Thursday, October 02, 2008

lappy goes down

Yesterday my laptop's hard drive made some funny noises, so I shut the sucker down, and guess what? It wouldn't come back up.

I replaced the drive with a 250GB one (bigger and cheaper than an exact "Death Star" replacement from an Apple dealer), then restored from TimeMachine backup (pretty slick, actually), and am now trying to figure out what is broken.

  1. Fink stopped working, but probably due to me being stupid (found an error in a config file, and easily fixed Fink)

  2. Had to reinstall developer tools.

  3. Needed to perform software update twice before mail worked

Other than that, time machine saved my butt. Now to recreate the last week's worth of work, and to convince myself to do daily backups instead of weekly ones.

Saturday, March 22, 2008

tax phish

Tax Phishing season is open. Go catch yourself a good one!

Monday, March 10, 2008

iphone's ambiguous http-auth

I'm a little disappointed at Apple. While I think the iPhone is a pretty nice piece of work and their browser is pretty nice too, I don't like the way it handles HTTP-AUTH. (There are other gripes I have, like no "find" feature in safari or the mail app, but we'll stick with a security problem for now). Most browsers are kind enough to display on the "safe" pop-up login box which which website requested the authentication. This is not so with iPhone Safari.

Not only does the pop-up "enter your password" box fill the whole screen (a rather necessary evil), but it doesn't display the domain, URL or any information about the website where you're sending your credentials. If I had some free time, I would hack together a quick demo to show how, using iframes (suitably) or images, I can make you think you're logging into one site but you are actually sending your password to another one entirely. It does indicate whether you are sending your password in the clear or if the connection is secured with TLS/SSL, but in a subtle gray font under the login boxes.

I want to know where my password goes!

Tuesday, January 22, 2008

Drive-by pharming (really) exists!

According to my colleague at Symantec, Drive-By Pharming has been spotted in the wild.

Maybe this indicates that attackers read academic papers?

I presented our paper (finally) in China last December. It was pretty fun...