http://eugk.net/wordpress Eugene Kogan's blog on all things relevant, especially information security Sat, 16 Aug 2008 01:16:37 +0000 http://backend.userland.com/rss092 en http://eugk.net/wordpress/2008/08/15/python-gives-you-wings/ This is interesting research, but is it something you would use? The researchers' new approach, called CloudAV, moves antivirus functionality into the "network cloud" and off personal computers. CloudAV analyzes suspicious files using multiple antivirus and behavioral detection programs simultaneously. In general, that's not a bad idea. It might save a few ... http://eugk.net/wordpress/2008/08/11/cloudav-prototypes-anti-virus-scanning-via-cloud-computing/ I recently started reading Dr. Dobb's Journal again, and quickly came across this article on Ruby. It goes beyond just talking about how Ruby is really gaining momentum as a serious enterprise programming language, especially for dynamic web apps. The article also mentions two supposed new technologies from Microsoft: APAX ... http://eugk.net/wordpress/2008/08/09/big-doings-with-little-languages/ This isn't exactly breaking news, but it's new to me! I just came across this screencast by Sean Kelly of NASA, where he does a bake-off between several web application frameworks: J2EE, Ruby on Rails, Zope/Plone, TurboGears, and Django. He starts out by creating a simple "Hello, world" application, just ... http://eugk.net/wordpress/2008/07/21/comparing-web-frameworks/ No, not the Mac kind of apples. I'm talking about the problem team member - someone who is working on a team, but really ends up working against the team. I found this quote from McConnell's Rapid Development to really ring true: ...the most consistent and intense complaint from team members ... http://eugk.net/wordpress/2008/07/19/dealing-with-bad-apples/ Bruce Schneier talks about a paper he helped write with a few other researchers on breaking the deniable encryption feature of TrueCrypt. The claim behind this feature is that you can have a secret encrypted file system that will remain undetected, and so you can deny its existence if your drive ... http://eugk.net/wordpress/2008/07/19/truecrypts-deniable-file-system/ There are already plenty of people talking/screaming/crying about the recent bugs found in the Ruby programming language: Techworld Ruby Inside ZSFA Matasano Chargen The list of CVEs created to track these bugs: CVE-2008-2662 CVE-2008-2663 CVE-2008-2725 CVE-2008-2726 CVE-2008-2664 The funny thing is, these vulnerabilities were created in the run-time implementation of Ruby, which is itself written in C. So it's really not ... http://eugk.net/wordpress/2008/06/25/ruby-vulnerabilities/ IT director gets fired. IT director still has remote access to company network. IT director deletes a bunch of stuff and causes some damage. This is a cut and dry example of why the insider threat is such a major issue. I guess some companies need to learn the hard way: ... http://eugk.net/wordpress/2008/06/25/classic-insider-threat-example/ We all know that Windows can't compete with Linux or UNIX when it comes to useful command line utilities (excluding Cygwin). But what most people don't know is how many commands actually are available in Windows. If your job is to investigate intrusions on Windows machines, there are some nifty ... http://eugk.net/wordpress/2008/05/28/windows-command-line-utilities/ Google has some good content about web security available on their Google Code University portal. There's introdutory course material, and even some videos. The one titled "How to Break Web Software" is pretty interesting. http://eugk.net/wordpress/2008/05/12/web-security/