETF draft document of and describes the perf benefits of SSL False Start.PermalinkCommentssecurity google browser web webbrowser https performance ssl tls technical

Google Prediction API - Google Code

2010 Aug 13, 11:46RESTful machine learning API from Google... "The Prediction API implements supervised learning algorithms as a RESTful web service to let you leverage patterns in your data, providing more relevant information to your users. Run your predictions on Google's infrastructure and scale effortlessly as your data grows in size and complexity."PermalinkCommentsrest ai google programming analysis machine-learning development technical

RFC 1951 - DEFLATE Compressed Data Format Specification version 1.3

2009 Sep 3, 7:17"This specification defines a lossless compressed data format that compresses data using a combination of the LZ77 algorithm and Huffman coding." Also see RFC 1950 zlib, a wrapper compression format that can use deflate, and RFC 1952 gzip, a compressed file format that can use deflate.PermalinkCommentstechnical rfc ietf compression http deflate gzip zlib

Anyone can write this crap (Phil Gyford’s website)

2009 Jul 31, 5:57"Is it worth the sensationalism and scaremongering? The endlessly inaccurate and dangerous science reporting? The pointless and news-free lifestyle articles? Do newspapers that prioritise stories based on celebrities and spectacle rather than importance to the world deserve to exist?"PermalinkCommentsvia:sambrook internet news journalism media

Simon Pegg on why the undead should never be allowed to run | Film | The Guardian

2009 Jul 14, 8:26"...the zombie trumps all by personifying our deepest fear: death. Zombies are our destiny writ large. Slow and steady in their approach, weak, clumsy, often absurd, the zombie relentlessly closes in, unstoppable, intractable."PermalinkCommentshumor tv zombie horror film simon-pegg essay culture

Justin Frankel's blog

2009 Mar 10, 9:22Justin Frankel (Previously Winamp/Nullsoft guy) makes a designated graffiti box on his garage with the note: "All are welcome to express themselves in the box below. Printing within the above box is hereby expressly permitted and shall not be considered 'graffiti' in accordance with article #23 of the San Francico Municipal Code." Before graffiti: , And with graffiti:PermalinkCommentsgraffiti cultural-disobediance legal san-francisco nullsoft justin-frankel blog

Evil Mad Scientist Laboratories - Binary Birthday

2008 Nov 19, 4:28"A binary birthday candle. It consists of a single candle with seven wicks, where the wicks that are lit represent the birthday individual's age in binary. This single candle design works flawlessly to represent any age from 1 to 127, never requiring anyone below the age of 127 to blow out more than a mere six candles at a time."PermalinkCommentsvia:swannman birthday geek math humor howto cake birthday-cake candle binary

Language Log - Nerdview

2008 Oct 23, 10:34Geoffrey K. Pullum of Language Log defines 'nerdview': "It is a simple problem that afflicts us all: people with any kind of technical knowledge of a domain tend to get hopelessly (and unwittingly) stuck in a frame of reference that relates to their view of the issue, and their trade's technical parlance, not that of the ordinary humans with whom they so signally fail to engage... The phenomenon - we could call it nerdview - is widespread." Woo, go year-month-day, go!PermalinkCommentsnerdview language date programming nerd writing

obstcp - Google Code

2008 Oct 14, 11:14Similar in concept to the Pirate Bay suggestion of encrypting all TCP/IP connections if both server and client support it: "Obfuscated TCP is a transport layer protocol that adds opportunistic encryption. It's designed to hamper and detect large-scale wiretapping and corruption of TCP traffic on the Internet."PermalinkCommentsinternet tcp encryption security google privacy opensource cryptography network ssl

Network notary system thwarts man-in-the-middle attacks

2008 Aug 26, 10:03"A new system devised by Carnegie Mellon University researchers aims to thwart man-in-the-middle (MitM) attacks by providing a way to verify the authenticity of self-signed certificates. The system, which is called Perspectives, uses a distributed network of "notary" servers to evaluate the public key of a target destination so that its validity can be ascertained."PermalinkCommentssecurity ssl pki certificate man-in-the-middle

Salvador Dali on What's My Line? - Very Short List

2008 Jun 16, 12:51Salvador Dali's appearance on the 1950's game show "What's My Line" in which a panel must determine the occupation of a mystery guest using only yes/no questions. "...Watch the shamelessly self-promotional proto-Warhol's 1952 appearance on What's MPermalinkCommentsvideo gameshow 50s tv salvador-dali

ThinkGeek Bluetooth Retro Handset Review

2008 Mar 23, 1:25

I ordered a ThinkGeek Bluetooth Retro Handset to use at home. When I come home I plug my phone in to charge in my room, but then I can't hear it ring elsewhere in the hosue. The idea was to take this handset which wirelessly connects to cellphones via bluetooth and place it in another part of the house so that I can tell I'm getting an incoming call. The only issue I have with that setup is that it ringing isn't any louder than conversations held over the phone, that is, the ringing is a little quiet.

The handset pairs with cellphones in the same manner as any other handset over bluetooth. It has an internal rechargeable battery which is charged via a standard USB port built into the base of the handset and it comes with a USB cable. Next to the USB port is the only button on the phone which is pressed to answer a call, hang up a call, or begin voice dial, held down to turn the handset on and off, and held down longer to begin pairing with a cellphone. There's a blue LED in one of the holes in the microphone portion of the phone which blinks to indicate if its on or trying to pair. Transitioning between on, off, and pairing produces a cute sound and a change to the LED.

Overal I'm pleased with its simplicity and use of common parts although I wish there was a way to adjust the volume of the ring.

PermalinkCommentsthinkgeek bluetooth cellphone phone product handset

Now using NearlyFreeSpeech.NET to host deletethis.net

2008 Mar 17, 1:25

I've switched from using my own home web server of which one of the harddrives died, to using NearlyFreeSpeech.NET, an actual real live web hosting service. So far I'm very happy with them and they give me almost exactly what I had on my own home server: ssh access, vim, php, java, etc. etc. The only notable things they don't do are (1) cron jobs which I use currently and (2) SSL which I don't use currently. I can replace my cron job usage and I suppose I'll have to reevaluate my web hosting if I ever need SSL. At the moment many of the server side things like Vizicious will be unavailable. I'll work on getting those working again at some point.

PermalinkCommentstechnical webhosting webserver server homepage

the cost of monoculture (Mozilla in Asia - Blog Archive)

2008 Feb 11, 5:50The story of South Korea's ActiveX web encryption scheme.PermalinkCommentsblog article ie internet microsoft mozilla security ssl activex korea south-korea seed

Pimpstar animated wheels -- "a huge leap forward in the evolution of the wheel" - Boing Boing

2008 Jan 8, 6:43The promotional video for this wheel feels like the beginning of a porn video. Images are delivered wirelessly to the wheels but the site doesn't say what protocol. I really hope they didn't consider security.PermalinkCommentshumor wheel pimpstar video car via:boingboing

Video Woes

2007 Aug 15, 3:30I've been experimenting with adding video to my webpage. I tried to embed video in my livejournal blog posts previously however ran into some issues with that. When creating the LJ post I added an tag but when I submit that tags turned into an PermalinkCommentstechnical youtube video personal livejournal homepage
Older Entries Creative Commons License Some rights reserved.