Category Archives: IT Security

Any security related topics such as posts about vulnerabilities, malware, rootkits

What a headline “FBI arrests 100 hackers over Blackshades malware”

Claims The Guardian. Well, a few things: Hacker refers to a very broad skill set, it doesn’t refer to motives or lack of ethical framework. The term in such case is usually cracker. Many skilled people with a perfectly intact … Continue reading

Posted in EN, IT Security, Opinion | Comments Off

Critique of systemd

ewontfix.com/14/

Posted in EN, IT Security, Linux, Software | Comments Off

Schneier briefed Congress

Bruce Schneier, a well-known cryptography expert and one of the few with access to the documents leaked by Snowden, briefed six Congress representatives on Thursday. Probably still a more honest speech than Obama’s. ON another note, here’s a fun quote … Continue reading

Posted in EN, IT Security, Privacy, Thoughts | Comments Off

A list of links

… in no particular order: nullifynsa.com and offnow.org thedaywefightback.org taskforce.is Hashtags: #NullifyNSA and #StopTheNSA // Oliver

Posted in EN, Human Rights, IT Security, Privacy | Comments Off

“Why are you spying on Grandma?”

… just got to read these two gems earlier today: Former Top NSA Officials Insist Employees Are Leaving Because Obama Is Mean, Not Because They Object To NSA’s Current Activities NSA Sent Home Talking Points for Employees to Use in … Continue reading

Posted in EN, Human Rights, IT Security, Opinion, Privacy, Thoughts | Comments Off

Speaking of the devil

Just recently I mentioned Clean MX in this blog post and sure enough today I received another automated abuse message from them and relayed to me via Hetzner, my hoster. This time, however, I plan not to be so lenient … Continue reading

Posted in EN, IT Security, Opinion, Thoughts | Comments Off

No relief

In the past software I wrote ended up in detection of anti-malware programs, more traditionally known under the term antivirus (AV) programs1. As you may or may not know I work for an AV vendor and as such I sit … Continue reading

Posted in EN, IT Security, Thoughts | Comments Off

Bruce Schneier about the latest information concerning NSA/GCHQ and cryptography

How to remain secure against NSA surveillance Take it always with a grain of salt, but he is an established expert and he has been openly critical against surveillance in his newsletters. // Oliver PS: another comment from Schneier: The … Continue reading

Posted in EN, IT Security, Privacy | Comments Off

What the creator of PGP thinks …

Read it over here. Excerpt: If we have a change in the government sometime in the future, that government will have such a powerful tool of surveillance, that we will find ourselves in a terrible predicament that we won’t be … Continue reading

Posted in EN, IT Security, Opinion, Privacy | Comments Off

Catch 22

So in the UK porn filters will be mandatory soon on public WLAN hotspots and even homes, reports Wired. Well, good for them chaps on the British Isles. Only this creates a small problem. Being slightly paranoid, I am using … Continue reading

Posted in EN, IT Security, Privacy, Thoughts | Tagged , , , , | Comments Off

Will we learn from the NSA eavesdropping scandal?

Having used encryption for a long time and having used PGP consequently for more than five years it seems unlikely to me that people will go the extra mile to ensure the confidentiality of their electronic correspondence. Leaving aside the … Continue reading

Posted in EN, IT Security, Thoughts | Tagged , , , , | Comments Off

Webdesigners who don’t want me to use there website

… are the ones to use some fancy JavaScript snippet to display a black box saying “You need Flash player to see this” or something similar instead of letting me activate Flash on demand. Opera has the setting as long … Continue reading

Posted in EN, IT Security, Thoughts | Comments Off

Annoying

… companies that tell me may passwords have to be alphanumeric or set an arbitrary upper limit to its length. More annoying: companies that do both. // Oliver

Posted in EN, IT Security | 1 Comment

The abuse of (automated) abuse reports

Abuse reports abound. So do false positives in antivirus (AV) products. Worst of all, false positives in AV products spread within the industry, reports (and corrective action) about them don’t. Try to get rid of a false positive that affects … Continue reading

Posted in EN, IT Security | Comments Off

SSL error with a newly signed cert?

Last night I literally spent hours figuring out an alleged issue with the certificate from StartCom. Of course the problem was entirely on my end, in the editor to be precise. But what happened? I fetched ca-bundle.pem and entered it … Continue reading

Posted in Administration, EN, IT Security, Linux, Software | Tagged , , | 1 Comment

German federals looking for trojan author – still

The German federals (BKA = Bundeskriminalamt, roughly the German equivalent to the FBI in the US) are still looking for someone with the qualifications to write what had been dubbed “Bundestrojaner” (literally: federal trojan) in 2008. This means that first … Continue reading

Posted in C/C++, EN, IT Security, Reversing, Software, Thoughts | Tagged , , | Comments Off

Cool

COPSSH, another SSH implementation on Windows. And it even seems to be convenient to use.

Posted in Administration, EN, IT Security, Software | Comments Off

Nett, eine sichere Pastebin-Alternative

Projektseite und Testinstallation (des Autors?) Super Geschichte. Ich hoffe, daß es noch auf GitHub oder BitBucket erscheint, so daß man die volle Versionsgeschichte bekommt. // Oliver

Posted in DE, IT Security, Software | 2 Comments

“Meet The Hackers Who Sell Spies The Tools To Crack Your PC (And Get Paid Six-Figure Fees)”

Interesting article about Vupen to which a colleague pointed me (thanks, Anna ). I have problems with their business model on so many levels, but just two points: Their business is completely legal, although it may be immoral I doubt … Continue reading

Posted in EN, IT Security, Thoughts | Tagged , , , | Comments Off

Android, what is it all about?

So I did it. I actually bought a cheapo Android phone (Simvalley SP-60) with dual-SIM feature, because that’s the single most important feature of a phone for me. Of course I went immediately to the privacy settings to turn off … Continue reading

Posted in EN, IT Security, Software, Thoughts | 8 Comments