DISQUS

I'd like to thank ecopeland for leaking the details and confirming Halvar's hypothesis. I'd like to thank Halvar even more for his perseverance and not letting anyone stop him from speculating as to what the vulnerability could possibly be.

Halvar, you rock. Matasano, thanks for delivering.

Dave, Jeremy: Anyone up for an impromptu NYSec given that HOPE is tomorrow??

After this all blows over, I'd be interested to see the numbers for how many have already applied the patch versus how many haven't, and again after Dan's talk at Black Hat.

Asking people to accept Dan's (and Tom and Dino's) words on blind faith is asking a lot. I think the position a lot of people are taking is "details first, patch later" as opposed to the "patch first, ask questions later" cowboy mentality.

See you at the next NYSec?

Bits that parse humans... sometimes do it badly ;)

@Dan, I beg to differ. Software can and does kill people. Just read Geekonomics by David Rice. Anton did, and it changed his life!

Me me me! Now time to add me... subtlety to mr mogull. :)

* Building secure systems is an engineering discipline.

This was my frist NYSec, and definitely won't be my last. Already looking forward to the next one!

Why yes, I just noticed your post! Very cool.

Btw, I ran into compilation problems on Linux before:

tsec.c: In function ‘main’:
tsec.c:44: error: too few arguments to function ‘setpgid’
tsec.c:44: error: too many arguments to function ‘setpgrp’
make: *** [tsec.o] Error 1


So in tsec.c, you'll want to change line 44:

if(setpgrp(0, setpgid()) == -1) {

to:

if (setpgid(getpid(),0)) {

The latest version of blackbag I have is at http://www.sockpuppet.org/blackbag-0.9.tgz

Eric, are you suggesting a 1.0 release?

Finally dude... loading another script from another website isn't good, especially when it's your entire comment functionality. pfft.

Finally dude... loading another script from another website isn't good, especially when it's your entire comment functionality. pfft.

I agree with your statement, "I think one reason why we focus (maybe overfocus) in the external threat is that it can’t be controlled. When an employee does something bad, it doesn’t have to become a major media event. You can handle things civilly. And by that I mean civil law."

I believe the only companies that should take the insider threat issue more seriously and actively are those in the defense industry. This doesn't mean only those companies should think about it, because economic espionage is a real thing and it does happen... but not to the extent and criticality to those attacks launched against defense companies. Their products are able to kill people, and the insider threat is not something I want to leave to be decided in civil courts.

I love qmail. Now if only my web host would let me use it. Guess that I'm gonna have to get my own box sooner rather than later...

Funny how qmail used the concept of developing on a secure platform/framework then. Now, everyone recommends doing so for the same reasons. Why reinvent the wheel and at the same, reintroduce problems that allow developers to make the same mistakes over and over again.

Things kinda slow for you these past couple days Daniel? :P

Things kinda slow for you these past couple days Daniel? :P

I give up on Digg. I don't know how this made it to the front page...

I give up on Digg. I don't know how this made it to the front page...

I'm with kuza on this, what's your point? If what you're saying is 99% of the security community is not as l33t as they say they are, okay... but it's like that all over, in every industry.

We're all just a bunch of button pushers and keypad mashers in the end.

I'm with kuza on this, what's your point? If what you're saying is 99% of the security community is not as l33t as they say they are, okay... but it's like that all over, in every industry.

We're all just a bunch of button pushers and keypad mashers in the end.

I know how you feel man.. My blog (and many others I've noticed) is constantly being ripped of content and hosted on other sites.

Wish there was some way to stop it. :shrug:

I know how you feel man.. My blog (and many others I've noticed) is constantly being ripped of content and hosted on other sites.

Wish there was some way to stop it. :shrug:

yeah, you're right.. it's 12 not 10. I was in the wrong units