8th July 2006, 12:36 am
Episode 45 of the Security Now! podcast mentions a sneaky use of the hosts file—ad blocking. By listing well-known adsites in hosts and forcing them to resolve to 127.0.0.1 (or 0.0.0.0) the irritating ads aren’t displayed. A quick search on Google and I found a site offering a list of adsites specifically for this use.
So far it works really well, despite the list not seeing any updates since 2004. I’ve added one single entry in the two weeks that I’ve used it. Fairly good I think. I’ve also noticed that a few commercial websites, that I used to visit earlier but stopped hitting due to irritating popup windows, have started behaving better 
15th May 2006, 10:53 pm
I found the podcast Security Now the other day. (Actually it was before I listened to episode 139 of TLLTS which contains an interview with SecurityMonkey. Well, back to Security Now.) It’s a rather good show which offers good explanations, though rather basic sometimes, on security related topics. Episode 38 was on browser security and the latest, 39, discussed buffer overruns. I found it to be a little too basic at times, but it’s a good starting point for someone who’s interested in security but is finding reading about it difficult. Anyone with a genuine interest should go to Google and do some searching after listening to the podcasts.
Oh, for episode 39 I’d recommend having pen and paper nearby, visualising the stack on a paper will make the explanation so much clearer.
12th May 2006, 09:11 am
Alan Cox delivered a talk at OSCON Europe titled Computer Security–The Next 50 Years. IT Conversations has made it available online. It’s well worth listening to. Computer Security–The Next 50 Years
21st November 2005, 03:33 pm
Caught a glimpse of an old Sherlock Holmes show on the tele yesterday. The part I saw was very amusing. Homes had just recovered a priceless pearl. When handing it back to the museum he asked that it wouldn’t be put on display because the master thief had promised to steal it back again. The museum manager wouldn’t hear of it, of course, because they had an infallible security system. When the system was demonstrated Holmes commented:
Electricity—the high priest of false security.
(An absolutely brilliant comment!)
Then they went into the manager’s office to discuss the system. The wiring was concealed, and everything in the office was secured by it as well. Holmes birlliantly deduced the wiring was concealed behind the only curtain in the office. Creating a diversion he then disabled the security system. To demonstrate his cleverness he then asked Dr. Watson to take down one of the paintings in the room. He lifts it down and the alarm doesn’t go off of course. Now for the twist, the thief, in disguise, is already in the museum. He watched the demonstration of the alarm system before and realised he couldn’t steal the pearl without finding out more about the security system. Listening through the door he hears about Holmes’ cunning disabling of the system and while it’s still disabled he proceeds to steal the pearl.
Security is tricky business, you shouldn’t be too clever about it!
