Now that I’ve got a new work computer (a nice Lenovo W500), and sending my previous one back to Foundstone (goodbye Dell D630, you’ve done me proud), I’m getting all my software, settings, etc, installed.  I can never fathom out why, but it takes me forever doing this task and often a fresh OS image [...]

Posted in Misc No Comments »

Talking to a lot of people in security and consultancy in general, it’s pretty clear that a) we do a lot of travel as part of our job and b) pretty much have travel down in things that work for us, what we pack, etc.  In some ways I have to be thankful in that [...]

Posted in Misc, Personal No Comments »

Well, certainly looks like the Information Security Tools Team have been busy   A post by Mark Curphey lists out all the things they have been working on and planning to release later in the year.
Risk Tracker, CAT.NET, Anti-XSS, Threat Modeling Tool, which are all public (and even open source!), and some projects that [...]

Posted in Misc, Security No Comments »

Last post for 2008.  Have I really had this for (nearly) a whole year?  It certainly seems to have gone quick   92 posts, not quite the average of 2 a week, but pretty respectful considering I made a determined effort not to just (re)post about anything that came across my RSS aggregator.  Also [...]

Posted in Misc, Trip Report No Comments »

I don’t mind some excitement in my life, but sometimes too much is too much.
Tara and I were going out shopping today, and one of our friends wanted to tag along with us.  We thought out quota of excitement for the day would be a bunch of film trucks around the Seattle Library – [...]

Posted in Misc 7 Comments »

It’s way past the election, most of the races are now over, but in MN and GA, it’s still going strong. 
There’s a really good article up on some of the ballots that are being “questioned” by both Franken and Coleman’s campaign lawyers – A good number of the ones that are being “disputed” frankly [...]

Posted in Misc, Rant No Comments »

Finally, after what seems like an eternity in campaigning, debates and advertising, the election is over.  I’m not going to write about my political views (although if you know me, you know exactly what side of this fence I sit on), but I will say one thing – the feeling in the USA at [...]

Posted in Misc 1 Comment »

This week Microsoft are holding their semi-annual internal security conference which they call BlueHat.  It’s invite only for external people, and space for internal people runs out very quickly, so all-in-all it’s a good event – lots of people to talk to, and great presenters talking about current topics from both inside and outside [...]

Posted in Industry, Misc, Security 1 Comment »

Well, it’s been over a month since I last posted here.  I could give various reasons, from work, other side projects, even having family out to visit for most of the month, but it’s really been down to me not finding the time or inclination to post.  There has been various things that I wanted [...]

Posted in Misc No Comments »

Through my RSS reader I discovered the above named article the other day, so took a quick look.  In some ways I wish I hadn’t, and I hope that not many other people did either. 
The first few tips are pure “security by obscurity”, and you should never “sanitize” user inputs – either they passes validation [...]

Posted in Industry, Misc, Security No Comments »