Advertisements

Archive for the ‘technology’ Category

I Am Not Satoshi

November 26, 2013

There has been a lot of speculation recently regarding whether or not I am Satoshi Nakamoto, the infamous creator of Bitcoin, and more recently whether or not a Bitcoin address which I control was used to fund the Silk Road marketplace.  I would like to address these two issues now and hopefully put them to rest.

(more…)

Advertisements

REcon 2012

June 19, 2012

I’ve just recently returned from REcon 2012 and while I heard a couple people express that they had “heard” that some people were more disappointed with this year’s conference compared to prior ones, I personally really enjoyed it and felt it was the best one yet.  I saw and enjoyed more of the lectures this year than I have in the past and seemed to have better interactions with the other conference attendees, better conversations, and generally enjoyed myself more than years past.  Perhaps it was because this year Montreal wasn’t in the middle of a heat wave with no air conditioning in the hotel and the conference hotel didn’t catch fire (:

(more…)

ExploitHub

February 29, 2012

ExploitHub LogoA few years ago, following the failure of WabiSabiLabi’s 0day auction site, I gave some thought to how to create a public marketplace for exploits that actually works.  Obviously given the example of WabiSabiLabi and a little common sense that any vulnerability researcher worth their salt would know, you can’t have a public market for 0day vulnerabilities.  As WabiSabiLabi quickly found out, by disclosing enough information about the vulnerability so that a potential customer can make a determination about whether or not to buy it, you’re likely giving up enough information about the vulnerability for them to find it themselves, given varying levels of time and effort.  Thus, you can really only market 0day to trusted customers and when your marketplace is open to the public, your customers are most definitely not trusted and consists of various demographics who have lots of disposable time on their hands to go hunt down your vulnerabilities.  So, what if we remove 0day from the equation entirely I thought? Could an open market for exploits of public vulnerabilities work? Would anyone actually buy such exploits?  ExploitHub was born, and it turns out the answer is yes.

(more…)

TSA Lectures, Lies, and Rude, Dismissive Behavior

February 21, 2012

On a recent trip to Orlando, I opted out of the full-body scan at AUS, as I always do at every airport security checkpoint.  While waiting for my pat-down, I was lectured by the TSA gate agent about how safe they are, was subsequently questioned about my cellphone use as a radiation exposure comparison, and was subjected to repeated attempts to get me to change my mind and just go through the scanner.

(more…)

Toronto, October 2010

November 2, 2010

This post was originally entitled “SecTor 2010”, however I never actually attended the conference, so it’s not really about the conference but rather my short stay in Toronto during the SecTor 2010 conference.

(more…)

ToorCon 12

October 27, 2010

After a two year absence due to unavoidable other obligations like good friends’ weddings, I finally made it back to one of my favorite hacker conferences, Toorcon.  San Diego is always beautiful when I happen to be there with nice weather and a cool mix of people, both locals and visitors who are there for the conference, and this year was no exception.

(more…)

Cleverbot Not So Clever

December 29, 2009

Yesterday I came across Cleverbot, an “AI” from icogno.  As far as I can tell, it’s an incarnation of their jabberwacky AI which supposedly learns from it’s past interactions.  I’m always skeptical of anything that is claimed to be AI, because actually creating a convincing fake AI, much less a real one, is an extremely hard problem to tackle. So, chatting up Cleverbot, my skepticism was quickly justified in my own opinion, but I’ll let you be the judge.  Here’s the tail end of my conversation with Cleverbot:

(more…)

SmartPhone Unlock Screens: Moving in the Wrong Direction

November 10, 2009

I recently purchased the Motorola Droid from Verizon, and am so far very happy with it.  Other than finding the physical keyboard a bit lacking from being extremely spoiled by the Sidekick’s physical keyboard to which no other physical keyboard could ever hope to live up to, I’ve really had no complaints with the device or the Android 2.0 operating system that runs on it.  I have however, noticed that touch-screen smart-phone unlock screens (not just the Droid’s) are getting progressively less secure.

(more…)

Formal Degrees vs. Certification

August 18, 2008

I’ve never been a fan of most certifications.  I’ve always been even less a fan of formal degrees in education, at least for technology-centric industries.  I’ve always argued that my body of work is my credential, and if a potential employer were to reject my application on the basis that I didn’t have a certain piece of paper, that short-sighted employer wasn’t the type that I wanted to work for anyway.

This article, however, goes even further to suggest that College is a waste of time for an even larger group of people than just the technology-centric industries, and hints at what certifications can accomplish, given that they evolve past most of my objections with them, which are echoed throughout the article.

(more…)