UPDATE 9/13/2008 : The authors of the Chromium whitepaper linked to below wrote to me the day after I wrote this post thanking me for the links to Dave's blog and they insisted that they had not seen his presentation at Blackhat nor were they aware of...

UPDATE : Reading the Google chrome comic that I received offline - man, I have to admit, this does sound pretty hot. Lots of interesting things - but first and foremost the one that security geeks will care about most - they have in some way ACL'd the...

EDIT : Holy crap: http://rhn.redhat.com/errata/RHSA-2008-0855.html "In connection with the incident, the intruder was able to sign a small number of OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and x86_64 architectures only) and...

Good short interview with Sotirov who clarifies what actually happened at Blackhat for some folks: http://blogs.zdnet.com/Bott/?p=513 He mentions some interesting stuff - like how they worked with us, we gave them feedback, worked with the other vendors...

The SnapShot Viewer 0-day that has seen limited exploitation in the wild is now patched - here's an interesting write-up with some things you may not have known about it. Here's the deal - IE Protected Mode, while not a true defendable security boundary...

Here's one for the schadenfreude files - VMWare users running ESX 3.5.x Update 2 will be unable to power on their machines today / tomorrow / everafter until a fix is released by VMWare to correct a licensing bug that causes legit copies of the software...

Really interesting that CRL checks aren't baked into a lot of open source OpenID providers: http://www.links.org/files/openid-advisory.txt Sun has already updated their web site with this disclaimer: Security Issues OpenID is an untrusted...

Sort of an interesting story on how it came to be that Microsoft Silverlight was chosen to broadcast the Olympics via the series of interconnecting tubes: http://news.cnet.com/8301-13860_3-10003752-56.html?tag=nefd.lede I'm guessing Silverlight supports...

You'll notice Microsoft's auto-updaters (Windows Update / Microsoft Update / Automatic Updates) are not on the list. Why? Because we're paranoid, and we anticipated this type of threat years ago and mitigated it by signing all of our binaries and only...

Don't be evil. http://blogs.pcmag.com/securitywatch/2008/07/google_blogger_hosts_2_of_worl.php

"We are here in San Francisco, where we've secretly replaced the fine operating system these people usually use with Windows Vista, Let's see if anyone can tell the difference!" http://news.cnet.com/8301-13860_3-9998336-56.html?tag=nefd.lede

Lately I'm not a big fan of AV and it amazes me that AV hasn't been beaten up more badly than it has given how it runs on pretty much every desktop in the civilized world and how critical writing solid, secure code is these days. It looks like .Nruns...

Kaminsky's flaw has a metasploit module: http://www.caughq.org/exploits/CAU-EX-2008-0002.txt On the Internet - no one hears your screams.

Most Epic Fail: http://pwnie-awards.org/2008/awards.html#fail Gee . . . I hope we . . . win? No . . . wait . . . Windows Vista for proving that security does not sell $100,000,000 invested in security and what does Microsoft have to show for...

Heres' an interesting, somewhat reflective blog from Kaminsky on security researcher drama, and how in an ideal world lots of trusted peers would get to review your vulns and fix plans before the patches ship: http://www.doxpara.com/?p=1164 Sadly - in...

I have mad respect for Matasano and I can't believe a friend of mine now works there! http://www.matasano.com/log/1088/hello-a-self-introduction-by-chris-rohlf/ Congrats dude!

So I still get IR related questions on occasion . . . one of which being 'what is the best way to dump memory on Windows'. I honestly am hopelessly out of touch - I haven't done IR in many years now - but I came across some intersting tools that seem...

So I noticed yesterday that Adobe had quietly released Acrobat 9 to the web. I decided to download it and check it out to see if they had finally gotten a copy of memo (it's just that we're putting cover sheets on all of our TPS reports now) and decided...

So came across an interesting report today from various security folks (including Gunter Ollmann from ISS): http://www.techzoom.net/papers/browser_insecurity_iceberg_2008.pdf I can appreciate what they are trying to do - and I believe they were probably...

Interesting article from Dino: http://blogs.zdnet.com/security/?p=1325 Vista x64 has like . . . 4.5 out of 5 of things he wants. Love the comment in there about making the heap non-executable. :)

Man - not sure why this didn't grab the media's attention until today: http://www.pcworld.com/businesscenter/article/147503/group_says_google_a_top_source_of_badware.html March was apparently a bad month for the Google properties: http://blogs.stopbadware...

So do something about it: http://blogs.technet.com/swi/archive/2008/06/24/new-tools-to-block-and-eradicate-sql-injection.aspx We give you 3 different ways to combat SQL injection on our platform above including an update to one of my all time favorite...

In Formula 1, silly season usually begins near the middle to end of the F1 calendar (although it seems to start earlier each year) as many drivers and teams start the intricate backroom negotiations of who will drive what next season or even sometimes...

The Microsoft Malware Protection Center team (i.e. the AV folks) have a new blog URL: http://blogs.technet.com/mmpc/ Hopefully these folks will be blogging more about new and exciting malware like they've done just recently. This month - they talk...

This guy has spent an insane amount of time collecting and organizing useful security links . . . but he doesn't just throw them in a blog in random order - he's got a graphical legend and mad organizational skillz. Although I must question some of...