Robert Hensing's Blog

Software Security . . . and stuff.

November, 2006

  • Random Vista Security Factoid Du Jur

    So domain-joined Vista no longer exposes the admin shares by default (i.e. admin$, c$ etc.). My take: This is going to break tons of applications (systems management apps, patch deployment apps etc.) that rely on their existance and it will likely...
  • Ever found malware hiding in the "Default User" profile on Windows? Ever wonder how it got there or why it was there?

    (Edited to fix idiotic bug – I meant to refer to the ‘Default User’ profile on disk not the ‘All Users’ profile! I blame Vista.) (Edited again to make the hyperlinks a more viewable color and to fix some font size issues with the shellcode that happened...
  • OSX Deepsight Security Report

    So I'm not a HUGE fan of SYMC these days - but I have to give them props for releasing this: http://downloads.securityfocus.com/downloads/MacOSX_DeepSight_Report.pdf It's a great look at the state of OSX today . . . it starts off by showing graphically...
  • Will we ever see a Microsoft Zunix?

    So we've launched the Zune. Yea us. I personally won't be buying one - I'm sorta . . . bummed (to be polite) that it won't play my extensive collection of MSN & Urge Plays4sure music and I'm too lazy to burn it all to CD and rip it back to WMA...
  • Web Attacker Toolkit - From Russia with Love

    So here's a very interesting blog post I came across recently: http://www.websense.com/securitylabs/blog/blog.php?BlogID=94 It details the workings of an automated browser exploit toolkit that is sold by some Russians. That's not surprising...
  • I'm back (again(again))

    So I've decided to try and do the blog thing again . . . I'm just going to post my random, personal thoughts on topics that interest me. Since security interests me - I'll still probably have a lot to say on this area. I turned on comments again as well...