Robert Hensing's Blog

Software Security . . . and stuff.

April, 2007

  • DEP on Vista exposed!

    This is going to be a looooong blog - but its one that I've been meaning to post for a loooong time now. My hope is that you will learn something you didn't peviously know about DEP and Vista or both and that you will, after reading this blog, re-configure...
  • 2007 FIRST conference

    Updated 4/21/2007 to clarify attendance stuff. I wanted to take a second to clarify some things about a conference I'll be speaking at soon. First, The 19th annual FIRST conferrence is open to attendance by everyone - not just members of the FIRST...
  • Mac / QuickTime / Java

    Okay - I wasn't going to blog on this but I just can't take it anymore. First off - read the Matasano blog here: http://www.matasano.com/log/841/this-just-in-blogs-a-crappy-way-to-handle-disclosure/ Sounds pretty bad . . . "Java - write once, exploit...
  • China - Malware - Kaspersky - Targetted Attacks

    http://www.computerweekly.com/Articles/2007/04/26/223456/kaspersky-china-accounts-for-more-than-half-of-malware.htm Found this to be an interesting and thought provoking quote: ""China and India are both huge countries, each with a lot of internet...
  • ANI vuln - Please enable DEP on IE7 on Vista yesterday.

    Just a quick blog post this morning regarding the ANI vuln and some thoughts on mitigations built-in to Vista. First - as mentioned by the MSRC - we are going to release the security update out of band on Tuesday (tomorrow). I recommend installing...
  • VBootkit vs. Bitlocker in TPM mode

    So at HITB in Dubai this week - some researchers announced a proof of concept 'bootkit' for Vista. A bootkit is a rootkit that is able to load from a master boot record and persist in memory all the way through the transition to protected mode and the...
  • PCDecrapifier

    It's about damned time someone came up with an idea like this: http://www.pcdecrapifier.com/ I see that Apple is now even mocking Windows for coming pre-loaded with all sorts of crap from the OEM's: http://www.youtube.com/watch?v=1EbCyibkNB0 I understand...
  • I am trying to believe . . .

    Soooo . . . I'm a huge NiN fan and have been for a while . . . so I was extremely pleased to learn that Year Zero RTW'd today especially after the kind of month I'm having and will likely to continue to have. :) There are only a handful of bands that...