Yvan Seth's Hole in the Internet

Some time ago I wrote about the GSSP-C exam. Being a certification non-believer I thought it would be interesting to have a poke at a certification. The one in question being the, at the time, new GSSP-C (GIAC Secure Software Programmer in C.) It seemed at least relevant to my work (mostly C/C++ back then) and my industry (the dirty world of infosec.) In general I was impressed by the practical resources and also by the message the people behind the exam (SANS) were trying to get across. Afterall… many software security issues are caused by bad programming, the GSSP-C seemed a worthy attempt to address this.

Continue reading Happy retirement GSSP-C!.

First, these are more informed and to the point:

Continue reading Debian SSH, what are the chances?.

Everyone is writing about the Debian & derivatives SSH issue.

Continue reading Debian SSH joy.

"Have form?" That's the phrase that popped into mind when I first saw the name of this new "Phorm" company that's recently found itself on the uncomfortable side of Internet privacy debates. I don't know if the phrase is all that common, but if you grew up watching The Bill you probably know what I'm taking about, I think it's Pommie police slang. Anyway, back to Phorm, It turns out they do have "form" … they even changed their name over it, from "121Media." Under their earlier moniker they distributed something called "PeopleOnPage" which was widely proclaimed to be "spyware" (though some, including Phorm, debate that it is really just "adware" – I've made no attempt to determine whether I think it is one or the other myself, though based on the removal instructions it seems somewhat benign at least.)

Continue reading Have Phorm?.