On Jan 14th, 2009, Satoshi Nakamoto sent me 25.0 BTC in a single transaction. The address that my wallet provided to receive the bitcoin was: I have previously published in 2013 the entirety of my email correspondence with Satoshi. The intent to send me “some coins” was documented in an email from “Satoshi Nakamoto <satoshi@vistomail.com>” […]
Last week, notorious Faketoshi Craig Wright took the stand in the @hodlonaut vs. Craig Wright trial in Norway. While on the stand giving his testimony, Craig Wright was being questioned by his counsel about sharing “early” pre-release versions of the whitepaper and code, and asked “did you share the code at any state or discuss […]
While pandemic-distancing, I’ve been spending a lot of time at home behind my computer. Given that I haven’t written any code in probably close to a decade at this point, I decided to spend some of my available time relearning a programming language and coding up some simple projects. The first of these projects is […]
Knowing when to call it quits or pivot is an important life skill. Unfortunately, this time has come for ExploitHub.
I’ve just recently returned from REcon 2012 and while I heard a couple people express that they had “heard” that some people were more disappointed with this year’s conference compared to prior ones, I personally really enjoyed it and felt it was the best one yet. I saw and enjoyed more of the lectures this […]
A few years ago, following the failure of WabiSabiLabi’s 0day auction site, I gave some thought to how to create a public marketplace for exploits that actually works. Obviously given the example of WabiSabiLabi and a little common sense that any vulnerability researcher worth their salt would know, you can’t have a public market for […]
A number of years ago, Microsoft led the charge by moving away from a dynamic patch release schedule to a monthly patch release schedule, essentially creating an imposed monthly patch cycle for their customers. Since then, many other vendors have followed suit. There are opinions and arguments supporting both a release schedule philosophy as well […]
It’s been quite a while since I wrote or updated DFW, the I)ruidic FireWall. Included with that utility is a default iptables firewall policy which the user can use directly, tweak to their liking, or completely throw away and start over from scratch. NetFilter (iptables) has come a long way since I was actively working […]
Today, Bruce Schneier posted an essay to his blog arguing the case for full disclosure of software vulnerabilities, which I am also in favor of. It’s apparently a side-bar to an article in CSOOnline entitled “The Chilling Effect” which is about some of the growing issues surrounding vulnerability research in web software. There’s also two […]