Written by I)ruidJuly 4, 2017

ExploitHub Evolved

Knowing when to call it quits or pivot is an important life skill. Unfortunately, this time has come for ExploitHub.

Written by I)ruidJuly 16, 2010

REcon 2010

This last weekend I took a trip up to Montreal for REcon. If you’re unfamiliar with REcon, it’s a small security conference focused on topics most interesting to reverse engineers. As such, the talks are more technical than you will find at other more mainstream conferences like BlackHat or DEFCON, and generally require a certain […]

Written by I)ruidNovember 10, 2009

SmartPhone Unlock Screens: Moving in the Wrong Direction

I recently purchased the Motorola Droid from Verizon, and am so far very happy with it. Other than finding the physical keyboard a bit lacking from being extremely spoiled by the Sidekick’s physical keyboard to which no other physical keyboard could ever hope to live up to, I’ve really had no complaints with the device […]

Written by I)ruidJanuary 7, 2009

MD5? Really?

First let me say that this article is not meant to diminish the work that Alexander Sotirov et. all have been doing for the past 6 months. It’s good work, has brought about some awesome results, and has demonstrated what was once a theoretical attack on PKI certificates based on MD5 hash collisions. What I’m […]

Written by I)ruidDecember 11, 2008

The Folly of a Scheduled Patch Release Cycle

A number of years ago, Microsoft led the charge by moving away from a dynamic patch release schedule to a monthly patch release schedule, essentially creating an imposed monthly patch cycle for their customers. Since then, many other vendors have followed suit. There are opinions and arguments supporting both a release schedule philosophy as well […]

Written by I)ruidSeptember 18, 2008October 8, 2020

(In)Security Questions

A number of years ago, as the Internet became more and more mainstream, websites and web services began to push to the forefront of online business and society. This generally required allowing users to create accounts with these increasingly complex sites and services, and thus, the entities providing them had to then manage those accounts. […]

Written by I)ruidAugust 19, 2008

Penetration Test != Audit != Assessment

If someone is selling you a network penetration test, and then running a vulnerability scanner and handing you a report, you’re not getting what you paid for, period.

Written by I)ruidAugust 14, 2008

DEFCON 16

DEFCON is always entertaining as it’s the largest hacker conference in North America. Back to back with it’s corporate counterpart, Black Hat, it generally draws thousands of hacker-type people to Las Vegas every summer. The related parties, shenanigans, and drama surrounding it are legendary, and this year was no different. Below are my thoughts on […]

Written by I)ruidJune 23, 2008April 19, 2020

Sleep Hacking

While working for TippingPoint’s DVLabs, I was fortunate enough to not be held to any kind of regular work schedule. Working in an almost pure research role, without the requirement of regularly interfacing with customers or even the rest of the DVLabs group, I had the opportunity to explore something that I’ve never really had […]

Written by I)ruidApril 22, 2008

ToorCon Seattle 2008

The ToorCon organization puts on some of the best conferences in my opinion, and this last weekend was version 1.0 of their Seattle conference (beta was last year, which I also attended). Friday night was entirely 5-minute lightning talks and then Saturday was entirely 20-minute turbo talks. Sunday was workshops, which unfortunately I could not […]

Dustin D. Trammell

Venture Capitalist, InfoSec Research Scientist, Entrepreneur, Artist, Game Designer

Category: hack