Robert Hensing's Blog

Software Security . . . and stuff.

July, 2008

  • Memory dumpers for Windows

    So I still get IR related questions on occasion . . . one of which being 'what is the best way to dump memory on Windows'. I honestly am hopelessly out of touch - I haven't done IR in many years now - but I came across some intersting tools that seem...
  • Dan's DNS checker - We need a new ship!

    Heres' an interesting, somewhat reflective blog from Kaminsky on security researcher drama, and how in an ideal world lots of trusted peers would get to review your vulns and fix plans before the patches ship: http://www.doxpara.com/?p=1164 Sadly - in...
  • Vulnerable Web Browser Study - Full of Fail

    So came across an interesting report today from various security folks (including Gunter Ollmann from ISS): http://www.techzoom.net/papers/browser_insecurity_iceberg_2008.pdf I can appreciate what they are trying to do - and I believe they were probably...
  • Adobe Acrobat 9 - Creamy Security Goodness (on Vista / WS2008)

    So I noticed yesterday that Adobe had quietly released Acrobat 9 to the web. I decided to download it and check it out to see if they had finally gotten a copy of memo (it's just that we're putting cover sheets on all of our TPS reports now) and decided...
  • Today's Fail Open Goat Award goes to: Insecure 3rd party software updaters

    You'll notice Microsoft's auto-updaters (Windows Update / Microsoft Update / Automatic Updates) are not on the list. Why? Because we're paranoid, and we anticipated this type of threat years ago and mitigated it by signing all of our binaries and only...
  • Chris Rohlf joins Matasano

    I have mad respect for Matasano and I can't believe a friend of mine now works there! http://www.matasano.com/log/1088/hello-a-self-introduction-by-chris-rohlf/ Congrats dude!
  • Antivirus fail . . .

    Lately I'm not a big fan of AV and it amazes me that AV hasn't been beaten up more badly than it has given how it runs on pretty much every desktop in the civilized world and how critical writing solid, secure code is these days. It looks like .Nruns...
  • 2% of a big number, is a big number

    Don't be evil. http://blogs.pcmag.com/securitywatch/2008/07/google_blogger_hosts_2_of_worl.php
  • DNS Fail Open Goat Award

    Kaminsky's flaw has a metasploit module: http://www.caughq.org/exploits/CAU-EX-2008-0002.txt On the Internet - no one hears your screams.
  • Pwnie Awards - Vista nominated for . . .

    Most Epic Fail: http://pwnie-awards.org/2008/awards.html#fail Gee . . . I hope we . . . win? No . . . wait . . . Windows Vista for proving that security does not sell $100,000,000 invested in security and what does Microsoft have to show for...
  • Microsoft Mojave

    "We are here in San Francisco, where we've secretly replaced the fine operating system these people usually use with Windows Vista, Let's see if anyone can tell the difference!" http://news.cnet.com/8301-13860_3-9998336-56.html?tag=nefd.lede