Robert Hensing's Blog

Software Security . . . and stuff.

July, 2007

  • Vista resume sluggishness?? (still investigating . . . )

    UPDATE 7/10/2007 : Mea culpa! So after I originally blogged this, I went to the ReadyBoost team to find out more about possible performance issues with ReadyBoost and they were kind enough to help me troubleshoot things further. Before starting some tracing...
  • Strange DLLHost crashes on Vista

    EDITED: 7/22/2007 I have traced the problem to Urge . . . I buy music from MTV Urge and it installs some components that appear to be responsible for the crash. Moreover I discovered that there are two dllhosts on a 64bit version of Windows - there is...
  • JRE pwnage

    So this is a great write-up by Symantec on the rise in not only vulnerabilities but active exploitation of vulnerabilities in the Sun Java Runtime Environment. http://www.symantec.com/enterprise/security_response/weblog/2007/07/new_trend_in_attacking_the_jav...
  • Microsoft.com seem faster to you lately? :)

    I was at TechReady last week and one of the sessions I attended was from some folks who run Microsoft.com They gave some mind boggling stastics on the size of the pipe we have to the Internet (our aggregate bandwidth) and one other stat that I found surprising...
  • Sytem (Code) Integrity audit logging

    To enable logging to the security event log of code integrity related events type this from an elevated CMD: auditpol /set /subcategory:"system integrity" /failure:enable I believe this will allow you to determine when a driver fails to load on x64...
  • TechReady 5 drama . . .

    UPDATE 7/29/2007: Whatever. Stupid notebook. Stupid Heisenbugs. Sooooo on Friday at the conferrence I realized Safe Mode was probably working for me because of the low resolution it starts in. So I tried running in normal mode at low resolution. I pressed...
  • Hacking Vista - eEye style

    So this video has been out for a few months now but it's making the rounds so I thought I'd give my take on things: http://security-protocols.com/2007/07/24/hacking-vista-easier-than-youd-think/ First off - if you've been to my presentation on targeted...
  • PC World reads me?

    I was in the Charlotte airport this morning checking email when I got a note from a friend informing me that PC World had mentioned me in a '10 Things We Love About Microsoft'. Wow! Didn't see THAT one coming. :) http://www.pcworld.com/article/id,134817...
  • Flash and true irony

    Yeah this is old - but I just love the true irony of warning people about the dangers of the recently patched Flash vulnerability - by making a video of it and hosting on Youtube which . . . uses Flash to stream the video! :) http://www.vnunet.com...
  • iOwned

    Interesting article in the NY Times today about a company that has found a vulnerability in the iPhone (probably Safari) that lets a remote attacker take complete control of the device. Oops. http://www.nytimes.com/2007/07/23/technology/23iphone.html...
  • Another reason to love Vista (as if I needed another)

    I am quite possibly the worlds worst fair weather fan. I have gone from loathing Vista to loving Vista . . . all in the same day and much more passionately than with any of our previous OS's. Over the last few months Vista has been really awesome on every...
  • Halvar won't be at Blackhat this year . . . doh.

    For those who read my blog and don't know - Halvar Flake is one of THE most respected security researchers / reverse engineers in the world (he wrote a little application you may have heard of called BinDiff ! ). He has pretty much a standing invitation...
  • Glass houses . . .

    UPDATE: 7/24/2007 Well it looks like Jesper's blog prompted Mozilla to eat some serious crow as they have now finally admitted that they aren't really any different than IE in terms of parameter parsing / handling and thus FireFox could be used to attack...