I’ve been meaning to fiddle around with timing attacks for a while. I’ve had various discussions in the past about the significance of login determination attacks (including ones I foun
Just a quick note that I released vsftpd-2.2.2.Most significantly, a regression was fixed in the inbuilt listener. Heavily loaded sites could see a session get booted out just after the initial con
Recently, I’ve been getting pretty behind on executing my various research ideas. The only sane thing to do is blog the idea in case someone else wants to run with it and pwn up a bunch of st
It was great to talk to so many people about Chromium security at HITB Malaysia. I was quite amused to be at a security conference and have a lot of conversations like:Me: What browser do you use?O