Wednesday, January 2, 2008
Legal perspective on Internet Filtering from John Palfrey. More on Psiphon Psiphon is a censorship circumvention solution allowing users to access blocked sites in countries where the Internet is censored. Psiphon turns a regular home computer into a personal, encrypted server capable of retrieving and displaying web pages anywhere.
Wednesday, January 2, 2008
Paper by Berkman’s J Zittrain on Chinese Filtering (warn: PDF)! /whois jzittrain Jonathan Zittrain – Berkman Center for Internet & Society Jonathan Zittrain is a co-founder of HLS’s Berkman Center for Internet & Society and served as its first executive director from 1997-2000. Control of digital property & content Cryptography Electronic privacy Internet governance Technology […]
Also filed in
|
|
Wednesday, January 2, 2008
For more information: from the bug logs: There seems to me a consistant misuse of autoconf “localstatedir” variable. It is traditionally seen that localstatedir be $prefix/var if not supplied. In the following example from nessus-adduser.in there are two issues. One being that if $localstate dir was $prefix/var then this would create $prefix/var/lib/nesuss. And the second […]
Also filed in
|
|
Wednesday, January 2, 2008
Date: Mon, 9 Apr 2007 09:50:04 -0400 From: “Jon D” Subject: Giving Nessus Reports to clients — Licensing, Legal, etc To: nessus@list.nessus.org Message-ID: Content-Type: text/plain; charset=”iso-8859-1″ I’ve heard of PenTesters giving a Nessus scan report to the client as part of their final report. I read through the nessus licensing agreement, and I didn’t say […]
Also filed in
|
|
Wednesday, January 2, 2008
Also called Sneak and Peeks the law enforcement community is sometimes permitted to search a persons place or things without telling them. In certain cases, such as library records or your off site data storage provider, the LE agent will issue a gag order so no one will know they were searched. One of these […]
Also filed in
|
|
Wednesday, January 2, 2008
archived just in case from [http://kinematictheory.phpnet.us/] How the myspace SWF hack worked First note: I DID NOT MAKE THE HACK. I simply downloaded the .swf’s, decompiled them, looked at the actionscript, worked out what it did, found the Javascript that it uses, and tidied it up & commented it. I’ve probably got some bits wrong, […]
Also filed in
|
|
Wednesday, January 2, 2008
http://www.kismetwireless.net/Forum/General/Messages/1148589487.250937 If I’ve used kismet to create a dump file (full packet capture) with WEP encrypted data and then later learn the WEP key, how can I can I apply this key (and BSID) to decrypt the data?
Wednesday, January 2, 2008
MAY 25, 2006 | EEye Digital Security revealed this afternoon a software vulnerability inside Symantec’s Anti-Virus Corporate Edition 10.0. The vulnerability warning, posted on the vendor’s Upcoming Advisories page, requires no user intervention and could be used to create a worm. A Symantec representative told Dark Reading that eEye notified Symantec of the problem today […]
Wednesday, January 2, 2008
Years in the vulnerability management space has taught me that companies can protect themselves by thinking like the attackers. This message seems to be broad in application and a recent anti-terrorism expert voiced the same thought. Yet this story has the anti virus industry up in arms for a consumer protection agency doing just that. […]
Also filed in
|
|