Marketing for security companies now via Secunia!

Posted on 2006-11-19 by Oliver

<sarcasm>
A great new opportunity for IT security companies which sell products to detect bugs in software automatically (static analysis) – report some vulnerabilities after running your program on a bunch of software applications and feature your own product in the “Provided and/or discovered by” field without ever giving details of the error! The last one is important, never give details! That’s sleek, that’s modern that’s seemingly a new initiative by Secunia to support third party security companies. One of the first to take advantage of this new initiative is GLEG Ltd. from Russia.
</sarcasm>
Continue reading

Posted in EN, IT Security, Software | 3 Comments

Offener Brief an GMX – Betrifft: moderne Browser (nochmal)

Posted on 2006-11-16 by Oliver

Vielen Dank für die Textbausteine, die ich schonmal zugeschickt bekam und auch kommentierte (beachten Sie ruhig das Datum). Schön (oder besser gesagt peinlich), daß der Textbaustein noch nicht angepaßt wurde. Das zeigt doch deutlich wie wichtig Ihnen Topmail-Kunden sind:

http://blog.assarbad.net/20060722/designfragen_gmx/

Wenn ich einen modernen Browser will, ist Internet Explorer 5.5 aus 2000 sicher die letzte Wahl. Netscape 7.2 hat auch schon mehr als 2 Jahre auf dem Buckel, während die Opera-Version welche ich angab keine 6 Monate alt ist. Continue reading

Posted in /dev/null | Leave a comment

Are you a developer reading my blog?

Posted on 2006-11-14 by Oliver

If you are a developer and have not yet heard of WinDirStat, please check it out first. Then if you like it and can imagine to write a plugin for it, give me some feedback at this blog article. Thanks.

// Oliver

Posted in EN, Programming, Software | Leave a comment

Article: “How Two Hours Can Waste Two Weeks”

Posted on 2006-11-14 by Oliver

Over at Agile Advice, you can find a very nice blog article from the perspective of a development manager. I can tell that much: at my former company the PM (same person as DM in this case) did not take the pressure from us devs, at the current company it seems wo work well. Maybe because of that one major difference … that the CTO is member of the dev team? 😉

I was pointed to the article by a friend who is currently plagued by the flu. Get well soon! 🙂

// Oliver

Posted in EN, Programming | Leave a comment

DDKBUILD.CMD updated to version 7.0beta4

Posted on 2006-11-08 by Oliver

OSR is going to update the DDKBUILD.CMD script on their website next week. If you can’t wait, grab your copy at the DDKWizard website.

A bug has been fixed which affected the build for WNET DDK with the two 64bit target processor platforms. Also a glitch on the help screen of the script has been fixed, which was somewhat related to the aforementioned bug.

// Oliver

Posted in /dev/null | Leave a comment

Shit happens … US nuclear secrets found on USB thumb drives …

Posted on 2006-11-07 by Oliver

Read on http://www.msnbc.msn.com/id/15566388/site/newsweek/

// Oliver

Posted in /dev/null | Leave a comment

Storm in a teacup or big deal for Novell?

Posted on 2006-11-05 by Oliver

A friend of mine pointed me to the following message (“open letter”) of Novell:
http://www.novell.com/linux/microsoft/openletter.html (the related press release is here). I wonder how this partnership will affect other distros, especially non-commercial. My friend says that it will have a big influence on the other commercial distros and non-commercial ones will be ignored. I am not so sure. What do you think? Leave a comment …

// Oliver

Posted in /dev/null | Leave a comment

Redpill getting colorless?

Posted on 2006-11-05 by Oliver

Although I had posted this already at the malware research forum and received little feedback, I decided to prepare a brief research paper about this topic and post it here.

The topic is that the Redpill approach by Joanna Rutkowska does not seem to work reliably and the values retrieved in kernel mode inside a virtual machine (VMWare ) differ substantially from the ones retrieved in user mode. While calling SIDT in user mode was the rationale of the whole approach, it would not usually be expected that the results between user mode and kernel mode are different. Also the difference means that the approach is not generally applicable. Last but not least the Redpill approach failed for me on Virtual PC (see the paper).
Continue reading

Posted in EN, IT Security, Programming, Reversing, Software | 2 Comments

Spammers screwing around with postmaster alias

Posted on 2006-11-01 by Oliver

As required by section 4.5.1 of RFC2821, the RFC detailing the SMTP (Simple Mail Transfer Protocol), the postmaster alias (e.g. postmaster@domain.tld) is required on any system running an SMTP service. So far so good.

Having not gotten spam via my own SMTP, thanks to Greylisting I thought I was safe. But now spammers – scum as they are – resort to the very last method to spam valid addresses. Continue reading

Posted in /dev/null | Leave a comment

Got ’em back, LS :-P …

Posted on 2006-11-01 by Oliver

Backup is always good to have …

Yeah, found the stuff. Here is a screenshot of the article “Bragging Rights” referenced in this article from exactly 3 months back …

Last but not least the two articles – referenced here – about rootkits have been found on my 500 GB backup disk. I could pretend that I found them after only some days, but actually it took only about 10 minutes for the XP search to come up with the results :mrgreen:. Here are the files as an archive. Uncompress the file and watch them with the application that registered to view .mht (web archive) files. Enjoy.

// Oliver

Posted in /dev/null | 1 Comment

Lustiger Verschreiber bei Hetzner ;-)

Posted on 2006-10-31 by Oliver

Heute habe ich eine Email vom Hetzner-Support erhalten, in Deutsch und Englisch:

Am Mittwoch dem 01.11.2006 steht Ihnen auf Grund des Feiertages (Allerheiligen) in Bayern kein Support zur Verfügung. Der Notfallsupport kann wie gewohnt in Anspruch genommen werden.

Wednesday, 01.11.2006, wont be any support in bavarian, because of holiday (Allerheiligen).
Emergency support can be ordered normally.

Continue reading

Posted in /dev/null | Leave a comment

ROFLMAO

Posted on 2006-10-30 by Oliver

Have a look at this link:mrgreen:

// Oliver

PS: Yes, Germans actually have (some sort of what you could eventually call) humor 😉

Posted in /dev/null | Leave a comment

Des Rätsels (Auf)Lösung

Posted on 2006-10-28 by Oliver

Nachdem einige gerätselt haben was ich denn wohl in Island so treiben könnte, kann ich es jetzt ja verraten. Ich habe bei “FRISK Software International” (oder “Friðrik Skúlason ehf.” wie die Firma hier offiziell heißt) als Engine-Entwickler angeheuert. Wie es aussieht, kann ich auch meine Kenntnisse in Sachen Treiberprogrammierung nutzen und weiterentwickeln.

// Oliver

Posted in DE, Island/Iceland/Ísland | Leave a comment

Lost in Iceland, too

Posted on 2006-10-28 by Oliver

Thanks to Mike I am now lost in Iceland, too.

The weather has not been too nice in the last few days, but at least it has not been as cold as the name Iceland suggests either. After some problems I finally got my ADSL connection on friday. This means I can stay in touch with my family and others around the world without huge extra costs (although the connection itself is not too cheap either). Continue reading

Posted in /dev/null | Leave a comment

Cool: Lavasoft blog cleaned … (update #1)

Posted on 2006-10-27 by Oliver

Hi fellows,

today I recognized that LS has removed all stuff from the Lavasoft blog. Interestingly all of my blog entries (e.g. this one) have been cleaned up including the one to which I am referring here. Surely just a mistake or maybe because of “regular” cleaning. The funny thing is, that in the forums my blog entries had created some positive feedback – will the inverse hold now that the blog entries have gone?!?! Continue reading

Posted in EN, Lava-watch | 2 Comments

DDKWizard updated

Posted on 2006-10-22 by Oliver

Last night I worked on DDKWizard again and got it updated to support all current versions of Visual Studio .NET as well as the respective Visual C++ products and last but not least the Express version of Visual C++ 2005! Grab your copy at the DDKWizard website.

// Oliver

Posted in /dev/null, Programming | Leave a comment

Die Bahn kommt … manchmal auch am falschen Gleis an

Posted on 2006-10-22 by Oliver

Bevor ich am letzten Montag meinen Flug nach Island antrat, mußte ich natürlich irgendwie nach Berlin/Schönefeld kommen. Da bot sich “Die Bahn” einfach an. Also schaute ich im Internet nach den aktuellen Fahrplänen und guckte mir eine Verbindung aus. Der Umstieg vom Zug aus Forst nach Cottbus in den Zug von Cottbus nach Königs-Wusterhausen (KW) sollten von Gleis 3 nach Gleis 2 erfolgen. Man müßte also nur über den Bahnsteig in den anderen Zug “stolpern”. Continue reading

Posted in /dev/null, DE, Island/Iceland/Ísland | Leave a comment

“Das steht im Grundgesetz!” – “Das kann man ändern …”

Posted on 2006-10-15 by Oliver

Wieviel ist das Grundgesetz (GG) wert?

Heute sagte der Herr Otto (FDP) in der Runde bei Sabine Christiansen – welches ich, mangels Fernseher (ist schon unterwegs nach Island) in meinem eigenen Zimmer, zu gucken gezwungen war – auf den Kommentar von Herrn Ströbele (Bündnis 90/Grüne) hin, daß etwas ja so und so im GG stünde, daß man dies ja ändern könne. Ein sehr interessanter Einwand. Diese Arroganz der Politiker ist so beschissen, ich kann garnicht soviel fressen wie ich kotzen möchte. Continue reading

Posted in /dev/null, DE | 2 Comments

A “rogue state” commits its first nuclear test …

Posted on 2006-10-09 by Oliver

North Korea committed its first nuclear weopons test today. Oops, Mr. Bush junior, what now? Invade them or not? It’s a hard decision since the lifes of many US-Americans could be endangered – a horrible situation given the fact that a US-life is by magnitudes more valuable than the life of a North Korean citizen or the life of any non-US citizen.

Let me state it clearly: I condemn all nuclear weapons tests and usage Continue reading

Posted in /dev/null, EN | Leave a comment

So IE7 is coming. Who cares anyway?

Posted on 2006-10-08 by Oliver

IE7 is coming. But who cares? This company has given a sh*t on standards for the last 10 years, now all of us are supposed to fix our websites again just because they finally found out that there is a certain sense in standard-compliance? I don’t think so. On my website there is one single piece of special treatment for the old IE because it had a screwed box model – and frankly, I am excited how screwed it will look now that IE is going to be standard compliant :mrgreen: Continue reading

Posted in EN, IT Security, Software | 7 Comments