Comments for Philosophically Secure

Comment on Automated Web-Based Malware Behavior Analysis by eugenekogan

eugenekogan — Wed, 22 Oct 2008 23:35:08 +0000

I got this comment from the presenter this morning:

Your name: Tyler Hudak

Message: Thanks for watching the video of my presentation! The reason I didn’t show how the info is presented to the user (which comes in both the raw files generated and a tidy little HTML report) was that I was running short on time and OWASP was being VERY strict about going over at the conference (as they should). You are also correct in that its not that pretty, since its an internal-only device at this point.

Comment on Django from the ground up by kevin

kevin — Sat, 27 Sep 2008 00:30:51 +0000

Thanks so much for the kind words about This Week in Django. Eric did an amazing job and has a few more casts lined up in the future. If you have any feedback regarding the site, just let us know!

Comment on Software Reverse Engineering Tool Library by busie

busie — Mon, 11 Aug 2008 09:49:46 +0000

i just want to know how the tool library works.we all know that with the books,there is this small sensitive wire thats inserted on the book and ifthe book is stolen the metal will triger the machine(those two posts that always by the door). with the tools i dont see that system being implemented i mean what if someone wants to borrow small tools say scribber,what does the library do to providesecurity to its property?

Comment on Sandia Labs Backhacker Wins $4.3m in Court by Sephiroth

Sephiroth — Mon, 31 Mar 2008 18:10:18 +0000

lol

Comment on Taking advantage of UPnP to be evil by hi

hi — Tue, 15 Jan 2008 20:44:29 +0000

eugene, you’re awesome!

Comment on Apple’s less than perfect security – shocking by DeLeon

DeLeon — Thu, 15 Mar 2007 15:32:59 +0000

Sure security is an issue. Sure we need to think about it. That\’s one of the many reasons I chose a Macâ€”it has a smaller tighter kernel, it has less malicious exploit pressure, none of the vulnerabilities has ever been exploited successfully.

Comment on Sandia Labs Backhacker Wins $4.3m in Court by Mark Haddock

Mark Haddock — Mon, 26 Feb 2007 03:24:40 +0000

You are missing a lot of the crucial facts of this case. It was reported on extensively here in the local media; the Albuquerque Journal provided daily coverage of the trial. Mr. Carpenter testified that he conducted “backhacking” operations regularly during his employment at Sandia, to the benefit of his employer. He sent reports of his activities, in addition to the hacking tools that were the fruits of his labors, up the chain of command to officials at the Department of Energy. His employer knew exactly what he was doing during the years that he was employed there.

It was only when he found information that was stashed on a foreign server that indicated that agencies OUTSIDE of Sandia and the DOE were affected was he ordered to not do anything with the information. Mr. Carpenter tried to find channels within Sandia to get the information to the Army and affected defense contractors, but his employer told him that they only cared about their computers.

You might want to do some more reading on the press coverage to get all of the facts before you rush to judgment. Do you really think that one good lawyer can push a case through the hurdles of the legal system (including the judge), and “trick” a jury into large punitive damages? Don’t you think that Sandia had good lawyers? According to the new mexico courts web site, they hired three attorneys at a good firm in Albuquerque, besides the attorneys they already have on staff.

And all of their attorneys are being paid by your tax dollars; they have a bottomless pit of money to draw from. The real court system doesn’t work like the court systems on Law and Order or other Hollywood movies. Take some time and educate yourself about Mr. Carpenter’s case, and see if you still feel the same way.