Twitter archive

Testing twitter. Especially for http://www.communitywiki.org/en/Twitter2Wiki

(Originally on Twitter: Thu Jun 19 17:38:31 +0000 2008)

Fixing script to generate the Wiki Creativity Index : http://tinyurl.com/6fjf6f

(Originally on Twitter: Sat Jun 21 20:01:00 +0000 2008)

Found an interesting way to graph #wiki and #wikinet content : http://graphingwiki.python-hosting.com/

(Originally on Twitter: Sun Jun 22 07:27:09 +0000 2008)

#hacklu hack.lu 2008 poster updated http://tinyurl.com/6m3ua5

(Originally on Twitter: Mon Jun 23 14:58:54 +0000 2008)

@mattis http://taint.org/wk/PulseSource a kind planetplanet for twitter - any use for twitter2wiki ?

(Originally on Twitter: Mon Jun 23 17:43:42 +0000 2008)

moving existing wikiri experiment to use the brand new gitpython interface.

(Originally on Twitter: Fri Jun 27 20:40:10 +0000 2008)

sparkline version of the wiki creative index added : http://tinyurl.com/6cyerx

(Originally on Twitter: Sat Jun 28 08:30:38 +0000 2008)

I hate the car industry. Buying a new car because my 4-years Ford broke Yesterday… I’m still waiting for 100% remote working policy ;-)

(Originally on Twitter: Fri Jul 04 15:23:49 +0000 2008)

“nothing that we experiment is ever lost” I found back an old Perl script that solve a today’s problem..

(Originally on Twitter: Sat Jul 05 12:10:34 +0000 2008)

Can we expect Twitter to release their source code under a free software license ?

(Originally on Twitter: Sat Jul 05 19:57:22 +0000 2008)

@jepoirrier I checked http://laconi.ca/ but the missing part is the model to keep the service running with a small amount of money.

(Originally on Twitter: Sun Jul 13 18:57:18 +0000 2008)

Currently listening to “B4 Wuz Then”… this is remembering me some very good old days.

(Originally on Twitter: Mon Jul 14 20:45:26 +0000 2008)

t:idea - portable wiki device - should be as flexible as a moleskine ;-)

(Originally on Twitter: Tue Jul 15 19:40:41 +0000 2008)

making some cosmetic changes on agendajardin.be based on feedback received.

(Originally on Twitter: Tue Jul 15 20:51:48 +0000 2008)

free alternative to tinyurl : http://ur1.ca/ with full source code - @jepoirrier #autonomo.us #autonomous

(Originally on Twitter: Thu Jul 17 16:09:34 +0000 2008)

Are you sure that you are running the latest git ? oh yes man. oh yes… “git version 1.5.6.3.439.g1e10” - the latest commit ;-)

(Originally on Twitter: Sat Jul 19 14:13:17 +0000 2008)

Finishing reading “The Visual Display of Quantitative Information” I should have read it before…

(Originally on Twitter: Wed Jul 23 20:24:58 +0000 2008)

twitter reliability is down compared to identi.ca - scripting a dual post between twitter and identi.ca

(Originally on Twitter: Thu Jul 24 21:27:24 +0000 2008)

Perl is very handy and always saves your life.

(Originally on Twitter: Mon Jul 28 18:47:00 +0000 2008)

grrr a computer without GNU Screen is like a computer without a cpu

(Originally on Twitter: Mon Jul 28 19:06:41 +0000 2008)

HAR2009 in preparation - http://har2009.org/ looks very promising

(Originally on Twitter: Tue Jul 29 20:23:46 +0000 2008)

Just saw two foxes playing in my garden… nice

(Originally on Twitter: Tue Jul 29 21:48:53 +0000 2008)

@security4all preparation is going well… always little surprise that you never expect. Are you also planning to give a hand at HAR2009?

(Originally on Twitter: Tue Jul 29 21:52:58 +0000 2008)

reading I-Ds especially expired SSDP/1.0 - good arguments but complex protocol

(Originally on Twitter: Wed Jul 30 19:39:59 +0000 2008)

t:idea using microblogging for timesheet - with start/stop and tags

(Originally on Twitter: Fri Aug 01 19:33:53 +0000 2008)

Just gave my input for the butterfly survey in Belgium - http://www.papillonsaujardin.be/

(Originally on Twitter: Sun Aug 03 16:21:30 +0000 2008)

First time, I see a practical use of rfc4838… but DTN implementation are still very alpha.

(Originally on Twitter: Wed Aug 06 06:03:19 +0000 2008)

#har2009 graphic design contest http://tinyurl.com/5zob3p time to participate

(Originally on Twitter: Fri Aug 15 15:59:07 +0000 2008)

Just installed #WiGit http://el-tramo.be/software/wigit for an internal #wiki… looks promising

(Originally on Twitter: Fri Aug 22 22:25:03 +0000 2008)

Fixing Sleuth Kit icat to read data from a really broken ext2 dump…forensic is nice but not on Saturday morning.

(Originally on Twitter: Sat Aug 30 10:35:41 +0000 2008)

Just added #ipv6 and an AAAA record set to my homepage - http://www.foo.be/ - we’ll see how popular is ipv6…

(Originally on Twitter: Sun Aug 31 13:07:06 +0000 2008)

@roessler Funny. My home is IPv6/IPv4 for around year. My hosted server is now IPv4/IPv6 via SixXS until hosting company is fully #IPv6.

(Originally on Twitter: Sun Aug 31 13:20:24 +0000 2008)

@roessler I’m more lucky… I use a Soerkis ;-) Hurricane Electric is also a great service.

(Originally on Twitter: Sun Aug 31 14:06:48 +0000 2008)

#mediawiki is nice except on two parts : customization and authentication. grrr

(Originally on Twitter: Sat Sep 06 08:17:21 +0000 2008)

irc.hack.lu is now active and join #hack.lu (available in ipv6 and ipv4)

(Originally on Twitter: Sat Sep 06 11:21:52 +0000 2008)

#hack.lu - irc.hack.lu is working. reminder to self : never use the git repo version of ngIRCd but always the release ;-)

(Originally on Twitter: Sat Sep 06 11:48:50 +0000 2008)

@security4all #hack.lu is the irc channel on irc.hack.lu ;-) but #hacklu is fine as hashtag … hacklu is used as tag on flickr

(Originally on Twitter: Sat Sep 06 12:37:46 +0000 2008)

experimenting #secviz while the radius is time… looks nice.

(Originally on Twitter: Sat Sep 06 20:06:05 +0000 2008)

Just saw #Eldorado a great belgian road movie made by Bouli Lanners but we were only 6…

(Originally on Twitter: Sun Sep 07 20:42:35 +0000 2008)

@security4all I found strange that ISACA is using Word document for making press-release ;-)

(Originally on Twitter: Mon Sep 08 19:25:38 +0000 2008)

http://www.librarything.com/work/57924 - a good criticism of #television and journalism

(Originally on Twitter: Wed Sep 10 19:23:50 +0000 2008)

@rbidule there is only one cookiemonster : http://tinyurl.com/4xcya6 ;-)

(Originally on Twitter: Fri Sep 12 05:53:16 +0000 2008)

sad news http://www.searchlores.org/illness.htm We really hope he will go better very soon.

(Originally on Twitter: Sat Sep 13 10:07:06 +0000 2008)

http://tinyurl.com/6errj4 #blog

(Originally on Twitter: Sat Sep 13 16:22:24 +0000 2008)

#X.509 sucks but when it’s made by #MSFT, it’s worst. I got the proof today…

(Originally on Twitter: Wed Sep 17 18:33:07 +0000 2008)

Reading a nice interview of Donald #Knuth in Communication of the ACM…

(Originally on Twitter: Thu Sep 18 19:44:02 +0000 2008)

awk ‘{print $1}’ www.foo.be-access.log.* | grep “:” | sort | uniq | wc -l –> 49 ;-)

(Originally on Twitter: Thu Sep 18 20:52:38 +0000 2008)

would it possible to use #lanonica as an interface to a social bookmarking tool?

(Originally on Twitter: Sat Sep 20 08:01:36 +0000 2008)

all evening at PCDR for #Chiny,#Belgium hope this can be helpful for the commune - http://www.chinyrural.net/

(Originally on Twitter: Mon Sep 22 20:53:52 +0000 2008)

wondering why Springer or any other editors are not publishing scientific papers for free after a one or two years period…

(Originally on Twitter: Thu Sep 25 21:59:15 +0000 2008)

@security4all seeing the article about p2p and Sabam… remind me of the current inquisition led by Sabam to get money from Belgian B&B.

(Originally on Twitter: Sun Sep 28 17:56:29 +0000 2008)

@security4all Bed&Breakfast / Gîte

(Originally on Twitter: Sun Sep 28 20:39:36 +0000 2008)

#Chomsky was right… economy is only sustainable with public/state funding.

(Originally on Twitter: Mon Sep 29 21:05:14 +0000 2008)

Fixing code that has been already fixed yesterday… the only disadvantage of git while working offline ;-)

(Originally on Twitter: Sun Oct 05 20:41:32 +0000 2008)

I don’t like to prepare presentation the hour before to make it…

(Originally on Twitter: Sun Oct 12 19:28:58 +0000 2008)

@hack_lu Internet connectivity ok but the wireless/switching infrastructure is still in my living room for testing ;-)

(Originally on Twitter: Mon Oct 20 19:38:51 +0000 2008)

@security4all fun should be an important part of life… I work on it.

(Originally on Twitter: Mon Oct 20 20:17:02 +0000 2008)

@security4all it was a great pleasure to see you at #hack.lu

(Originally on Twitter: Sat Oct 25 07:59:46 +0000 2008)

Back from #Barcelona I need some sleep…

(Originally on Twitter: Thu Oct 30 20:09:56 +0000 2008)

Stupid #museum #photography policy : http://www.flickr.com/photos/adulau/2988208855/

(Originally on Twitter: Fri Oct 31 11:30:25 +0000 2008)

@security4all fixing malware infected laptop? the only way is to install a free and real operating system ;-)

(Originally on Twitter: Sun Nov 02 17:20:14 +0000 2008)

@patrickvw that’s the weak point of IPv6, peering is still an issue and finding tier-1 with IPv6 is a day-to-day battle (at least for me).

(Originally on Twitter: Sun Nov 02 20:12:03 +0000 2008)

We enter the age of #Cyberpunk - http://tinyurl.com/6q58yf

(Originally on Twitter: Sun Nov 02 20:44:21 +0000 2008)

I don’t like #slideshare , sharing what a joke… It’s impossible to download a presentation automatically

(Originally on Twitter: Wed Nov 05 22:17:22 +0000 2008)

@security4all - “You need to be logged into your SlideShare account to download a presentation file.” This sucks…

(Originally on Twitter: Wed Nov 05 23:13:52 +0000 2008)

Copylefted works should use the same license… http://tinyurl.com/5oqyxb

(Originally on Twitter: Sat Nov 08 11:39:56 +0000 2008)

Seen today at an European movie festival : #Seraphine and #Rumba … interesting

(Originally on Twitter: Sun Nov 09 19:55:07 +0000 2008)

Every second is the beginning of something new… #electronicmusic

(Originally on Twitter: Tue Nov 11 21:09:39 +0000 2008)

Note to myself : always read the release notes even for #Ubuntu…

(Originally on Twitter: Sat Nov 15 08:40:49 +0000 2008)

Today I’ll give a session about Forensic Analysis - http://www.foo.be/cours/mssi-20072008/

(Originally on Twitter: Sat Nov 15 10:31:14 +0000 2008)

Sorting 1PB in 6 hours, impressive http://tinyurl.com/6z6cmr

(Originally on Twitter: Sat Nov 22 09:24:26 +0000 2008)

@thierryzoller thanks for the link. We will test the TCP reassembly part..;-)

(Originally on Twitter: Sun Nov 23 10:36:57 +0000 2008)

#machinetags are great… http://tinyurl.com/6ah96b

(Originally on Twitter: Sun Nov 23 15:45:48 +0000 2008)

Just moved my streaming server (#icecast+#liquidsoap) #electronicmusic http://www.foo.be:8000/

(Originally on Twitter: Sun Nov 23 16:17:05 +0000 2008)

@security4all http://tinyurl.com/5zmpg5

(Originally on Twitter: Wed Nov 26 22:18:02 +0000 2008)

http://tinyurl.com/5j7td6 2020 FLOSS Roadmap what a joke…

(Originally on Twitter: Sat Dec 13 12:13:09 +0000 2008)

0day in IE again a good reason to move to Free Software

(Originally on Twitter: Tue Dec 16 16:40:02 +0000 2008)

@security4all arghhhhhhh ;-) The only free software is http://tinyurl.com/4zrk3

(Originally on Twitter: Tue Dec 16 17:55:35 +0000 2008)

http://tinyurl.com/7yx72f - Scientific Publication

(Originally on Twitter: Sun Dec 21 11:01:52 +0000 2008)

current experiment : importing communitywiki.org in git using my dirty #oddmuse2git

(Originally on Twitter: Sat Dec 27 17:27:30 +0000 2008)

PKI (and Comodo CA) model is so broken… http://tinyurl.com/845myo

(Originally on Twitter: Mon Dec 29 10:24:36 +0000 2008)

@roessler are the GSM guys? The same guys behind OpenBTS and who made the test during last Burning Man?

(Originally on Twitter: Mon Dec 29 11:02:02 +0000 2008)

@roessler Nice to see more and more people working on an open GSM implementation (even of the broken A-layers ;-)

(Originally on Twitter: Mon Dec 29 11:10:47 +0000 2008)

@roessler thanks. Regarding IMEI, around 15% of the IMEI numbers are not unique… if I remember correctly.

(Originally on Twitter: Mon Dec 29 11:18:43 +0000 2008)

@rbidule no. at a hackathon. Should be back at home this afternoon.

(Originally on Twitter: Mon Dec 29 14:47:56 +0000 2008)

@rbidule http://en.wikipedia.org/wiki/Hackathon - we worked on distributed wiki and annotation.

(Originally on Twitter: Tue Dec 30 09:07:08 +0000 2008)

http://enigmaco.de/enigma/enigma.swf Enigma #cipher in flash… nice remind me the other animation of Rijndael/AES

(Originally on Twitter: Thu Jan 01 14:27:27 +0000 2009)

@security4all I really like the “Not a CISSP” tag.

(Originally on Twitter: Thu Jan 01 16:24:27 +0000 2009)

@thierryzoller Sure but that always reminded me of the Paul Graham quote about why there are high salaries in Java (replace with CISSP)….

(Originally on Twitter: Thu Jan 01 16:56:45 +0000 2009)

@security4all thx -) are you planning to attend FOSDEM’09? I will be there.

(Originally on Twitter: Thu Jan 01 21:54:04 +0000 2009)

@security4all just contacted Alain about it. thanks for the notification.

(Originally on Twitter: Fri Jan 02 08:06:06 +0000 2009)

A simple way to crash User Mode Linux ;-) : http://tinyurl.com/88zkxq

(Originally on Twitter: Fri Jan 02 10:45:17 +0000 2009)

Fighting with nroff/troff conversion to wiki markup… grrr

(Originally on Twitter: Sat Jan 03 17:24:21 +0000 2009)

@rbidule I don’t read mail every day but you already know that… ;-)

(Originally on Twitter: Sat Jan 03 18:26:35 +0000 2009)

I hope to receive my #lensbaby quite soon http://www.lensbaby.com/

(Originally on Twitter: Sun Jan 04 17:16:14 +0000 2009)

@thierryzoler protecting the OS is nice (PKR seems a good idea) but if you have any privileged function in user-space software…

(Originally on Twitter: Mon Jan 05 21:38:09 +0000 2009)

@security4all you made an excellent comment… in the blog post of “Spire Security”.

(Originally on Twitter: Mon Jan 05 21:53:16 +0000 2009)

@security4all http://tinyurl.com/8m897q

(Originally on Twitter: Sat Jan 10 17:20:34 +0000 2009)

@security4all http://tinyurl.com/wump

(Originally on Twitter: Sun Jan 11 18:19:25 +0000 2009)

Listening to Richard D. James (#AFX) : Boxing Day - #AFX is a brilliant artist.

(Originally on Twitter: Sun Jan 18 15:48:14 +0000 2009)

Too many #malware and so less time to do their analysis… even with broken automatization techniques.

(Originally on Twitter: Sat Jan 24 17:08:31 +0000 2009)

iptables -A INPUT -j DROP -p udp –dport domain -m u32 –u32
“0>>22&0x3C@12>>16=1&&0>>22&0x3C@20>>24=0&&0>>22&0x3C@21=0x00020001”

(Originally on Twitter: Wed Jan 28 21:08:23 +0000 2009)

Quick way to drop recursive IN NS queriess… using netfilter…

(Originally on Twitter: Wed Jan 28 21:13:10 +0000 2009)

@gillis57 what’s the price of haircut in your area ? ;-)

(Originally on Twitter: Wed Jan 28 21:24:09 +0000 2009)

Discovered #imgfave - http://imgfave.com - an interesting use of #laconica license:affero

(Originally on Twitter: Sun Feb 01 15:37:13 +0000 2009)

If you like #electronicmusic with a 303 and dark touch… here is a small torrent : http://www.foo.be/cthulhu303.torrent license:undefined

(Originally on Twitter: Sun Feb 01 20:57:57 +0000 2009)

My visa is blocked due to http://tinyurl.com/7au5jh another proof that (PCI) certification sucks

(Originally on Twitter: Mon Feb 02 10:18:29 +0000 2009)

http://www.unwieldy.net/projects/moowheel/ Nice javascript circular visualization… without using #circos

(Originally on Twitter: Fri Feb 06 20:54:45 +0000 2009)

http://dev.europeana.eu/jobs.php everything is fine but Java ;-)

(Originally on Twitter: Thu Feb 12 06:31:00 +0000 2009)

@security4all http://tinyurl.com/bffnqq - static analysis report… I’m curious of what’s inside.

(Originally on Twitter: Thu Feb 12 06:33:44 +0000 2009)

@pcapr (http://www.pcapr.net/) is nice… just wondering what do they use or made for TCP reassembly.

(Originally on Twitter: Tue Feb 17 07:29:15 +0000 2009)

Grrr… Why JSON is using single quote that’s #awk hates with a passion

(Originally on Twitter: Sun Feb 22 11:10:48 +0000 2009)

Andre Gorz was right… we need #metrics. http://tinyurl.com/btwh4v

(Originally on Twitter: Sun Feb 22 17:03:16 +0000 2009)

An ipv4/v6 #bittorrent tracker is running on onpeuttoutcopier.be… another experiment

(Originally on Twitter: Sun Feb 22 17:22:05 +0000 2009)

Experiment in the garden for 2009 : a partial green roof

(Originally on Twitter: Sun Feb 22 18:30:51 +0000 2009)

@xme do you have a homonym at Cisco Bxl ? ;-)

(Originally on Twitter: Wed Feb 25 20:13:59 +0000 2009)

#circos (http://mkweb.bcgsc.ca/circos/) is so great… discovering again another ways to use it.

(Originally on Twitter: Sat Feb 28 06:10:52 +0000 2009)

binblast (http://code.google.com/p/binblast/)… an implementation of phylogenic analysis/classification for malware and binary software.

(Originally on Twitter: Fri Mar 06 07:38:11 +0000 2009)

Some more tests with my #oddmuse #wiki #git import - http://tinyurl.com/astoqn

(Originally on Twitter: Sun Mar 08 10:24:21 +0000 2009)

#belgium #liege a nice diy electro band : http://www.playboysbend.net/

(Originally on Twitter: Sun Mar 08 11:16:03 +0000 2009)

@security4all the report from Secunia is quite clear… but the security myth is just fact in any (proprietary or free) software. it sucks.

(Originally on Twitter: Sun Mar 08 12:03:10 +0000 2009)

The law of the two feet : http://www.flickr.com/photos/debschultz/189582943/ - a critical concept while attending a conference

(Originally on Twitter: Sun Mar 08 15:07:51 +0000 2009)

I don’t like to reverse engineer a security device and discover that a weak point was so obvious after 10 hours on the wrong path… grrr.

(Originally on Twitter: Thu Mar 12 22:58:54 +0000 2009)

@security4all : I saw last week a compromised system on a virtualized system but the compromised os was the home os ;-)

(Originally on Twitter: Fri Mar 13 17:20:31 +0000 2009)

I have a bloody wireless user at home matching this bpf filter : “tcp[13] &41 = 41”… even if we are not in the Christmas period ;-)

(Originally on Twitter: Fri Mar 13 21:11:29 +0000 2009)

@security4all. @rbidule Good point. Where will be the meeting in Brussels next Friday?

(Originally on Twitter: Sun Mar 15 15:21:08 +0000 2009)

@johndcook What are the good reason(s) to use Word instead of LaTeX? ;-) I recently used tufte-latex : http://code.google.com/p/tufte-latex/

(Originally on Twitter: Fri Mar 20 20:53:36 +0000 2009)

@Gillis57 “Claiming that sex education leads to irresponsible sex is like claiming that driver education leads to car accidents” Laurie M

(Originally on Twitter: Fri Mar 20 22:12:26 +0000 2009)

@gillis57 security, knowledge… some companies are claiming that’s irresponsible to make reverse engineering… a variation is possible ;-)

(Originally on Twitter: Fri Mar 20 22:15:51 +0000 2009)

@Gillis57 sorry, always difficult to keep context with 140 characters. don’t forget to use a good typeface for your business card…

(Originally on Twitter: Fri Mar 20 22:20:22 +0000 2009)

Just discovered list.it - a firefox extension for #notes taking http://code.google.com/p/list-it/

(Originally on Twitter: Sat Mar 21 09:20:03 +0000 2009)

http://ether.gtisc.gatech.edu/index.html - #Ether Malware analysis using intel VT - interesting

(Originally on Twitter: Sun Mar 22 11:14:42 +0000 2009)

Listening to Finale, Para One from the soundtrack “La Naissance Des Pieuvres”

(Originally on Twitter: Sun Mar 22 18:14:59 +0000 2009)

@security4all http://tinyurl.com/clcw8h - Sometime a good and old implementation of RFC2196 is better

(Originally on Twitter: Tue Mar 24 07:48:02 +0000 2009)

http://tinyurl.com/c85pw4 Marcus is again right…

(Originally on Twitter: Sat Mar 28 08:49:56 +0000 2009)

Looking for an obscure bio e-book, impossible to find it (even from the publisher) except using IPv6 and NNTP

(Originally on Twitter: Sat Mar 28 11:27:05 +0000 2009)

Nice way to visualize browsing activities http://www.flickr.com/photos/rooreynolds/3414633703/ #infovis

(Originally on Twitter: Fri Apr 10 17:28:54 +0000 2009)

My 4th PSU from #Antec, just died. I hate those PSUs with a passion

(Originally on Twitter: Sun Apr 12 17:56:19 +0000 2009)

Virtualization is not security… another nice example : http://tinyurl.com/clzznh but it’s hard to sell.

(Originally on Twitter: Fri Apr 17 07:07:57 +0000 2009)

NH4C5H8NO4 is not my favorite… especially when there is too much in the recipe ;-)

(Originally on Twitter: Fri Apr 17 13:24:45 +0000 2009)

Voted yes for the license update in Wikipedia. Even if I’m not a big fan of the CC-license but FDL / CC-SA are sharing the same objectives.

(Originally on Twitter: Fri Apr 17 20:09:28 +0000 2009)

Can you spot the frogs? http://www.flickr.com/photos/adulau/3438813367/ - I took the picture in a marsh located in #Belgium

(Originally on Twitter: Sat Apr 18 08:03:04 +0000 2009)

Even with xml2 or xsh, #xml is often not very friendly to the Unix philosophy.

(Originally on Twitter: Sun Apr 19 16:58:08 +0000 2009)

I was looking for a reason to use MariaDB, Oracle buying Sun is a good reason to use more MariaDB…

(Originally on Twitter: Mon Apr 20 20:01:47 +0000 2009)

Don’t forget “les journées du libres” 8th and 9th May in Brussels. http://journeesdulibre.bxlug.be/ organized by #bxlug

(Originally on Twitter: Wed Apr 22 05:49:49 +0000 2009)

License proliferation is a risk and the #EUPL is not helping the case…

(Originally on Twitter: Fri Apr 24 06:38:47 +0000 2009)

Listening to the excellent Legowelt, “Chokolectricity” and “Gotoburg Jacks”… simple & efficient electronic music.

(Originally on Twitter: Fri Apr 24 21:37:38 +0000 2009)

http://arxiv.org/abs/0904.4058 - Security impact ratings considered harmful - interesting

(Originally on Twitter: Tue Apr 28 06:48:08 +0000 2009)

back from Munich… now fixing Perl code while drinking assam tea in the garden.

(Originally on Twitter: Fri May 01 09:05:04 +0000 2009)

@rommelfs nope but #Dilbert is far away from that reality.

(Originally on Twitter: Fri May 01 18:05:33 +0000 2009)

http://news.bbc.co.uk/2/hi/technology/8026964.stm I really liked when it’s “heavily classified”… & especially when it’s useless security

(Originally on Twitter: Sat May 02 06:41:52 +0000 2009)

@xme maybe this kd85.com mirror discussion is somehow linked to this story : http://accounting.kd85.com/

(Originally on Twitter: Sat May 02 07:31:56 +0000 2009)

http://arxiv.org/abs/0905.0363 - #stegano - “Hiding Information in Retransmissions” using TCP retransmission

(Originally on Twitter: Tue May 05 20:29:01 +0000 2009)

I’m again debugging C code from junkies… using xmalloc macros is evil.

(Originally on Twitter: Wed May 06 21:59:49 +0000 2009)

#alfa-matrix is a great belgian label… last albums of Krystal System and a Tribute to #depechemode are nice and soft (for #ebm fans)

(Originally on Twitter: Sat May 09 08:22:43 +0000 2009)

#git is a content tracker not a file tracker but the db git backup is interesting : http://bit.ly/xN9Kh

(Originally on Twitter: Sat May 09 12:59:37 +0000 2009)

If you are a student and are looking for a good internship, the #fsf is a good place : http://www.fsf.org/volunteer/internships

(Originally on Twitter: Sun May 10 19:51:55 +0000 2009)

http://bit.ly/BHkpP #hadopi who voted for and against…

(Originally on Twitter: Wed May 13 05:55:27 +0000 2009)

http://bit.ly/T919B

(Originally on Twitter: Fri May 15 13:58:50 +0000 2009)

Insider threat myth come back… but should be replaced by Internet user threat. #infosec

(Originally on Twitter: Sat May 16 13:22:34 +0000 2009)

@thierryzoller : “(how old are you?) minus 11 hours” is also working #wolframalpha

(Originally on Twitter: Sat May 16 13:31:08 +0000 2009)

http://bit.ly/W7T2b

(Originally on Twitter: Sat May 16 14:35:38 +0000 2009)

http://bit.ly/16OCPO

(Originally on Twitter: Sun May 17 09:13:18 +0000 2009)

I don’t like when ip transit providers got the idea to enable “application firewall” for DNS especially with #Juniper and the “bug” KB12312

(Originally on Twitter: Mon May 18 21:15:35 +0000 2009)

http://bgpmon.net/blog/?p=166 - global #ipv6 deployment statistics - #lu in good position

(Originally on Twitter: Tue May 19 05:48:12 +0000 2009)

http://code.google.com/p/vss2git/ - Ouf… proprietary and dangerous visual source safe is now safe with #git ;-)

(Originally on Twitter: Tue May 19 21:21:03 +0000 2009)

http://myf00.net/?p=18 #malware PoC data interception using Javascript in Firefox

(Originally on Twitter: Wed May 20 05:46:15 +0000 2009)

Just found the bug in my tonight ugly #Python hack… this is called a typo. grrrr

(Originally on Twitter: Wed May 20 21:04:15 +0000 2009)

#belgium if you have milk or cream (organic or not) with the following producer (circular label) : BE M322 A EG - check http://www.afsca.be/

(Originally on Twitter: Thu May 21 10:52:08 +0000 2009)

#belgium #election instead of their head on postesr, why don’t we have their ideas on a poster? maybe they are lacking ideas.

(Originally on Twitter: Thu May 21 15:17:23 +0000 2009)

@elise_huard a good choice. #munin is stable, easy to customize, light and distributed.

(Originally on Twitter: Thu May 21 15:23:36 +0000 2009)

@rbidule Usenix woot. The deadline for CfP is for Tuesday… we hope to finish before.

(Originally on Twitter: Fri May 22 13:35:36 +0000 2009)

A funky bug report (about #glibc) http://bit.ly/NKkAS

(Originally on Twitter: Fri May 22 20:06:25 +0000 2009)

@rbidule I hope so too… depends if the paper is finished in time.

(Originally on Twitter: Fri May 22 21:08:59 +0000 2009)

@kabel Type `help’ to see this list…

(Originally on Twitter: Sat May 23 19:16:24 +0000 2009)

Interesting NIST draft 800-118… but my favorite is still 800-57

(Originally on Twitter: Sun May 24 19:33:14 +0000 2009)

http://bit.ly/JaQGD #lasfm and privacy… -> #librefm http://libre.fm/

(Originally on Twitter: Mon May 25 06:23:13 +0000 2009)

#tb303 #electro http://bit.ly/13ZUPI #soundcloud another great acid set

(Originally on Twitter: Mon May 25 20:53:35 +0000 2009)

#ubuntu #gnulinux #netbook installation on #lenovo s10e in less than 20 minutes… impressive

(Originally on Twitter: Fri May 29 07:44:30 +0000 2009)

White-Box #Cryptography #wbc , a PhD thesis : http://bit.ly/VrtQ4

(Originally on Twitter: Sat May 30 16:04:03 +0000 2009)

@rbidule got one for testing… keyboard is very very small right-shift and enter also very small beside that a good deal for the price.

(Originally on Twitter: Sat May 30 21:17:52 +0000 2009)

@rbidule around 300 EUR…

(Originally on Twitter: Sun May 31 06:04:10 +0000 2009)

#belgium #belgique #copyright Tintin et le droit d’auteur… http://onpeuttoutcopier.be/?p=32

(Originally on Twitter: Mon Jun 01 08:40:56 +0000 2009)

After 2 days of #computation, my scripts failed miserably… next try in 5 minutes.

(Originally on Twitter: Wed Jun 03 21:03:39 +0000 2009)

By the way, don’t trust any code claiming to do #TCP #reassembly from #pcap. This is often a joke.

(Originally on Twitter: Wed Jun 03 21:07:15 +0000 2009)

Nice to see #EFF doing #TOSBack http://www.tosback.org/, looks very similar to our 3 years old project : #GooDiff http://www.goodiff.org/

(Originally on Twitter: Thu Jun 04 20:59:00 +0000 2009)

@gillis57 looks like the definition of a meeting.

(Originally on Twitter: Thu Jun 04 21:31:08 +0000 2009)

Patience always wins… 5 years to get back an org domain used by a spammer ;-)

(Originally on Twitter: Fri Jun 05 21:30:33 +0000 2009)

Still time to ask your candidates #belgium #election - the free software pact : http://bit.ly/dqK2u

(Originally on Twitter: Sat Jun 06 09:34:14 +0000 2009)

@AlainGerlache audace et rigueur… demander les contributions/”updates” des téléspectateurs sur des contenus existant. équilibre possible

(Originally on Twitter: Sat Jun 06 10:57:22 +0000 2009)

An original edition of James Joyce for 310000 EUR, http://bit.ly/11fgbH #ouf

(Originally on Twitter: Sat Jun 06 20:18:14 +0000 2009)

Counting and counting voting ballot… but at least this is real paper. #belgium #election

(Originally on Twitter: Sun Jun 07 18:53:51 +0000 2009)

#p2p #bittorrent Anomos, an interesting pseudonymous bittorrent http://anomos.info/

(Originally on Twitter: Mon Jun 08 20:36:33 +0000 2009)

#unbound dns #python binding works great for dns modification (handy for blacklisting C&C)

(Originally on Twitter: Fri Jun 12 21:15:32 +0000 2009)

Do you know a #NAT64 free software implementation? Maybe it’s the time for a sponsored contest to make one…

(Originally on Twitter: Sun Jun 14 20:45:50 +0000 2009)

#iran election and Benford Law - http://arxiv.org/abs/0906.2789

(Originally on Twitter: Wed Jun 17 19:32:43 +0000 2009)

@zoobab But that’s the application of the silly patent system. in US 35 U.S.C. 122 and in EU Article 130. Confidential until publication.

(Originally on Twitter: Mon Jun 22 13:33:00 +0000 2009)

a note for farmers in #belgium : instead of blocking the highway, sell your milk directly to us. better for you and me.

(Originally on Twitter: Mon Jun 22 20:20:40 +0000 2009)

Added taxonomy in my #machinetag collection - http://bit.ly/pXum7

(Originally on Twitter: Tue Jun 23 09:18:09 +0000 2009)

@xme software is just another way to describe a bag of bugs.

(Originally on Twitter: Tue Jun 23 13:32:23 +0000 2009)

(ttl=64 time=377 ms) via DNS tunneling in a Hotel in Munich. But #ziproxy improved the experience a bit.

(Originally on Twitter: Wed Jun 24 20:39:38 +0000 2009)

In information security, companies should target for security not just a compliance to a mythical certification.

(Originally on Twitter: Sat Jun 27 07:08:12 +0000 2009)

#hadopi After a quick experiment in Perl, you don’t need Internet to share automatically copyrighted works…

(Originally on Twitter: Sun Jun 28 07:12:22 +0000 2009)

@xme routing domain (VRF-lite like) started in 4.6… it seems very promising especially in conjunction with PF.

(Originally on Twitter: Mon Jun 29 20:58:09 +0000 2009)

Don’t forget the C3L summer camp #lu http://bit.ly/mX0V8

(Originally on Twitter: Mon Jun 29 21:44:27 +0000 2009)

geolocal journalism software released as free software - http://www.everyblock.com/code/

(Originally on Twitter: Wed Jul 01 22:06:46 +0000 2009)

Fault Attacks on RSA Signatures with Partially Unknown Messages - http://eprint.iacr.org/2009/309

(Originally on Twitter: Thu Jul 02 05:47:35 +0000 2009)

#fail I don’t like when a reviewer say that I missed a good reference and I really missed it

(Originally on Twitter: Sat Jul 04 07:47:09 +0000 2009)

@security4all thanks a lot for the invitation, I’m in another Country today…

(Originally on Twitter: Sat Jul 04 07:50:59 +0000 2009)

The day of butterflies in my #garden - http://www.flickr.com/photos/adulau/3686025005/

(Originally on Twitter: Sat Jul 04 09:25:04 +0000 2009)

Back to life - Just saw the latest Woody Allen - Whatever Works - a great movie

(Originally on Twitter: Sun Jul 12 19:15:09 +0000 2009)

@miguno thx, the garden is just there to attract the butterfly and the wild life ;-) hope life is wonderful.

(Originally on Twitter: Sun Jul 12 19:21:45 +0000 2009)

is writing legal letter while listening to Lost Vessel from #Drexciya

(Originally on Twitter: Tue Jul 14 21:14:51 +0000 2009)

cool URIs don’t change but for Microsoft is different #wtf http://bit.ly/u2mrF

(Originally on Twitter: Wed Jul 15 20:23:09 +0000 2009)

@davanac but newspapers don’t know how to use robots.txt : http://bit.ly/eE3DK

(Originally on Twitter: Wed Jul 15 20:27:09 +0000 2009)

@zedshaw thanks for using/supporting copyleft-type license. That’s a way to preserve the biotope of free software.

(Originally on Twitter: Wed Jul 15 21:57:06 +0000 2009)

@alfamatrix when do you plan to make a full set of cds with the archive of front 242?

(Originally on Twitter: Thu Jul 16 17:39:44 +0000 2009)

@cases_lu @roessler another good reason to disable the unauthenticated pin-to-pin messaging on your proprietary blackberry enterprise server

(Originally on Twitter: Fri Jul 17 08:49:44 +0000 2009)

@xme Ken Thompson is still right… http://bit.ly/eeFcH

(Originally on Twitter: Fri Jul 17 15:08:00 +0000 2009)

@etychon do you know a page at Cisco showing all the platforms/sw rev really supporting/populating the TCP flags export in Netflow/IPFIX?

(Originally on Twitter: Sat Jul 18 07:07:38 +0000 2009)

Kung fu fighting with PHP code of the #hacklu website while still dreaming of mediawiki written in Python or Perl…

(Originally on Twitter: Sat Jul 18 14:58:31 +0000 2009)

@rbidule Is there a belt scheme in Kung Fu? For PHP, it’s more the goo belt.

(Originally on Twitter: Sat Jul 18 16:55:27 +0000 2009)

ICANN IRT http://bit.ly/7enZB what’s that?

(Originally on Twitter: Tue Jul 21 06:29:58 +0000 2009)

@FunkySteph national holiday in my home country and we are force to work ;-)

(Originally on Twitter: Tue Jul 21 15:28:21 +0000 2009)

-Barings bank would have been saved with #PCI audit- They must be joking

(Originally on Twitter: Sat Jul 25 09:37:26 +0000 2009)

@DidierStevens Yep. Wondering if his talk is really interesting… his book is ok but not going into much details.

(Originally on Twitter: Sat Jul 25 14:07:40 +0000 2009)

Why #CVE and #OVAL are still not able to have a single element for product and a single element for version? now is just #regexp madness

(Originally on Twitter: Sat Jul 25 14:19:06 +0000 2009)

@thierryzoller How many financial/card companies with #PCI DSS certification in Luxembourg? don’t know.

(Originally on Twitter: Sat Jul 25 14:27:52 +0000 2009)

Electronic music streaming back to life http://www.foo.be:8000/

(Originally on Twitter: Sat Jul 25 15:02:56 +0000 2009)

Yin and Yang of #InfoSec - http://bit.ly/44YvAa

(Originally on Twitter: Fri Jul 31 08:40:11 +0000 2009)

#Apple censoring a dictionary http://daringfireball.net/2009/08/ninjawords - Lucky that we have some real libraries left

(Originally on Twitter: Sat Aug 08 07:36:36 +0000 2009)

#hacklu - if you want to print promo leaflets for hack.lu http://bit.ly/bKvqy

(Originally on Twitter: Sun Aug 09 19:35:10 +0000 2009)

@jepoirrier c’est un peu notre mascotte… mais il ne faut pas lui dire ;-)

(Originally on Twitter: Sun Aug 09 19:57:31 +0000 2009)

flute from experimental to standard track(?)… good news - http://bit.ly/3pBMnz

(Originally on Twitter: Sun Aug 09 20:20:02 +0000 2009)

@rbidule enjoy #usenix trip.

(Originally on Twitter: Tue Aug 11 05:18:13 +0000 2009)

Today quote “Sorry, we don’t have (security) guidelines but we have white lines”

(Originally on Twitter: Wed Aug 12 11:53:41 +0000 2009)

Interesting article - a lesson in timing attacks #hmac - http://bit.ly/Zlids

(Originally on Twitter: Fri Aug 14 07:09:09 +0000 2009)

Still have credits for the pdf version of lesoir (#belgium #newspaper), I will use them if numb. of pages in culture is higher than sport

(Originally on Twitter: Sat Aug 15 14:14:22 +0000 2009)

quickly added memcached to python safebrowsing api - http://bit.ly/CFE7T

(Originally on Twitter: Sun Aug 16 06:42:42 +0000 2009)

made a #wikipedia proposal for an universal user page - http://bit.ly/Gvwcm

(Originally on Twitter: Sun Aug 16 09:33:07 +0000 2009)

just finishing review for #hack.lu #hacklu 2009 - some very good submissions this year.

(Originally on Twitter: Mon Aug 17 15:11:04 +0000 2009)

Considerations of SHA-3 candidate’s name - http://rump2009.cr.yp.to/685d6734bee2d982254687349c947af7.pdf #fun #crypto

(Originally on Twitter: Thu Aug 20 11:46:37 +0000 2009)

is AES having an issue or just an implementation issue in PolarSSL? http://rump2009.cr.yp.to/bdac99ea43729bcfa1a5f22f1e132ae4.pdf

(Originally on Twitter: Thu Aug 20 12:41:17 +0000 2009)

Factoring RSA 512 bits in 73 days on a single PC with ggnfs http://bit.ly/ndtOB

(Originally on Twitter: Thu Aug 20 20:45:48 +0000 2009)

@boskabout Cisco IOS SSH key default is still 512 bits and you have still plenty of legacy 512 bits RSA keys (like TI calc keys, scard…)

(Originally on Twitter: Thu Aug 20 20:54:48 +0000 2009)

@boskabout as long as the source on randomness from the card is good enough or/and the sieving step is not improved in a very short time ;-)

(Originally on Twitter: Thu Aug 20 21:03:03 +0000 2009)

a good Keith Haring weekend, positive #art is always refreshing and giving new #ideas…

(Originally on Twitter: Sun Aug 23 19:44:15 +0000 2009)

If you are #GTD fan and loving command line, a nice free software http://taskwarrior.orgp

(Originally on Twitter: Thu Aug 27 22:10:21 +0000 2009)

Don’t forget NNTP in IPv6, a never ending source of knowledge…

(Originally on Twitter: Sat Aug 29 19:40:40 +0000 2009)

@guido_steenkamp Tegenaria atrica most probably for the spider you showed us last time

(Originally on Twitter: Sun Aug 30 12:25:23 +0000 2009)

A patent for TV watching while blogging : 7,519,658… I need to sleep.

(Originally on Twitter: Wed Sep 02 21:11:43 +0000 2009)

@xme I’m often using the #anti-telemarketing script… very efficient. http://www.xs4all.nl/~egbg/frans.html

(Originally on Twitter: Fri Sep 04 19:45:50 +0000 2009)

u_int32_t for the #IPv6 flow label… pffffff

(Originally on Twitter: Fri Sep 04 20:41:56 +0000 2009)

My 28-135 lens smacked violently… but still works.

(Originally on Twitter: Sun Sep 06 14:38:42 +0000 2009)

A real Fahrenheit 451 http://bit.ly/d5KaP

(Originally on Twitter: Sun Sep 06 17:07:17 +0000 2009)

@kabel @cases_lu there is a mixture in the press about it. Those web sites are not directly related to the online banking services…

(Originally on Twitter: Mon Sep 07 15:58:30 +0000 2009)

Today an empirical proof of ‘The usefulness of a meeting is inversely proportional to its attendance’

(Originally on Twitter: Wed Sep 09 19:46:21 +0000 2009)

@FunkySteph I just said “a lot”… not too much ;-) Enjoy your evening.

(Originally on Twitter: Thu Sep 10 21:03:58 +0000 2009)

http://www.eff.org/press/archives/2009/09/08 Is #EFF providing arguments against public domain digitalization? it looks like. I’m lost.

(Originally on Twitter: Fri Sep 11 11:08:23 +0000 2009)

#infosec a French phishing e-mail with a real physical address in Luxembourg…

(Originally on Twitter: Sat Sep 12 15:28:24 +0000 2009)

a quick hack for a binomial search #machinetag http://bit.ly/wbVPC

(Originally on Twitter: Sun Sep 13 13:59:59 +0000 2009)

vim in visual studio… they must be sick. http://code.google.com/p/vivim/

(Originally on Twitter: Sun Sep 13 20:27:54 +0000 2009)

@Fotopedia Why do you require a proprietary client to contribute on fotopedia? a simple flickr<->fotopedia web interface would be easier.

(Originally on Twitter: Tue Sep 15 05:39:20 +0000 2009)

@fotopedia Thanks. This is an excellent news for people willing to share already uploaded CC-licences photos.

(Originally on Twitter: Wed Sep 16 05:48:08 +0000 2009)

http://vimeo.com/6595148 #security vmware host exploitation using the VGA bug… it seems to be based on K. Kortchinsky work.

(Originally on Twitter: Wed Sep 16 20:47:30 +0000 2009)

an updated Internet-Draft about P2P architecture and Security http://bit.ly/vyD6S a good overview…

(Originally on Twitter: Wed Sep 16 21:19:42 +0000 2009)

Achetez son lait en Gaume #belgique #milk http://tiny.cc/milk750 si vous avez des autres adresses… n’hésitez pas.

(Originally on Twitter: Sat Sep 19 07:20:57 +0000 2009)

http://tiny.cc/privacy292 Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization - an interesting reading

(Originally on Twitter: Sun Sep 20 13:56:42 +0000 2009)

@aaaarg Congrats. A great idea (AAAARG) with a cool implementation (A)…

(Originally on Twitter: Sun Sep 20 17:35:27 +0000 2009)

@elise_huard The right time for a lapsong souchong or dark strong assam… #tea

(Originally on Twitter: Sun Sep 20 17:38:59 +0000 2009)

Information Security Visualization Contest for hack.lu 2009 - http://2009.hack.lu/index.php/InfoVisContest

(Originally on Twitter: Tue Sep 22 08:18:13 +0000 2009)

@secviz Information Security Visualization Contest - http://2009.hack.lu/index.php/InfoVisContest #hacklu

(Originally on Twitter: Tue Sep 22 08:38:53 +0000 2009)

www.opencongress.org is very interesting… maybe this could be adapted for other countries? especially #belgium #belgique

(Originally on Twitter: Wed Sep 23 06:10:11 +0000 2009)

@arebentisch Interesting. Have you tried to run opencongress (using ruby on rails) for something else than the US congress?

(Originally on Twitter: Wed Sep 23 19:49:40 +0000 2009)

Just fixed the serial interface to “SkyTraq venus 6 chipset”. The read-at-once now works properly.

(Originally on Twitter: Thu Sep 24 22:19:48 +0000 2009)

@xme http://bit.ly/M1qsI About #BSA in Belgium

(Originally on Twitter: Mon Sep 28 20:11:17 +0000 2009)

http://opensource.dyc.edu/tor-ramdisk #Tor running from RAM. Useful when your tor routing node is seized.

(Originally on Twitter: Tue Sep 29 06:13:33 +0000 2009)

http://bit.ly/bLYUQ Game theory for P2P in ISP networks. A nice paper.

(Originally on Twitter: Wed Sep 30 20:14:39 +0000 2009)

@pcapr Can I upload the full pcap of InfoVis contest for hack.lu 2009? http://2009.hack.lu/index.php/InfoVisContest

(Originally on Twitter: Fri Oct 02 08:02:35 +0000 2009)

@pcapr great. Let me know when it’s indexed. I’ll publish the info on the hack.lu website.

(Originally on Twitter: Fri Oct 02 13:42:26 +0000 2009)

#pcapr added the InfoVis Contest capture http://www.pcapr.net/forensics/ for http://2009.hack.lu/index.php/InfoVisContest #hacklu

(Originally on Twitter: Sat Oct 03 05:58:12 +0000 2009)

Image Approximation with Genetically Selected Cosines - http://bit.ly/zoWhQ

(Originally on Twitter: Sat Oct 03 08:09:49 +0000 2009)

@AlainGerlache on vient juste de le rallumer. mais le #twitpoll pourrait-être plus précis avec une approximation géographique. #gaume

(Originally on Twitter: Sat Oct 03 08:15:37 +0000 2009)

http://www.laquadrature.net/en/node/2369 – Will the European Parliament take its last chance to save citizens’ rights?

(Originally on Twitter: Sat Oct 03 08:33:31 +0000 2009)

@patrickc Interesting. what kind of machine for printing public domain works? a custom or a branded one?

(Originally on Twitter: Sat Oct 03 17:03:22 +0000 2009)

#booksmag je ne comprends pas le “Wikipedia bashing” du magazine… il est possible que l’édition n’aime pas trop la concurrence extérieur.

(Originally on Twitter: Sat Oct 03 20:24:16 +0000 2009)

@HowardLovecraft Have you consulted the obscure records of Sir Ligotti from the small village in the Adirondacks? The one labelled : Curwen

(Originally on Twitter: Sat Oct 03 20:36:42 +0000 2009)

Jurispedia (http://en.jurispedia.org/) a good idea but a non-free license (a CC but with NonCommercial) and incompatible with #Wikipedia

(Originally on Twitter: Sun Oct 04 07:10:00 +0000 2009)

@wikid Do you plan to make an open source hardware token? Maybe an arduino mini would be a good start?

(Originally on Twitter: Sun Oct 04 15:00:15 +0000 2009)

“les forbans , au contraire , sont gens désavoués de toutes les nations “ trouvé dans le dictionnaire des sciences et des arts.

(Originally on Twitter: Tue Oct 06 21:45:09 +0000 2009)

http://bit.ly/11k6dz @rbidule @superlol a good example of the powerpoint disaster…

(Originally on Twitter: Fri Oct 09 21:00:05 +0000 2009)

#gnu #gdb - ‘reverse-finish’ works great, impressive. http://www.gnu.org/software/gdb/news/reversible.html

(Originally on Twitter: Fri Oct 09 21:41:32 +0000 2009)

@sam280 right but SoftICE is more a ring-0 kernel debugger than a versatile user-level debugger. But yes the backtrace was not far away….

(Originally on Twitter: Sun Oct 11 08:54:46 +0000 2009)

went to a good organic food restaurant in #liege #belgique called “como en casa” / place saint Etienne … they have a nice photo expo too.

(Originally on Twitter: Sun Oct 11 09:04:06 +0000 2009)

http://bit.ly/bu8ZK fruitiers résistant en Ardenne #belge - compilation basée sur le verger du Tronquoy

(Originally on Twitter: Sun Oct 11 11:20:19 +0000 2009)

http://nastyoldpeople.org/ a CC-BY-NC-SA licensed movie distributed by thepiratebay… who say that you can’t distribute movies via p2p? ;-)

(Originally on Twitter: Sun Oct 11 14:05:40 +0000 2009)

My current outbound rate : [Rate 6879.5/ 0.0 KB] [Port: 6901] … yes in KB/s with rTorrent.

(Originally on Twitter: Sun Oct 11 16:45:33 +0000 2009)

@superlol The joys of remote hosting… usually they don’t mind outbound bandwidth especially when it’s CC-licensed or legal/free torrent.

(Originally on Twitter: Sun Oct 11 20:43:49 +0000 2009)

“Security Flaws in a Recent Ultralightweight #RFID Protocol” http://arxiv.org/abs/0910.2115 (right now it’s just a cryptanalysis)

(Originally on Twitter: Tue Oct 13 05:55:10 +0000 2009)

I’m wondering why I always looking for textual/typographic transcription before watching a video… maybe text is more accessible to me.

(Originally on Twitter: Wed Oct 14 20:13:21 +0000 2009)

@FunkySteph good luck.

(Originally on Twitter: Thu Oct 15 06:20:58 +0000 2009)

A quick-and-dirty EMF detector with #Arduino : http://bit.ly/QW65J

(Originally on Twitter: Fri Oct 16 06:34:22 +0000 2009)

@miguno Right. Text can be “analyzed” faster and textual representation is often more meaningful than a video.

(Originally on Twitter: Fri Oct 16 06:44:39 +0000 2009)

#DNSSEC Why using RSA (signature) with short term root keys for the root servers? Is there a specific reason? compared to DSA or ECC. ref?

(Originally on Twitter: Sat Oct 17 06:46:04 +0000 2009)

made a quick review of Amusing Ourselves to Death…the Age of Show Business at #LibraryThing www.librarything.com/review/52143736

(Originally on Twitter: Sun Oct 18 15:58:47 +0000 2009)

@bortzmeyer right. just wondering about the size of packets. as RSA signing is not “always” space efficient compared to DSA. #DNSSEC

(Originally on Twitter: Sun Oct 18 16:00:59 +0000 2009)

http://2009.hack.lu/index.php/InfoVisContest #infovis #hacklu contest deadline extended to 25th October. So it’s time to submit…

(Originally on Twitter: Sun Oct 18 16:50:40 +0000 2009)

A nice lcd-based EMF detector http://www.flickr.com/photos/doegox/4027089931/ using #arduino.

(Originally on Twitter: Tue Oct 20 06:10:18 +0000 2009)

#openlibrary waiting for the new version - http://bit.ly/14WDOB

(Originally on Twitter: Thu Oct 22 06:07:58 +0000 2009)

http://upcoming.yahoo.com/event/4721526/ upcoming entry for #hacklu … if you are coming just tell everyone ;-)

(Originally on Twitter: Thu Oct 22 21:32:56 +0000 2009)

A good media is where information-action (cf. Neil Postman) ratio is high and anyone can make real action based on the information captured.

(Originally on Twitter: Sat Oct 24 07:24:29 +0000 2009)

@xme again Dilbert is so true… thanks for the link.

(Originally on Twitter: Sat Oct 24 07:45:27 +0000 2009)

http://trac.transmissionbt.com/ticket/1731 Again they forgot the IPv6-only host… dual-stack is just a temporary state not a final one.

(Originally on Twitter: Sat Oct 24 11:21:36 +0000 2009)

I don’t like #del.icio.us entries without notes. it won’t help anyone and especially the one who bookmarked the URL…

(Originally on Twitter: Sat Oct 24 22:01:19 +0000 2009)

Why I still read paper-based books : http://bit.ly/NOYzx

(Originally on Twitter: Sun Oct 25 18:12:00 +0000 2009)

@FunkySteph #hacklu was a lot of fun with interesting people and great topics. Enjoy your week-end.

(Originally on Twitter: Sat Oct 31 07:24:48 +0000 2009)

#hacklu a small note to all speakers including lightning talks or workshop : feel free to send me your presentation for archiving. thx.

(Originally on Twitter: Sat Oct 31 14:16:42 +0000 2009)

The today useless mail header : “Sensitivity: Private” and looks the effect in a Lotus Client… A cool way to make phishing more efficient.

(Originally on Twitter: Mon Nov 02 09:16:47 +0000 2009)

“By Data We Mean” VJ12 - #art #technology in #belgium http://www.constantvzw.org/vj12/ - hope to see you there.

(Originally on Twitter: Mon Nov 02 20:57:50 +0000 2009)

I was surprised by the old remembering of a trance track, usually it smells the old but one track from the #platipus label was still modern.

(Originally on Twitter: Tue Nov 03 21:31:07 +0000 2009)

More presentations added to the #hacklu 2009 archive : http://2009.hack.lu/archive/2009/ - You’ll enjoy the “defeating SSL in practice”…

(Originally on Twitter: Tue Nov 03 21:42:08 +0000 2009)

#ACTA distributed under a NDA : http://keionline.org/node/660 - If the document leaked, where is the document on Internet?

(Originally on Twitter: Thu Nov 05 07:43:57 +0000 2009)

#ACTA, a summary with the structure of the ACTA document : http://bit.ly/1qpJ4z (found on ip4all.ch) but still looking for the complete one

(Originally on Twitter: Thu Nov 05 07:47:56 +0000 2009)

http://bit.ly/4opVgW How to kill CC-licensed images in #flickr? it’s easy, submit them to “Getty Images”. #wtf

(Originally on Twitter: Sat Nov 07 09:44:15 +0000 2009)

posted about getty images dangerous proposal and #flickr http://www.flickr.com/groups/callforartists/discuss/72157622629518905/

(Originally on Twitter: Sat Nov 07 16:13:13 +0000 2009)

#Decapod une solution libre pour numériser les livres, je voudrais la tester pour numériser le patrimoine gaumais… http://bit.ly/334IlO

(Originally on Twitter: Sun Nov 08 11:21:11 +0000 2009)

http://bit.ly/lNdPB - my today’s random mess especially or indirectly about #copyright

(Originally on Twitter: Sun Nov 08 14:32:54 +0000 2009)

Just saw fish tank http://www.fishtankmovie.com/ in the European Film festival in #virton, #belgium - a surprising movie

(Originally on Twitter: Mon Nov 09 23:23:35 +0000 2009)

RT @Wikimedia: Wikipedia kicks-off 6th Annual Fundraiser. Help protect Wikipedia. Share, everybody! http://bit.ly/WikipediaForever #wiki …

(Originally on Twitter: Wed Nov 11 07:52:41 +0000 2009)

“git rebase -i HEAD~10” is nifty tool but the implication of its use can be very strange… especially with different upstream.

(Originally on Twitter: Thu Nov 12 22:08:58 +0000 2009)

L’AFP (et Le Soir) mélange(nt) #Wikia et #Wikipedia : http://bit.ly/4pqCRE

(Originally on Twitter: Fri Nov 13 10:15:27 +0000 2009)

Received a tentative of web forgery as direct message via #Twitter pointing to a fake Twitter website. A good argument against shorten url.

(Originally on Twitter: Sat Nov 14 08:57:19 +0000 2009)

Literature visualization with colors… #infovis http://bit.ly/4C3eSj #books

(Originally on Twitter: Sat Nov 14 10:11:34 +0000 2009)

http://www.301works.org/ - a work-group for preserving shorten URLs. We must not use short URL ;-) especially if we want a web for human too

(Originally on Twitter: Sat Nov 14 10:42:44 +0000 2009)

Logiciel libre et Région wallone : http://bit.ly/1YXzC3 - cela reste des déclarations - #belgique

(Originally on Twitter: Sat Nov 14 12:55:45 +0000 2009)

hit again the bug “missing sendfile() call” with Apache and unionfs. The drawback of writing portable free software…

(Originally on Twitter: Sun Nov 15 13:06:33 +0000 2009)

#igf2009 “Internet Governance” what a strange concept… as useless as the “Ecosystem Governance”. We don’t need machinery for #cyberspace

(Originally on Twitter: Sun Nov 15 18:26:56 +0000 2009)

RT @librarythingtim: Amazed by bookstores with robots.txt exclusions, so search engines can’t visit. Why not just brick up the door and …

(Originally on Twitter: Sun Nov 15 18:47:38 +0000 2009)

@thierryzoller ESMTP with TLS is mainly used for opportunistic encryption and not checking remote end. So the mitm is part of the design.

(Originally on Twitter: Mon Nov 16 12:58:57 +0000 2009)

@thierryzoller but they are not really used… and when used, X.509 key management is missing. So TLS renegotiation is not the main issue..

(Originally on Twitter: Mon Nov 16 13:08:46 +0000 2009)

@thierryzoller you should have a look at http://bit.ly/1DzM43 Wietse made a good summary about it.

(Originally on Twitter: Mon Nov 16 13:22:14 +0000 2009)

I’m still looking for any good security/cryptography analysis of CMAC/One-Key CBC message authentication code…

(Originally on Twitter: Tue Nov 17 22:14:38 +0000 2009)

tmux is great but GNU Screen has some advantages for old, odd and broken terminals.

(Originally on Twitter: Tue Nov 17 22:34:14 +0000 2009)

#belgique S’il ferme la caserne d’Arlon, Il devrait transformer la caserne d’Arlon avec l’ensemble de ses terrains en réserve naturelle…

(Originally on Twitter: Wed Nov 18 12:23:00 +0000 2009)

@rbidule je les utilise déjà beaucoup… mais en effet, cela une nouvelle réserve plus proche ;-)

(Originally on Twitter: Wed Nov 18 12:42:20 +0000 2009)

RT @fcouchet: Plus de 1 000 m² pour la future Hadopi http://u.mavrev.com/09e1m soit 10 fois plus que les locaux de l’ARMT

(Originally on Twitter: Wed Nov 18 15:52:50 +0000 2009)

#hadopi Les “journalistes” d’Envoyé Spécial font une jolie démonstration de la société du spectacle de Guy Debord. TV et journalisme aie aie

(Originally on Twitter: Fri Nov 20 07:20:54 +0000 2009)

will be in Bruxelles next week-end for Verbindingen/Jonctions #12 - http://www.constantvzw.org/vj12/ mainly for #goodiff you’re welcome

(Originally on Twitter: Sat Nov 21 11:18:05 +0000 2009)

#goodiff #hackathon at hackerspace bruxelles - http://hackerspace.be/Goodiff_Hackathon

(Originally on Twitter: Sat Nov 21 11:35:56 +0000 2009)

@security4all sure… but it’s the next week-end.

(Originally on Twitter: Sat Nov 21 13:37:27 +0000 2009)

http://www.arabidopsis.org/ TAIR (Arabidopsis Information Resource) is loosing his funding… free genetic databases of plants are required.

(Originally on Twitter: Sat Nov 21 14:02:31 +0000 2009)

XHTML parsing with shell tools : starting with grep, awk, xlstproc and now I’m using Python minidom parser. XML & Unix are not friends.

(Originally on Twitter: Sun Nov 22 10:56:23 +0000 2009)

@DidierStevens Thanks. Yes but it’s (was?) very buggy (crashing on XHTML is not uncommon).

(Originally on Twitter: Sun Nov 22 11:12:31 +0000 2009)

@alfamatrix I:scintilla , the new EP seems interesting but my preference clearly goes to Seize and their latest album “Constant fight”…

(Originally on Twitter: Sun Nov 22 11:21:50 +0000 2009)

#Librarything - SantaThing a nice concept for book lovers : http://www.librarything.com/blog/2009/11/santathing-has-arrived.php

(Originally on Twitter: Sun Nov 22 17:59:54 +0000 2009)

@davanac étrange surtout que O’Reilly plaide pour l’utilisation de flash (propriétaire et tueur du web) sur son nouveau “Safari Book Online”

(Originally on Twitter: Sun Nov 22 21:13:20 +0000 2009)

@FFII A good database dump of patents including application : http://bulk.resource.org/patent/intellectual_ventures/

(Originally on Twitter: Tue Nov 24 18:49:29 +0000 2009)

http://www.laquadrature.net/fr/node/2609 – [LeMonde] Le “paquet télécom” adopté par le Parlement européen

(Originally on Twitter: Tue Nov 24 18:57:03 +0000 2009)

@kabel the equilibrium of a good cipher is something surreal until someone (or something) discover the confusion and diffusion are weak.

(Originally on Twitter: Wed Nov 25 22:22:43 +0000 2009)

BeautifulSoup moved from SGMLParser to HTMLParser. So if you are planning to use goodiff-core, please use the version 3.0.7a… grrr

(Originally on Twitter: Thu Nov 26 16:52:24 +0000 2009)

RT @bortzmeyer: #ARIN customers will have to change their AS numbers in the AS conflict case http://bit.ly/5qZnhw

(Originally on Twitter: Thu Nov 26 17:50:04 +0000 2009)

GooDiff released today as free software under the AGPL3 - http://www.gitorious.org/goodiff #goodiff - datasets will follow.

(Originally on Twitter: Thu Nov 26 18:56:29 +0000 2009)

@security4all stacking and stacking software on the access layer… a lot of potential for future vulnerabilities.

(Originally on Twitter: Thu Nov 26 19:06:51 +0000 2009)

Do you know that Google is keeping track of your SMS in Google Talk? http://www.goodiff.org/changeset/563 #goodiff

(Originally on Twitter: Fri Nov 27 07:58:25 +0000 2009)

@antirez do you really want to rely on NSObject/retainCount ? I’m not sure it’ reliable.

(Originally on Twitter: Fri Nov 27 09:59:16 +0000 2009)

@antirez for “black-box” analysis of objects that could make sense. retainCount seems to be a valid choice in such case.

(Originally on Twitter: Fri Nov 27 10:06:02 +0000 2009)

Another good social experiment in the train Today : books are clearly better than ebooks.

(Originally on Twitter: Sun Nov 29 22:16:35 +0000 2009)

@mikebem Have a look at the theories from “Guy Debord”? This could be applicable to Twitter inner operation.

(Originally on Twitter: Mon Nov 30 16:30:41 +0000 2009)

http://www.foo.be/goodiff/GooDiff-FreeSoftwareAgainstLegalGrayGoo.pdf #goodiff slides of the presentation given this Sunday at VJ12.

(Originally on Twitter: Tue Dec 01 22:45:17 +0000 2009)

@elise_huard Is ActiveRecord still not including the root by default when exporting as JSON? This drove me crazy some months ago…

(Originally on Twitter: Thu Dec 03 17:22:36 +0000 2009)

I especially enjoyed giving the statistical definition of “mean” when a French guy asked me for “what’s mean”… he expected something else.

(Originally on Twitter: Fri Dec 04 17:00:20 +0000 2009)

Why is the Magritte museum http://www.musee-magritte-museum.be/ not allowing photo? for security reason… what a joke. #belgique #belgium

(Originally on Twitter: Fri Dec 04 21:35:02 +0000 2009)

@obra we should… #etherpad as free software would be very nice. Especially to follow http://autonomo.us/ rules.

(Originally on Twitter: Fri Dec 04 22:10:01 +0000 2009)

Why is difficult to beat paper : “discovered a 10 years note in a book and I updated the note with today’s pencil” e-paper can do that?

(Originally on Twitter: Sun Dec 06 22:48:57 +0000 2009)

won’t do it any more… “BEGIN { $SIG{‘WARN’} = sub {} }” but sometime it’s needed. #perl

(Originally on Twitter: Tue Dec 08 18:01:05 +0000 2009)

@fcouchet Monty lost the dual-licensing possibility when he transferred the author-rights to Sun…he just broke the viable duality in 2008.

(Originally on Twitter: Tue Dec 08 22:13:09 +0000 2009)

is looking for an HOTP (RFC 4226) implementation on #arduino . If you know something like that let me know…

(Originally on Twitter: Tue Dec 08 22:44:27 +0000 2009)

Maybe it’s time to join the FSF : https://my.fsf.org/associate/support_freedom?referrer=53 - free software for a free society…

(Originally on Twitter: Fri Dec 11 00:04:24 +0000 2009)

Netnews and #NNTP are not dead… RFC5537 and RFC5536 recently published covering transport and message format aspect. #ietf

(Originally on Twitter: Sat Dec 12 11:12:01 +0000 2009)

@superlol p=1? cela veut dire que cela arrive (presque) à chaque fois, donc tu partages la même voiture pour les 300 bornes. mais…

(Originally on Twitter: Sat Dec 12 11:44:03 +0000 2009)

@superlol mais la formule me semble plus compliquée qu’un simple 1-(1/n) où n est le nombre de collègues sur la route en même temps ;-)

(Originally on Twitter: Sat Dec 12 11:48:34 +0000 2009)

I just released a free javascript library for HOTP (RFC4226) : http://gitorious.org/hotp-js next step is to write a friendly js-soft token.

(Originally on Twitter: Sun Dec 13 18:34:23 +0000 2009)

Maybe it’s the time for the #FSF to sponsor and build a free hardware e-book reader? if we want to keep the control on access to e-books.

(Originally on Twitter: Tue Dec 15 06:59:02 +0000 2009)

I just ordered a WikiReader (http://thewikireader.com/)… it’s running free software : http://github.com/wikireader/wikireader we’ll see.

(Originally on Twitter: Wed Dec 16 20:20:23 +0000 2009)

a good summary why current image encryption scheme must not be used #crypto http://arxiv.org/abs/0912.3050

(Originally on Twitter: Thu Dec 17 09:08:32 +0000 2009)

@41414141 http://th.informatik.uni-mannheim.de/People/Lucks/reject.pdf don’t worry, even Turing or Shannon were rejected…

(Originally on Twitter: Fri Dec 18 09:40:13 +0000 2009)

@bortzmeyer the article of the year “…la nécessité de nationaliser ce réseau…” remind me of the “She’s a witch!” made by Monty Python.

(Originally on Twitter: Fri Dec 18 16:23:04 +0000 2009)

Great, etherpad is now released as free software. But the back-end is written in Java/Scala… I admit it, I’m a bit difficult today.

(Originally on Twitter: Sat Dec 19 07:26:26 +0000 2009)

What do recursion in C programming and Howard P. Lovecraft have in common? http://www.bobhobbs.com/files/kr_lovecraft.html #Lovecraft #k&r

(Originally on Twitter: Sun Dec 20 09:53:14 +0000 2009)

RT @bortzmeyer: Java, plus facile que dig ? Le #RIPE-NCC est tombé bien bas :-( http://labs.ripe.net/content/testing-your-resolver-dns-r …

(Originally on Twitter: Tue Dec 22 08:34:19 +0000 2009)

committed some works on #Forban (http://www.gitorious.org/forban) and is working on the opportunistic file sharing functionality #p2p

(Originally on Twitter: Tue Dec 22 18:18:52 +0000 2009)

first successful opportunistic file exchange in #Forban… http://www.gitorious.org/forban

(Originally on Twitter: Wed Dec 23 09:21:38 +0000 2009)

Again while doing backup of my data to my external hard drive, I give money to Salvatore Adamo pff…. http://bit.ly/4W4Eu3 #belgium #wtf

(Originally on Twitter: Thu Dec 24 11:43:25 +0000 2009)

@sam280 the halting model assumes an infinite time of processing or even an infinite state storage. We can’t blindly use the model in sec…

(Originally on Twitter: Fri Dec 25 22:04:37 +0000 2009)

made a quick review of Coders at Work at #LibraryThing www.librarything.com/review/54554769

(Originally on Twitter: Mon Dec 28 08:57:57 +0000 2009)

just experienced a local #p2p exchange of an e-book shelve with a friend in less than 10 minutes using #forban http://www.foo.be/forban/

(Originally on Twitter: Wed Dec 30 23:07:35 +0000 2009)

found an interesting free hardware project to make an universal bridge interface to unknown chips http://code.google.com/p/the-bus-pirate/

(Originally on Twitter: Wed Dec 30 23:13:46 +0000 2009)

Google Android: A State-of-the-Art Review of Security Mechanisms - http://arxiv.org/abs/0912.5101 - a good security review of the android

(Originally on Twitter: Thu Dec 31 09:20:10 +0000 2009)

@hubertguillaud Une piste pour les futures librairies électroniques… ou les clubs de lectures électroniques? http://a.aaaarg.org/

(Originally on Twitter: Thu Dec 31 15:11:09 +0000 2009)

@hubertguillaud cool. le code de Forban est assez alpha (tag 0.0.2) mais cela fonctionne relativement bien.

(Originally on Twitter: Thu Dec 31 15:40:44 +0000 2009)

just saw “inspired by MetaPost but with an improved C++-like syntax.” should be a kind of joke. I hope so.

(Originally on Twitter: Thu Dec 31 16:30:11 +0000 2009)

for people in world.datastore: year2010.happy(people)

(Originally on Twitter: Fri Jan 01 11:20:55 +0000 2010)

Cornell is looking after a funding scheme of arXiv.org in 2010 : http://arxiv.org/help/support #openaccess

(Originally on Twitter: Fri Jan 01 11:32:36 +0000 2010)

Maybe #ACM should support Cornell University Library in the funding of arXiv.org instead of their non-openaccess digital library…

(Originally on Twitter: Fri Jan 01 11:38:35 +0000 2010)

blog posted “Sharing e-Books with your Neighbours” - http://www.foo.be/cgi-bin/wiki.pl/2010-01-01_Sharing_e-Books_with_your_Neighbours

(Originally on Twitter: Fri Jan 01 16:42:24 +0000 2010)

An interesting malware analysis tool called “Malheur” - http://www.mlsec.org/malheur/ relying on the execution behaviour of the malware.

(Originally on Twitter: Sat Jan 02 09:58:31 +0000 2010)

just released GooDiff datasets (git bundle) of raw and processed HTML pages (ToS, Privacy, EULA…) - http://www.gitorious.org/goodiff/

(Originally on Twitter: Sat Jan 02 11:29:16 +0000 2010)

I hate to read peer-reviewed academic papers including pseudocode that is broken and can’t be obviously expressed in any computer language.

(Originally on Twitter: Sat Jan 02 17:07:52 +0000 2010)

@security4all for #FOSDEM, usually a good place to hack is enough. If they offer the possibility to sleep a little bit, it’s even better…

(Originally on Twitter: Sat Jan 02 20:21:44 +0000 2010)

http://blog.gowildchild.com/2010/01/protest-auvibel-tax-2010/ Protest against the #Auvibel and #SABAM extended tax #belgium

(Originally on Twitter: Tue Jan 05 18:34:25 +0000 2010)

A colleague wanted to try #Forban on his iPhone… a brilliant idea. After an installation of Python (and a small bug fix), it worked.

(Originally on Twitter: Tue Jan 05 23:04:52 +0000 2010)

My second cat is officially stupid. I spent the last 15 minutes to fetch him at the top of a pine tree in the neighbour garden.

(Originally on Twitter: Wed Jan 06 22:22:08 +0000 2010)

@guido_steenkamp Happy new year to you too. I especially enjoyed your last photos on flickr. nice work.

(Originally on Twitter: Wed Jan 06 22:26:44 +0000 2010)

http://eprint.iacr.org/2010/006 - 6 months for polynomial selection (80 CPUs) + 2 years for sieving the 768-bit RSA on n100 CPUs interesting

(Originally on Twitter: Thu Jan 07 12:52:45 +0000 2010)

@rbidule arf ;-) but the cat was already in the pine tree before I came back ;-)

(Originally on Twitter: Thu Jan 07 12:58:39 +0000 2010)

@lseltzer SSL/TLS is a hybrid cryptosystem. Symmetric encryption (e.g. AES) is using smaller key size than the asymmetric part (e.g. RSA).

(Originally on Twitter: Thu Jan 07 13:56:32 +0000 2010)

@lseltzer small RSA keys are quite commonly used on smart-card or embedded system. Like the TI calculators http://bit.ly/1q6lE5

(Originally on Twitter: Thu Jan 07 13:59:00 +0000 2010)

@FunkySteph #IT “Doing it wrong” http://www.tbray.org/ongoing/When/201x/2010/01/02/Doing-It-Wrong - interesting article and also comments

(Originally on Twitter: Thu Jan 07 18:32:42 +0000 2010)

Pi computation record http://bellard.org/pi/pi2700e9/announce.html using a single computer. (compared to the previous record)

(Originally on Twitter: Thu Jan 07 22:11:01 +0000 2010)

Another PDF extractor (http://www.inreverse.net/?p=731) but one of my favorite is still origami (http://security-labs.org/origami/) #infosec

(Originally on Twitter: Fri Jan 08 20:56:12 +0000 2010)

http://fr.readwriteweb.com/2010/01/09/nouveautes/concours-remix-logo-hadopi/ - c’est le moment d’exprimer votre créativité contre #HADOPI

(Originally on Twitter: Sat Jan 09 16:34:01 +0000 2010)

Finally we have an SMS URI scheme standardized… the #RFC5724 has been recently published. http://tools.ietf.org/html/rfc5724

(Originally on Twitter: Sat Jan 09 17:46:37 +0000 2010)

@bortzmeyer ah, tu vas être obligé… j’imagine déjà le blog : Utiliser la RFC5724 comme interface REST pour Twitter et identi.ca.

(Originally on Twitter: Sat Jan 09 17:53:19 +0000 2010)

Looks like that Jaron Lanier is lost http://bit.ly/7dXPvU maybe virtual reality is not too good for health… #freesoftware

(Originally on Twitter: Sat Jan 09 21:06:23 +0000 2010)

fixed some bugs in Forban and git tagged as 0.0.4 : http://www.foo.be/forban/ #p2p #forban

(Originally on Twitter: Sun Jan 10 19:16:16 +0000 2010)

A simple Python script for generating a ChangeLog from git log : http://bit.ly/7pnHBG - simple and very handy when doing a release.

(Originally on Twitter: Sun Jan 10 22:08:44 +0000 2010)

@xme same case for me. I will be at #FOSDEM only on Sunday.

(Originally on Twitter: Sun Jan 10 22:18:53 +0000 2010)

http://arxiv.org/abs/1001.1195 “Title: Characterizing Internet Worm Infection Structure” A good paper on the infection capability per host.

(Originally on Twitter: Mon Jan 11 12:39:22 +0000 2010)

@nk_m la taxation des revenus publicitaires sur Internet n’est pas un financement fiable -> l’activité numérique doit se faire +localement.

(Originally on Twitter: Mon Jan 11 13:31:04 +0000 2010)

Wikipedia network just reach the 10Gbit/s http://bit.ly/7cUvdC #wikipedia I’m pretty sure that Britannica network is below ;-)

(Originally on Twitter: Mon Jan 11 20:50:13 +0000 2010)

@tyw7 right… this is just the outbound network traffic but it’s still impressive for a project like wikipedia. ~everyone love metrics…

(Originally on Twitter: Mon Jan 11 21:10:52 +0000 2010)

Icon explanation of free software licensing - http://www.bionicmutton.org/ade/licenses/ nice idea but maybe too much possibilities?

(Originally on Twitter: Mon Jan 11 21:47:07 +0000 2010)

fixed a stupid bug in forban : http://www.foo.be/forban/ and worked on the duplicate content detection protocol in the opportunistic mode

(Originally on Twitter: Tue Jan 12 22:59:23 +0000 2010)

@wikireader Tested recently the wikireader… this is really a great product : simple and efficient. Still inline with W. Cunningham vision

(Originally on Twitter: Tue Jan 12 23:42:44 +0000 2010)

@patrickvw By the way, Netbios/CIFS/SMFS blocked… is always a good news even on a local area network.

(Originally on Twitter: Wed Jan 13 21:13:26 +0000 2010)

@aaaarg this is silly that Verso is sending a cease-and-desist letter. I purchased a book from them due to aaaarg… #copyrightdelirium

(Originally on Twitter: Wed Jan 13 21:36:13 +0000 2010)

@security4all http://www.gmfreeireland.org/health/SeraliniPaper2007.pdf an even more disturbing, especially for a maize on market #MON863

(Originally on Twitter: Fri Jan 15 07:17:54 +0000 2010)

The workaround (using DEP) recommended by Microsoft for the current IE vulnerability is not working (tested with a simple heap) pffff….

(Originally on Twitter: Fri Jan 15 16:20:00 +0000 2010)

a nice analysis of a Java exploit kit malware : http://www.inreverse.net/?p=804

(Originally on Twitter: Fri Jan 15 22:08:12 +0000 2010)

http://bit.ly/6MfiF4 Metasploit now includes a module for the recent IE 6-8 vulnerability. Very nifty…

(Originally on Twitter: Sat Jan 16 06:05:56 +0000 2010)

How dolphins are doing hunting? an interesting technique using “mud-rings” to capture fishes http://bit.ly/5BQuiV #nature #dolphins

(Originally on Twitter: Sat Jan 16 15:46:55 +0000 2010)

just posted a submission for the CfP of the Breizh Entropy Congress http://www.breizh-entropy.org/ #forban

(Originally on Twitter: Sat Jan 16 17:25:43 +0000 2010)

@DidierStevens yep, it looks like and plenty of interesting people. Are you joining? ;-)

(Originally on Twitter: Sat Jan 16 17:55:10 +0000 2010)

@DidierStevens My favourite museum in Barcelona is the Joan Miro Fondation museum. A great one. #art

(Originally on Twitter: Sat Jan 16 19:58:27 +0000 2010)

released Forban 0.0.5 - http://www.foo.be/forban/ (mainly bug fixes for issues kindly reported by current users)

(Originally on Twitter: Sun Jan 17 10:58:45 +0000 2010)

RT @thorstenholz: Challenge 1 of the Honeynet Forensic Challenge 2010 - pcap attack trace: http://bit.ly/4XxS1N

(Originally on Twitter: Mon Jan 18 07:55:36 +0000 2010)

@AlainGerlache Au lieu de pleurer les “produits” InBev, je me demande pourquoi les médias n’aiment pas les producteurs belges indépendants

(Originally on Twitter: Mon Jan 18 21:24:46 +0000 2010)

a classical corporate culture : “It’s easy to provide feedback but near impossible to contribute something useful”

(Originally on Twitter: Wed Jan 20 14:35:24 +0000 2010)

@security4all retooled is not even required. just make a test .exe doing a heap executed with a simple ActiveX, DEP is not catching it ;-)

(Originally on Twitter: Wed Jan 20 15:02:06 +0000 2010)

@security4all good. Maybe some corporate IT dept. should deploy the IE theme of Firefox… just to give an impression to users loving IE ;-)

(Originally on Twitter: Wed Jan 20 18:06:05 +0000 2010)

released Forban 0.0.6 : http://www.foo.be/forban/ - search interface added and clarification of the simple gossip protocol.

(Originally on Twitter: Sat Jan 23 22:34:23 +0000 2010)

#fun, finding funky recruiter looking for PCI-DSS people in the Application Security Specialist (ASS) linkedin grp http://www.asscert.com/

(Originally on Twitter: Sun Jan 24 08:05:30 +0000 2010)

@bortzmeyer je pensais voir une entrée de blog concernant AFTR https://www.isc.org/software/aftr mais je suppose que c’est dans le tuyau ;-)

(Originally on Twitter: Sun Jan 24 20:55:01 +0000 2010)

http://onpeuttoutcopier.be/ - #HADOPI en Belgique : Monfils et le débit de…

(Originally on Twitter: Mon Jan 25 21:56:27 +0000 2010)

Nice to see a good blog post : http://bit.ly/aWZGv1 about the closed and proprietary iPad… and they even use good pictures ;-)

(Originally on Twitter: Wed Jan 27 21:24:05 +0000 2010)

http://unhappyhipsters.com/ - Seeing all those house interior, I’m always wondering if people are living there… where is the bookshelf?

(Originally on Twitter: Fri Jan 29 21:32:39 +0000 2010)

Forban 0.0.7 released - http://www.foo.be/forban/ Fixed 2 major bugs encountered with large files and added a FAQ regarding the protocol.

(Originally on Twitter: Sat Jan 30 15:11:19 +0000 2010)

I’m a fan of #wikileaks but I have the impression to be in “hostage” right now.

(Originally on Twitter: Sun Jan 31 10:11:50 +0000 2010)

#belgium #belgique petition regarding the Auvibel copy tax http://www.petitiononline.com/copytax/petition.html

(Originally on Twitter: Sun Jan 31 10:55:30 +0000 2010)

@timoreilly security theatre is often more the security circus. Healthfood circus looks also more appropriate, seeing their techniques ;-)

(Originally on Twitter: Sun Jan 31 18:58:34 +0000 2010)

#huisclosnet #8clos mais il me semblait les journaux belges étaient déjà en huis-clos avec Belga ;-) @davanac @AlainGerlache

(Originally on Twitter: Sun Jan 31 20:18:16 +0000 2010)

Google changed a bit his privacy FAQ for email ads - http://bit.ly/aBeYbj can you understand the difference? @nitot #GooDiff

(Originally on Twitter: Tue Feb 02 06:21:12 +0000 2010)

RT @41414141: Apple iPhone certificate #facepalm: http://cryptopath.wordpress.com/2010/01/29/iphone-certificate-flaws/ Muuuulti-Fail!

(Originally on Twitter: Tue Feb 02 10:23:50 +0000 2010)

http://bit.ly/9BBhQC - Belgique HADOPI/Licence globale une copie lisible de la session de discussion du journal le soir avec Ecolo et MR.

(Originally on Twitter: Tue Feb 02 13:20:30 +0000 2010)

@at0mium le document vient de chez Belga? l’utilisateur qui a fait la conversion de Word à PDF est cpetit (Cédric Petit?) #hadopi #belgique

(Originally on Twitter: Tue Feb 02 16:11:41 +0000 2010)

http://onpeuttoutcopier.be/?p=85 - HADOPI Belgique – La proposition Monfils promouvoir en interdisant… un étrange concept.

(Originally on Twitter: Tue Feb 02 17:34:03 +0000 2010)

saw that PF in OpenBSD 4.7-current has now a divert(4) function call to queue raw packet from kernel-space to user-space. great news.

(Originally on Twitter: Wed Feb 03 21:46:17 +0000 2010)

made a short presentation about “The Attackers’ Principles”- http://bit.ly/9HJT6z - shortest path to compromise security design

(Originally on Twitter: Thu Feb 04 20:32:19 +0000 2010)

@rbidule thanks a lot. It was nice to see you there.

(Originally on Twitter: Thu Feb 04 20:47:39 +0000 2010)

@rbidule as discussed the excellent exefilter http://www.decalage.info/exefilter/ - to remove active content from any stream

(Originally on Twitter: Thu Feb 04 20:51:57 +0000 2010)

See you tomorrow at #fosdem.

(Originally on Twitter: Sat Feb 06 18:04:07 +0000 2010)

The key-signing at #fosdem : http://www.flickr.com/photos/itkovian/4337983404/ - we must be crazy to be in the cold just for signing keys.

(Originally on Twitter: Sun Feb 07 19:17:54 +0000 2010)

Un excellent article sur le “Coût de l’Open Access en sciences” - http://www.bortzmeyer.org/cout-open-access.html #openaccess

(Originally on Twitter: Sun Feb 07 20:29:39 +0000 2010)

if you fear xml2rfc, there is now rst2rfc - http://code.google.com/p/rst2rfc/ - doing ReStructuredText to the complex RFC XML. #ietf

(Originally on Twitter: Sun Feb 07 20:56:11 +0000 2010)

Is Buzz breaking my public privacy? I don’t explicitly want to share public notices among services (buzz and twitter). #privacy wtf

(Originally on Twitter: Thu Feb 11 12:13:37 +0000 2010)

@KrisBuytaert arf arf… Everyone knew before me. I’m still waiting to get it.

(Originally on Twitter: Thu Feb 11 12:19:21 +0000 2010)

trying to implement a Zeroconf (DNS-SD) extension in Forban but this is too complex and broken especially for gossip/opportunistic protocols

(Originally on Twitter: Fri Feb 12 21:50:26 +0000 2010)

why is the #belgium federal laws so difficult to fetch? moniteur.be is a horror to fetch. do you know a good raw source of the belgium law?

(Originally on Twitter: Fri Feb 12 22:21:26 +0000 2010)

http://bit.ly/7Zw3O - ConneXions (published between 1987 and 1996) is now fully online a nice historical flashback to Internet and networks

(Originally on Twitter: Sun Feb 14 10:05:59 +0000 2010)

“ls -rt1 | tail -100 | xargs gpg –import” crude but works with extracted attachment generated from the wonderful caff(1).

(Originally on Twitter: Sun Feb 14 18:23:27 +0000 2010)

made a bug fix release : Forban 0.0.8 http://www.foo.be/forban/ and also working on an opportunistic hardware box for mobile peer2peer #p2p

(Originally on Twitter: Sun Feb 14 18:50:31 +0000 2010)

@bortzmeyer le pire c’est d’utiliser un #moleskine pour #chatroulette alors que cela pourrait servir pour décrire un nouveau logiciel libre

(Originally on Twitter: Sun Feb 14 20:38:16 +0000 2010)

posted a blog post - Contribute or die? - http://www.foo.be/cgi-bin/wiki.pl/2010-02-14_Contribute_Or_Die

(Originally on Twitter: Sun Feb 14 21:48:41 +0000 2010)

@wikileaks When do you plan to put back online the content? Will you wait for the parliament approval in Iceland?

(Originally on Twitter: Mon Feb 15 05:46:08 +0000 2010)

@karlpro la licence de la bnf privatise toujours le domaine public comme Google books… c’est vraiment dommage.

(Originally on Twitter: Mon Feb 15 20:26:49 +0000 2010)

Elliptics network is a fault tolerant distributed hash table object storage. http://www.ioremap.net/projects/elliptics very interesting

(Originally on Twitter: Mon Feb 15 21:04:57 +0000 2010)

For the fans of Y Combinator #HN, there is now a nifty search engine : http://www.searchyc.com/

(Originally on Twitter: Tue Feb 16 22:02:15 +0000 2010)

forum sur “La Libre” “Faut-il une loi Hadopi en Belgique?” http://bit.ly/bFGmTl #hadopi c’est une bonne occasion… @hadopimayo

(Originally on Twitter: Wed Feb 17 07:04:59 +0000 2010)

RT @thorstenholz: Honeynet Challenge 2 of the Forensic Challenge 2010 - browsers under attack (http://bit.ly/b3A8aF)

(Originally on Twitter: Wed Feb 17 07:08:56 +0000 2010)

@security4all they are using emails from LinkedIn groups ;-)

(Originally on Twitter: Wed Feb 17 09:38:09 +0000 2010)

@security4all at least they grab it there for me. as the email is only used at that place… strange. maybe the classical spammer database

(Originally on Twitter: Wed Feb 17 09:45:43 +0000 2010)

http://pleaserobme.com/ Using twitter to know where people are and where empty houses are… #fun #privacy

(Originally on Twitter: Wed Feb 17 17:44:53 +0000 2010)

@bortzmeyer RFC 5572 bel article. C’est dommage qu’il manque encore un serveur libre… j’en suis toujours à utiliser tinc comme serveur.

(Originally on Twitter: Fri Feb 19 11:26:56 +0000 2010)

Experimented today fast security assessment (of DokuWiki and MojoMojo) with my students : 4 hours is too short especially for MoJoMojo ;-)

(Originally on Twitter: Sat Feb 20 15:53:06 +0000 2010)

Tor project server compromised (20 Jan 2010) : http://archives.seul.org/or/talk/Jan-2010/msg00161.html - I missed that info/news.

(Originally on Twitter: Sun Feb 21 17:57:27 +0000 2010)

Just finish the reading of Keith Haring Journals http://www.librarything.com/work/326947 an interesting journal if you are a fan like me.

(Originally on Twitter: Mon Feb 22 22:16:20 +0000 2010)

@kabel they should look for “cheap satellite card” ;-)

(Originally on Twitter: Tue Feb 23 17:02:12 +0000 2010)

http://bit.ly/9tFOw1 an open source logic analyzer - guys at dangerousprototypes are crazy… #diy

(Originally on Twitter: Thu Feb 25 23:07:34 +0000 2010)

Living stories released as free software - http://code.google.com/p/living-stories/ - maybe a good way to improve journalism and deep news

(Originally on Twitter: Thu Feb 25 23:25:29 +0000 2010)

If you don’t want the ITU to run the Internet - http://www.ripe.net/news/2010-be-heard.html - it’s time to be heard…

(Originally on Twitter: Fri Feb 26 16:56:17 +0000 2010)

@bortzmeyer Are you willing to give ITU the possibility to be a RIR? messing up RIR processes it’s one way to control more the Internet….

(Originally on Twitter: Fri Feb 26 17:29:19 +0000 2010)

RT @xme: Hitler rails against #cloud #security! http://bit.ly/cwgHX9

(Originally on Twitter: Sat Feb 27 08:19:52 +0000 2010)

@bortzmeyer right but I’m just very dubious for #ITU becoming a RIR while they are not even able to provide free access to their standards.

(Originally on Twitter: Sat Feb 27 21:30:22 +0000 2010)

@bortzmeyer Yes but not ITU-R and ITU-D except if I missed the interface ;-)

(Originally on Twitter: Sat Feb 27 22:25:47 +0000 2010)

agendajardin.be ajout d’un forum de discussion pour les jardins naturels en #Belgique et ailleurs http://www.agendajardin.be/ #jardin

(Originally on Twitter: Sun Feb 28 15:46:43 +0000 2010)

“L’économie du domaine public… Freud peut nous aider” sur onpeuttoutcopier.be - http://bit.ly/bAzTGW #copyright #droit #belgique

(Originally on Twitter: Sun Feb 28 17:25:26 +0000 2010)

@rtbf @rtbflabs C’est bien de mettre les videos en streaming mais un download serait mieux… surtout à des fins pédagogiques @AlainGerlache

(Originally on Twitter: Sun Feb 28 19:08:53 +0000 2010)

Today, a colleague installed X11 on an OpenBSD machine on the public Internet. The machine is not a honeypot just a regular router… hmmmm

(Originally on Twitter: Tue Mar 02 15:00:22 +0000 2010)

@xme #SCADA security can be resumed in plenty of TCP/UDP raw socket with just undocumented protocol… At least, I seen this in 3 cases ;-)

(Originally on Twitter: Wed Mar 03 12:45:44 +0000 2010)

Why DRM doesn’t work? a nice visual explanation of an user experience downloading an audio-book : http://bit.ly/a44xAm #copyright #drmsucks

(Originally on Twitter: Wed Mar 03 21:16:27 +0000 2010)

Google removed some interesting questions from their #Privacy FAQ and made some updates http://bit.ly/92fUcK #goodiff #google

(Originally on Twitter: Thu Mar 04 07:13:23 +0000 2010)

First #NAT64 test, works nice but Bittorrent doesn’t work as seeders are using IPv4 addresses and not hostname… note : NAT64 is DNS based.

(Originally on Twitter: Thu Mar 04 16:20:12 +0000 2010)

Un bel exemple de l’indépendance de la presse en #Belgique francophone : http://bit.ly/99C9QB Elle attaque quoi après? Les blogueurs? #press

(Originally on Twitter: Fri Mar 05 13:37:25 +0000 2010)

Fault-Based Attack of #RSA Authentication http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf nice one…

(Originally on Twitter: Fri Mar 05 13:43:33 +0000 2010)

RT @fcouchet: “Logiciel libre et économie de la contribution : le temps de la déprolétarisation” c’est samedi à Paris http://ur1.ca/ogxx

(Originally on Twitter: Fri Mar 05 14:17:50 +0000 2010)

@bortzmeyer impressionnant surtout Finkielkraut… c’est marrant sa dernière œuvre “Un cœur intelligent” est un condensé d’autres œuvres.

(Originally on Twitter: Fri Mar 05 17:19:46 +0000 2010)

@elise_huard looks like that you are engaging yourself into experimental political activism…

(Originally on Twitter: Fri Mar 05 20:51:30 +0000 2010)

@bortzmeyer sur le même sujet : http://www.flickr.com/photos/adulau/4137514619/ ma préférence se dirige clairement vers Ivan Illich

(Originally on Twitter: Sat Mar 06 17:53:27 +0000 2010)

just released Forban 0.0.9 - http://www.foo.be/forban/ mainly bug fixes but the time to discover and share content is greatly improved #p2p

(Originally on Twitter: Sun Mar 07 15:46:22 +0000 2010)

If you want to demo your #p2p software at #USENIX IPTPS ‘10, it’s still the time : http://www.usenix.org/event/iptps10/cfp/#demo

(Originally on Twitter: Sun Mar 07 17:08:11 +0000 2010)

For the nostalgic, the source code of NCSA Mosaic : http://github.com/alandipert/ncsa-mosaic (you can even compile it on GNU/Linux)

(Originally on Twitter: Tue Mar 09 07:23:21 +0000 2010)

Je viens encore de voir ma photo de thon rouge dans un magazine : http://www.flickr.com/photos/adulau/3723695257/ mais sans mention…

(Originally on Twitter: Sat Mar 13 12:29:03 +0000 2010)

@cloudsecurite Le plus souvent avec un Canon 50D et du EF 28-135 ou du EF 35mm f/1.4L (mes favoris ;-)

(Originally on Twitter: Sat Mar 13 21:41:10 +0000 2010)

Comment combattre l’abus du droit d’auteur? http://onpeuttoutcopier.be/?p=147 sur #onpeuttoutcopier #copyright

(Originally on Twitter: Sun Mar 14 19:47:04 +0000 2010)

“The Brave New World of Bodacious Assumptions in Cryptography” a very interesting article about “proofs of security” http://bit.ly/aqEPqI

(Originally on Twitter: Wed Mar 17 07:07:40 +0000 2010)

RFC5830-5832 is now covering GOST (the Russian cryptographic algorithm suite) not standard just informational but still very interesting

(Originally on Twitter: Wed Mar 17 21:11:32 +0000 2010)

with git, you can learn a new command every day (hour?), like the nifty “git replace” - http://progit.org/2010/03/17/replace.html

(Originally on Twitter: Wed Mar 17 21:54:28 +0000 2010)

@mikebem You could make a hack to add Bayesian filtering to your log collection mechanism and make @theodric and I happy.

(Originally on Twitter: Thu Mar 18 06:36:03 +0000 2010)

“Superfast Scanner Lets You Digitize a Book By Rapidly Flipping Pages” http://bit.ly/at9AS2 handy for saving the public domain books

(Originally on Twitter: Thu Mar 18 17:54:35 +0000 2010)

#ACTA, the point of view of the European commissioner for trade http://bit.ly/9BKOaa shows us that they don’t understand the implication

(Originally on Twitter: Fri Mar 19 06:24:03 +0000 2010)

@superlol from the article “Virtualization itself is not inherently insecure…” already disqualified the article along with Gartner quote.

(Originally on Twitter: Sat Mar 20 08:04:03 +0000 2010)

objgraph is a great tool especially to visualize when you have some ugly memory leak in an obscure lib - #python http://mg.pov.lt/objgraph/

(Originally on Twitter: Sun Mar 21 09:46:21 +0000 2010)

released Forban 0.0.10 #p2p - more bug fixed and a slight update in the protocol. http://www.foo.be/forban/ works but still experimental

(Originally on Twitter: Sun Mar 21 19:56:35 +0000 2010)

http://www.laquadrature.net/en/node/3100 – ACTA and the European Commission: The great escape

(Originally on Twitter: Mon Mar 22 17:01:02 +0000 2010)

http://www.laquadrature.net/en/node/3098 – New ACTA leak: 01/18 version of consolidated text

(Originally on Twitter: Tue Mar 23 17:24:37 +0000 2010)

http://bit.ly/d7ULtm Private Information Disclosure from Web Searches (or why Google suspended personalized suggestions…) #privacy

(Originally on Twitter: Wed Mar 24 06:53:57 +0000 2010)

will be the 16/04 at Breizh Entropy for giving a talk about #forban #p2p - http://www.breizh-entropy.org/

(Originally on Twitter: Wed Mar 24 17:08:32 +0000 2010)

Yesterday, we saw a very nice “Circular Halo”/”22° halo” around the moon #belgium #belgique #gaume

(Originally on Twitter: Thu Mar 25 06:37:50 +0000 2010)

Why PKI (X.509) designs are so broken, another good example : http://files.cloudprivacy.net/ssl-mitm.pdf #itoldyouso

(Originally on Twitter: Thu Mar 25 13:07:50 +0000 2010)

released Forban 0.0.11 - http://www.foo.be/forban/ - the silly caching bug is now fixed. #p2p

(Originally on Twitter: Thu Mar 25 15:51:56 +0000 2010)

http://labs.moto.com/robot_touchscreen_analysis/ Robot versus Touchscreen - an interesting way to evaluate touchscreen

(Originally on Twitter: Thu Mar 25 18:49:43 +0000 2010)

Another good example where rekeying is often a bad idea #cryptography http://www.educatedguesswork.org/2010/03/against_rekeying.html

(Originally on Twitter: Sat Mar 27 08:05:47 +0000 2010)

@xme it’s the TCF server.

(Originally on Twitter: Sat Mar 27 09:10:26 +0000 2010)

@xme it’s Thin Client Framework used for some java apps. But Oracle has the ugly habit to change the default ports to meaningless port num.

(Originally on Twitter: Sat Mar 27 09:13:30 +0000 2010)

@xme I read 15000 (this is the TCF) but you wrote 12500 (rmi) ;-) sorry.

(Originally on Twitter: Sat Mar 27 09:25:08 +0000 2010)

RT @DidierStevens: RT: @wimremes: RT @torproject: Life without a CA: https://blog.torproject.org/blog/life-without-ca < yeah that !

(Originally on Twitter: Sat Mar 27 09:39:51 +0000 2010)

@fcouchet http://www.flickr.com/photos/caterina/3270176074/ single tasking and #gtd - some nice rules

(Originally on Twitter: Sat Mar 27 16:36:50 +0000 2010)

@karlpro could this be one of the factor for the strong electronic music movement in Detroit?

(Originally on Twitter: Sat Mar 27 23:28:55 +0000 2010)

Forban is now running on the #OLPC (XO-1/8.2.1) without external dependencies http://www.foo.be/forban/ to be available in version 0.0.12

(Originally on Twitter: Sun Mar 28 07:20:01 +0000 2010)

Where can I officially buy FLAC or mp3 of Laurent Garnier latest album? without the stupid #DRM of 7digital… #pias still someone on-board?

(Originally on Twitter: Sun Mar 28 14:59:27 +0000 2010)

@piasrecordings Can we buy somewhere (even at a higher price) tracks from your artists without #DRM?

(Originally on Twitter: Sun Mar 28 15:04:34 +0000 2010)

Enjoying the sounds of New York on http://twestival-fm.com/cities/17001 - a track by Moby @twestival

(Originally on Twitter: Sun Mar 28 20:27:29 +0000 2010)

“EphCOM: Practical Ephemeral Communications” - allowing a user to assign an expiration time to her private data http://bit.ly/bYbBNq

(Originally on Twitter: Wed Mar 31 09:08:04 +0000 2010)

Forban (git master branch) is now able to run on the Nokia N900 - http://www.foo.be/forban/ #p2p #filesharing

(Originally on Twitter: Wed Mar 31 13:42:37 +0000 2010)

Why EU Commissioners are focusing on blocking Internet? http://www.edri.org/edrigram/number8.5/edri-open-letter-internet-blocking

(Originally on Twitter: Wed Mar 31 14:18:40 +0000 2010)

@0x58 I hope this is just a lack of knowledge and not an attempt to extent control in the cyberspace. Maybe we could callback John P. Barlow

(Originally on Twitter: Wed Mar 31 14:52:37 +0000 2010)

OpenAMQ is now discarded in favour of ZeroMQ - another example of “design by committee” failure… http://bit.ly/bKDEgE

(Originally on Twitter: Wed Mar 31 16:54:17 +0000 2010)

Have you read “Reality Hunger” from David Shields? Is it an interesting reading? Or something to avoid? #Books

(Originally on Twitter: Wed Mar 31 17:57:31 +0000 2010)

RT @ls01: Bon Gallimard attaque Google, on le sait, on s’en doutait… Mais au fait quid de Gallimard vs Wikisource? ( @wikimedia_fr, news?)

(Originally on Twitter: Wed Mar 31 18:48:25 +0000 2010)

@challpiri http://identi.ca/adulau je “cross-poste” entre les deux…

(Originally on Twitter: Thu Apr 01 15:06:04 +0000 2010)

If you are using softraid(4) on OpenBSD, the format changed after 4.7 - http://www.undeadly.org/cgi?action=article&sid=20100326172808

(Originally on Twitter: Thu Apr 01 18:49:23 +0000 2010)

Time Division Multiple Access (TDMA) process as a Perl module - crazy but useful for testing : http://search.cpan.org/~alex/Net-TDMA/

(Originally on Twitter: Fri Apr 02 12:44:16 +0000 2010)

If you are using tcpdump -X/-x with ‘cut/sed/awk’, maybe you should consider using the -A option in tcpdump…

(Originally on Twitter: Sat Apr 03 11:12:12 +0000 2010)

#hacklu hack.lu 2010 CfP (Call for Papers) will be released this weekend. The conference will take place 27-29 October 2010 in Luxembourg.

(Originally on Twitter: Sat Apr 03 11:24:58 +0000 2010)

Vu dans lemonde “En inventant l’ordinateur, Alan Turin ne se doutait pas qu’il jouait à l’apprenti sorcier “ Turing… http://bit.ly/cFfw0y

(Originally on Twitter: Sat Apr 03 20:24:39 +0000 2010)

@DidierStevens Arf, en effet et si je peux ajouter : “Le poids de l’ennui, le choc des paupières et le fardeau de l’abonnement”… #lemonde

(Originally on Twitter: Sat Apr 03 20:42:44 +0000 2010)

hack.lu 2010 call for papers - http://2010.hack.lu/cfp-hacklu2010.txt - http://2010.hack.lu/cfp/ #hacklu #cfp

(Originally on Twitter: Sun Apr 04 16:40:34 +0000 2010)

A couple of common magpie is building a nest in our garden but the nest looks more the Marsupilami’s nest than the traditional magpie nest.

(Originally on Twitter: Mon Apr 05 08:08:02 +0000 2010)

RT @ppinternational: Final Version of “Copying Is Not Theft” Released! #video http://questioncopyright.org/

(Originally on Twitter: Mon Apr 05 09:41:20 +0000 2010)

radio panik - http://www.radiopanik.org/ if you want to listen something different with a touch of art.

(Originally on Twitter: Mon Apr 05 10:34:22 +0000 2010)

@pp_belgium panel 1 and 2 are just there to congratulate themselves about the need of collective rights organizations. a strange world.

(Originally on Twitter: Mon Apr 05 10:49:43 +0000 2010)

Vangelis and collective rights organization, an interesting point of view regarding the transfer of rights http://bit.ly/aaxqFJ #copyright

(Originally on Twitter: Mon Apr 05 10:57:09 +0000 2010)

Discussions about “the Research Non-Assertion Pledge and the Public Patent License.” at #CC http://bit.ly/dbyR0U

(Originally on Twitter: Tue Apr 06 17:33:35 +0000 2010)

RFC 5785 “Defining Well-Known Uniform Resource Identifiers (URIs)” seems a good move - what will be the first application in the registry?

(Originally on Twitter: Wed Apr 07 17:06:24 +0000 2010)

A CVE tracker for Ubuntu - very handy to know the security state of your current release : http://bit.ly/9SS8pT

(Originally on Twitter: Thu Apr 08 06:31:48 +0000 2010)

RT @HowardLovecraft: Hours spent securing the basement door to prevent a unspeakable fiend from gnawing its way into my living quarters.

(Originally on Twitter: Fri Apr 09 05:50:46 +0000 2010)

“Bluebear: Exploring Privacy Threats in BitTorrent” - http://bit.ly/ckLKfq

(Originally on Twitter: Fri Apr 09 14:02:09 +0000 2010)

Have you ever seen flies in a Cisco router? http://www.chronix.org/muchy/

(Originally on Twitter: Fri Apr 09 15:33:25 +0000 2010)

@KrisBuytaert No. The equipment with the bugs is much more modern than yours ;-)

(Originally on Twitter: Fri Apr 09 15:47:14 +0000 2010)

@0x58 We tested Ecdysis NAT64 (the OpenBSD/pf version + unbound patched). Works great except for protocols with hardcoded v4 addr…

(Originally on Twitter: Sun Apr 11 08:24:37 +0000 2010)

I just released Forban 0.0.14 (an opportunistic p2p file-sharing application for personal/local area networks) - http://www.foo.be/forban/

(Originally on Twitter: Sun Apr 11 14:07:17 +0000 2010)

posted a comment “Composting McDonald Happy Meal” This could have been a better experiment http://news.ycombinator.com/item?id=1256516

(Originally on Twitter: Sun Apr 11 15:03:58 +0000 2010)

is preparing his presentation for the Breizh Entropy Congress - http://www.breizh-entropy.org/

(Originally on Twitter: Sun Apr 11 17:03:09 +0000 2010)

@raphaelhenry la situation est même pire pour la sécurité du “cloud computing”, les certifications (ex. PCI DSS) -> une fausse perception

(Originally on Twitter: Mon Apr 12 09:05:02 +0000 2010)

@mikebem @FunkySteph and don’t forget the sneakers. 2 pink pastel air max and yellow air jordan for the staff ;-) -> michael-import/export

(Originally on Twitter: Mon Apr 12 11:04:54 +0000 2010)

#ACTA and the search in the Council of the European Union - http://bit.ly/di1NaY gives a good overview of the “transparency” about it

(Originally on Twitter: Mon Apr 12 12:29:08 +0000 2010)

RT @arbornetworks: Fake ICPP violation alert due to malcode, affects BitTorrent users. http://is.gd/bpyQH More from @FSLabs http://is.gd …

(Originally on Twitter: Mon Apr 12 12:49:42 +0000 2010)

a list of twitter account about information security : http://www.security-faqs.com/infosec-on-twitter good but not exhaustive

(Originally on Twitter: Mon Apr 12 16:45:31 +0000 2010)

Comparison of Python cryptographic modules : http://mikeivanov.com/pc/python-crypto.pdf #crypto #python

(Originally on Twitter: Tue Apr 13 05:47:47 +0000 2010)

Full history dump for English Wikipedia is back - http://bit.ly/cGgmZe - #wikipedia #dataset #research

(Originally on Twitter: Wed Apr 14 08:12:05 +0000 2010)

“If the data structure can’t be explained on a beer coaster, it’s too complex.” see in Felix von Leitner presentation - http://bit.ly/2FYaPY

(Originally on Twitter: Wed Apr 14 08:32:40 +0000 2010)

RT @pp_belgium: Droits de qui ? Merci SABAM : http://ping.fm/F6Xnh

(Originally on Twitter: Wed Apr 14 08:57:26 +0000 2010)

@jennamcjenna like that, they are ready to get up for work too. Maybe I read too much of Ivan Illich - “Deschooling Society”

(Originally on Twitter: Wed Apr 14 11:21:30 +0000 2010)

“Cryptanalysis of the DECT Standard Cipher” + practical attack - http://bit.ly/aYQK5d #crypto

(Originally on Twitter: Wed Apr 14 14:29:35 +0000 2010)

The presentation given at Breizh Entropy about Forban : http://bit.ly/akPjEk - forban an opportunistic link-local p2p free software

(Originally on Twitter: Fri Apr 16 10:06:49 +0000 2010)

@mikebem if you have an issue with the cat, let us know… We could eat^H^H^H move the cat in Belgium ;-)

(Originally on Twitter: Mon Apr 19 11:47:51 +0000 2010)

street art in Rennes or again walking in the streets to find the unexpected… - http://www.bit.ly/b6vaTM

(Originally on Twitter: Mon Apr 19 21:49:50 +0000 2010)

“Government requests directed to Google and YouTube” - http://www.google.com/governmentrequests/ #censorship

(Originally on Twitter: Wed Apr 21 05:37:59 +0000 2010)

a good course and overview about “Probabilistic Modeling “ http://bit.ly/9vRtfG

(Originally on Twitter: Thu Apr 22 21:31:59 +0000 2010)

Belgium doesn’t exist as a country but as an art performance. It’s better to love art than a country. #belgium #belgique #art

(Originally on Twitter: Sat Apr 24 07:31:56 +0000 2010)

Le logiciel libre pour une société libre et conviviale - http://bit.ly/9FXPhX - dernière présentation du jour…

(Originally on Twitter: Sat Apr 24 20:41:33 +0000 2010)

@TheCopia Would it possible to put my existing (and non-DRM) e-books into copia?

(Originally on Twitter: Sun Apr 25 05:25:06 +0000 2010)

For the book lovers that like to carry books everywhere in the house or office, http://www.lebouc.be/ a nice (Belgian) design.

(Originally on Twitter: Sun Apr 25 08:13:09 +0000 2010)

@davanac “Killed by ppt” http://www.edwardtufte.com/bboard/q-and-a-fetch-msg?msg_id=0001yB the nice article from Edward Tufte

(Originally on Twitter: Tue Apr 27 15:00:32 +0000 2010)

http://mixtapeamnesty.ie/ “The amnesty was created in an effort to finally rid the country of illegally taped music.” #fun #copyright

(Originally on Twitter: Wed Apr 28 11:39:32 +0000 2010)

Forban 0.0.15 released (mainly bug fixes) http://www.foo.be/forban/ - an epidemic p2p file-sharing free software.

(Originally on Twitter: Wed Apr 28 20:31:58 +0000 2010)

spock is now intelius http://bit.ly/duFJg5 #goodiff #privacy - privacy policy updated according to that change.

(Originally on Twitter: Thu Apr 29 06:52:39 +0000 2010)

Do you want to black-hole a product and the OpenPGP standard? easy, you’ll just need to be acquired by Symantec. #pgp

(Originally on Twitter: Thu Apr 29 14:48:56 +0000 2010)

just released Forban 0.0.17 (protocol slightly improved with HMAC in announce to avoid recurring index download) http://foo.be/forban/ #p2p

(Originally on Twitter: Sun May 02 15:07:53 +0000 2010)

hiking in the woods, saw a young fox next to a Canada goose… and guess what? I didn’t took my camera coz I never see anything at that time

(Originally on Twitter: Sun May 02 20:40:05 +0000 2010)

@rbidule next to each other? that would make a great shot too…

(Originally on Twitter: Sun May 02 21:06:27 +0000 2010)

@zoobab The FUD is coming from this silly post of ZDNet. It would more wise to distribute the FSF argumented facts than the ZDNet “news”…

(Originally on Twitter: Mon May 03 09:47:12 +0000 2010)

@AlainGerlache en plus c’est toujours les mêmes qui doivent tenir le bureau de vote. j’ai envie dire “il fallait les prévoir plus tôt”…

(Originally on Twitter: Mon May 03 09:50:59 +0000 2010)

@fboule at the edge of the Chiny forest in Gaume. That why I was disgusted to not have my camera with me (usually not the case ;-).

(Originally on Twitter: Mon May 03 15:27:22 +0000 2010)

RT @bortzmeyer: “99 % of routing accidents on the Internet are origination errors. Fixing them with the RPKI will fix a lot of problems. …

(Originally on Twitter: Mon May 03 15:31:53 +0000 2010)

“Information-action Ratio or What’s Your Opinion About Belgian Politics?” #belgium #media http://bit.ly/a9QLIV

(Originally on Twitter: Mon May 03 20:23:49 +0000 2010)

Deletable Bloom filter, useful when you want to delete an element without affecting the rest of the set. http://arxiv.org/abs/1005.0352

(Originally on Twitter: Tue May 04 05:53:01 +0000 2010)

Fuzzdb - a database for fuzzing including patterns to fuzz and expected response format - great idea http://code.google.com/p/fuzzdb/

(Originally on Twitter: Tue May 04 13:44:14 +0000 2010)

The pirate party in Belgium is looking for signature for the election to come - http://bit.ly/dlyimj #belgium #belgique

(Originally on Twitter: Tue May 04 18:40:43 +0000 2010)

Today, I encountered again a “deletionist” on Wikipedia. Would it possible to delete a “deletionist”? #wikipedia

(Originally on Twitter: Tue May 04 21:39:44 +0000 2010)

@challpiri http://meta.wikimedia.org/wiki/Deletionist http://meta.wikimedia.org/wiki/Deletionism

(Originally on Twitter: Tue May 04 21:42:27 +0000 2010)

“A fast, fuzzy, full-text index using Redis” - http://bit.ly/bXZIVc

(Originally on Twitter: Wed May 05 20:52:51 +0000 2010)

Comparing genomes from Escherichia Coli to the Linux kernel call graph - http://bit.ly/ajoNVD

(Originally on Twitter: Thu May 06 08:24:32 +0000 2010)

@xme great, good news. Could we have a copy of the slides?

(Originally on Twitter: Thu May 06 11:52:22 +0000 2010)

Ryzom Core is finally released as free software (AGPLv3) including artistic asset (CC-BY-SA) - http://dev.ryzom.com/news/13

(Originally on Twitter: Thu May 06 13:19:52 +0000 2010)

Lost in a lemma proof… where the array gets also lost with an impossible index. Reading papers could sometimes affect your health…

(Originally on Twitter: Fri May 07 20:58:12 +0000 2010)

@ChrisJohnRiley if this is for Python data structure, there is pprint (pretty print) part of the standard library.

(Originally on Twitter: Sat May 08 20:49:58 +0000 2010)

@roessler I like the idea of Ignite… By the way, the #01 in Brussels was last February. So it’s not too late for the Luxembourg.

(Originally on Twitter: Sat May 08 20:54:07 +0000 2010)

RT @ddenis: La Sabam veut faire payer le web: http://bit.ly/csezpj #etraces

(Originally on Twitter: Mon May 10 08:55:05 +0000 2010)

RT @pp_belgium: Non seulement nous ne pouvons pas nous présenter mais apparament nous ne pouvons pas parler non plus : http://bit.ly/c3phHY

(Originally on Twitter: Tue May 11 10:50:57 +0000 2010)

Just saw a scammer using Google Docs to fill form…those scammers, they are very trendy, they use SaaS. #security #scam #cloud

(Originally on Twitter: Tue May 11 11:55:57 +0000 2010)

.de TLD seems accessible for domains starting from a-e but not after… just tested with a simple “dig -t NS <X> @a.nic.de” hmmmm @i0n1c

(Originally on Twitter: Wed May 12 12:30:23 +0000 2010)

@bortzmeyer Thanks. this is matching. do you know if #DENIC is working on it? I suppose so…

(Originally on Twitter: Wed May 12 12:43:23 +0000 2010)

@pp_belgium where can I send the scan of my signature?

(Originally on Twitter: Wed May 12 15:16:36 +0000 2010)

@wikireader http://thewikireader.com/update.html FYI, The URLs for the update are broken. Could you check? Thank you.

(Originally on Twitter: Thu May 13 11:54:21 +0000 2010)

Looking back to old (2002) slides from #Microsoft about the GNU #GPL, this is so ludicrous… - http://bit.ly/9BBnVM

(Originally on Twitter: Thu May 13 13:14:26 +0000 2010)

@0x58 Sometime I’m calling them (if there is a phone number) and you can have fun… & at the same time, it’s blocking their scam business.

(Originally on Twitter: Thu May 13 13:45:11 +0000 2010)

If I have to name the free software of the year, it will be redis ! http://code.google.com/p/redis/ #redis “intersection rules”

(Originally on Twitter: Thu May 13 14:41:46 +0000 2010)

Forban 0.0.18 released - Win32 support added. #p2p opportunistic over lan - http://www.foo.be/forban/

(Originally on Twitter: Fri May 14 17:58:02 +0000 2010)

RFC 5848 is published - “Signed Syslog Messages” - an excellent news.

(Originally on Twitter: Fri May 14 18:08:56 +0000 2010)

“git fast-import” saved again my life #git

(Originally on Twitter: Sat May 15 22:11:07 +0000 2010)

Libre Graphics Meeting 2010 Brussels 27-30 May - feel free to make a donation #lgm - http://pledgie.com/campaigns/8926

(Originally on Twitter: Sun May 16 11:52:17 +0000 2010)

@nitot même un tcpdump peut enregistrer une partie du payload dans une même capture avec une petite valeur de “-s”. #medium-fail #google

(Originally on Twitter: Sun May 16 15:17:36 +0000 2010)

@patrickvw Le vote électronique? le vote papier fonctionne mieux, plus facilement contrôlable par tous et pour un coût moindre.

(Originally on Twitter: Mon May 17 11:05:28 +0000 2010)

@patrickvw le vote électronique n’est pas une solution valide quand il existe déjà le vote papier. Quelle est la position du pirate party?

(Originally on Twitter: Mon May 17 11:18:11 +0000 2010)

@patrickvw Merci pour l’info. J’ai une grosse préférence pour le vote papier uniquement… mais je n’ai rien dit.

(Originally on Twitter: Mon May 17 11:37:27 +0000 2010)

@patrickvw Je connais le mécanisme de contrôle : une impression sur papier. Comme quoi un bon vote papier, c’est imbattable. @bortzmeyer

(Originally on Twitter: Mon May 17 12:08:04 +0000 2010)

finds silly a media website talking about insecurity of web browsing when they have external links in flash and js to untrusted sites…

(Originally on Twitter: Tue May 18 12:13:01 +0000 2010)

Spammer trick of the day : “using Google Picasa notification for spamming” handy as you don’t have a X-Originating-Ip header…

(Originally on Twitter: Tue May 18 12:33:32 +0000 2010)

@xme how can you do risk management of an iPhone? if any application from the AppleStore can be installed by the user ;-)

(Originally on Twitter: Tue May 18 13:00:20 +0000 2010)

@xme right but the reality is often far away from any formal risk analysis but you know better than me.

(Originally on Twitter: Tue May 18 13:12:18 +0000 2010)

RT @rommelfs: R.I.P. newzbin.com - we’ve had a good time

(Originally on Twitter: Wed May 19 05:46:31 +0000 2010)

@theodric You’re right. The bar picture looks like michael… but you know he is so used to be lost in underground activities.

(Originally on Twitter: Wed May 19 15:53:14 +0000 2010)

More than 20 minutes for a survey from #ACM, I gave up….

(Originally on Twitter: Thu May 20 22:22:07 +0000 2010)

The today’s bug report in Firefox : http://support.mozilla.com/en-US/forum/1/677839 #fun

(Originally on Twitter: Fri May 21 19:24:04 +0000 2010)

WebSDR - real-time tuning on a radio from a 80m antenna http://websdr.ewi.utwente.nl:8901/ #SDR Impressive !

(Originally on Twitter: Fri May 21 19:34:29 +0000 2010)

Why I like to keep wild grasses in my garden http://bit.ly/cFsYmm http://bit.ly/aFcXnV - #biodiversity

(Originally on Twitter: Sat May 22 10:33:54 +0000 2010)

Does someone know the HTTP crawler ““P.Arthur 1.1” and especially using IPv6? It’s from China (PKU6-CERNET2)… looks strange

(Originally on Twitter: Mon May 24 09:13:59 +0000 2010)

@cvandeplas I want to vote for a party who is not brandishing flags and leaving people freedom. But does this exist? #belgium

(Originally on Twitter: Mon May 24 09:37:34 +0000 2010)

good point… RT @HSGhent Roundtable Workshop Format http://post.ly/cJH0

(Originally on Twitter: Mon May 24 09:44:05 +0000 2010)

@jmjavaux @AlainGerlache L’enjeux c’est de rester libre et d’avoir un équilibre pour toutes les communautés et sans brandir des drapeaux…

(Originally on Twitter: Mon May 24 10:55:46 +0000 2010)

just posted “Information wants to be free” is now becoming an axiom - http://bit.ly/c4AlG4

(Originally on Twitter: Mon May 24 16:58:46 +0000 2010)

@wragge Some more machine tags - http://www.foo.be/cgi-bin/wiki.pl/MachineTag #fmtc

(Originally on Twitter: Mon May 24 18:09:08 +0000 2010)

Tabbing in a browser can be dangerous - a simple way to make a phishing attack… - http://bit.ly/b6c0ov

(Originally on Twitter: Tue May 25 05:52:28 +0000 2010)

@pbeyssac old pictures from #rms … but without the glasses ;-) http://www.foo.be/photo/rms/

(Originally on Twitter: Wed May 26 11:34:34 +0000 2010)

loves to rewrite an ugly software from Java to Python especially when the code is reduced by 10 and it’s 4 times faster…

(Originally on Twitter: Wed May 26 21:25:57 +0000 2010)

In the series, #git is wonderful : “git-notes allows to add notes on an object without touching the object/commit” nice for annotation…

(Originally on Twitter: Wed May 26 22:05:23 +0000 2010)

Protest #ACTA http://www.acta-action.eu - contact your #MEP

(Originally on Twitter: Thu May 27 12:03:58 +0000 2010)

Does someone know a vendor selling HOTP-compatible token alone? the majority of the vendors are bound to their proprietary software…

(Originally on Twitter: Thu May 27 13:59:53 +0000 2010)

Today’s calculation : each iPad owner needs to read at least 15 books/year to amortize the cost of the iPad within 1 year. Amortized? hahaha

(Originally on Twitter: Thu May 27 16:35:13 +0000 2010)

Will be tomorrow at #lgm #lgm2010, if you want to have a chat or hack something with me… let me know.

(Originally on Twitter: Fri May 28 15:04:55 +0000 2010)

@0x58 This is indeed a bad news… Dennis Hopper was really a great photographer too.

(Originally on Twitter: Sat May 29 19:03:06 +0000 2010)

Seeing all the tweets about the #eurovision #EV, I ended up on the alfa-matrix website - http://alfa-matrix.com/ #EBM is so much better.

(Originally on Twitter: Sat May 29 20:37:00 +0000 2010)

Calculating Pi with #HADOOP http://gist.github.com/406824

(Originally on Twitter: Sat May 29 22:11:03 +0000 2010)

@pbeyssac very nice play word…

(Originally on Twitter: Sun May 30 06:43:26 +0000 2010)

RT @BPGlobalPR: We are very upset that Operation: Top Kill has failed. We are running out of cool names for these things.

(Originally on Twitter: Sun May 30 12:30:13 +0000 2010)

Very rainy today but sometime this can be helpful : http://www.flickr.com/photos/adulau/4653170204/ #photography #photo #wildlife

(Originally on Twitter: Sun May 30 17:08:27 +0000 2010)

Registration is now open for the GNU Hackers Meeting (Den Haag, NL 24-25/07 : http://www.gnu.org/ghm/2010/denhaag/ #ghm

(Originally on Twitter: Sun May 30 17:31:11 +0000 2010)

WTF? Are they smoking crack? GCC Steering Committee approved the use of C++ in GCC (http://article.gmane.org/gmane.comp.gcc.devel/114407)

(Originally on Twitter: Mon May 31 19:10:39 +0000 2010)

“Use This LATEX Class File to Pwn Your Computer” - http://cseweb.ucsd.edu/~hovav/dist/texhack.pdf #latex #infosec

(Originally on Twitter: Mon May 31 21:22:31 +0000 2010)

@roessler or could be 5 years in advance until we have a full-blown LaTeX in the browser or Metafont embedded ;-)

(Originally on Twitter: Tue Jun 01 06:00:18 +0000 2010)

@security4all any reference document?

(Originally on Twitter: Tue Jun 01 09:31:42 +0000 2010)

@PascClau Ce n’est pas les outils qui manquent mais la maîtrise de ces outils… développement de logiciels libres. cf. Ivan Illich

(Originally on Twitter: Tue Jun 01 10:13:00 +0000 2010)

@fcouchet http://code.google.com/p/foodle/

(Originally on Twitter: Tue Jun 01 11:52:57 +0000 2010)

@bortzmeyer right but feide.no is pointing to http://code.google.com/p/foodle … Pfff, the Internet is full of links ;-) @fcouchet

(Originally on Twitter: Tue Jun 01 12:07:38 +0000 2010)

RFC 5854 - “The Metalink Download Description Format” - waiting for curl to support it but looks good (even if this is again XML)

(Originally on Twitter: Tue Jun 01 21:24:22 +0000 2010)

Is there anyone using nodebox or nodebox 2 to randomly generate stencils for street-art?

(Originally on Twitter: Tue Jun 01 22:17:51 +0000 2010)

@pp_belgium In your program, point 30) -> should be abolition of the electronic voting and replaced by paper ballot only.

(Originally on Twitter: Wed Jun 02 08:44:52 +0000 2010)

@pp_belgium this was a suggestion ;-) thanks.

(Originally on Twitter: Wed Jun 02 10:51:04 +0000 2010)

RT @xach: Erik Naggum’s library is for sale. http://xach.livejournal.com/257931.html #naggum

(Originally on Twitter: Wed Jun 02 16:31:55 +0000 2010)

Misunderstanding in the office today : someone said “Is it a beach party here?” and someone else “A bitch party?”

(Originally on Twitter: Thu Jun 03 13:29:15 +0000 2010)

@rbidule it’s more difficult to find a beach in Luxembourg…

(Originally on Twitter: Thu Jun 03 13:37:06 +0000 2010)

RT @seldaek: Introducing Slippy - HTML Presentations http://goo.gl/fb/lqn3E #news #php #javascript

(Originally on Twitter: Thu Jun 03 16:50:15 +0000 2010)

@xme I’m jealous. Still stuck at the office in a conf-call reviewing security of an uncertain software.

(Originally on Twitter: Thu Jun 03 17:11:27 +0000 2010)

@PascClau Pourquoi la Wallonie ne pourrait pas devenir un “Delaware” pour la création des entreprises si impôts des entreprises -> région ?

(Originally on Twitter: Thu Jun 03 17:20:23 +0000 2010)

An interesting paper about Stream Control Transmission Protocol (SCTP) Steganography - http://arxiv.org/abs/1006.0247 #stegano

(Originally on Twitter: Thu Jun 03 17:54:31 +0000 2010)

@zedshaw a clone is nice but I’m always coming back to the roots when needed : http://www.flickr.com/photos/adulau/2163385152/

(Originally on Twitter: Thu Jun 03 21:22:52 +0000 2010)

Note for the cdH party in Belgium, it’s not because you have some green color on your poster that you are ecologists…. #election #belgium

(Originally on Twitter: Fri Jun 04 22:13:44 +0000 2010)

released Forban 0.0.19 - http://www.foo.be/forban/ #p2p #epidemic #filesharing

(Originally on Twitter: Sat Jun 05 07:34:34 +0000 2010)

just released a paper-based OTP token - http://github.com/adulau/paper-token why to use hardware when we can use a pencil ;-)

(Originally on Twitter: Sun Jun 06 17:56:37 +0000 2010)

The #git of the night “git log –decorate –graph –pretty=oneline –abbrev-commit –all” nice in a terminal and cleaner than gitk

(Originally on Twitter: Sun Jun 06 21:26:03 +0000 2010)

#IEEE group is working on malware XML schema to help for classification and sharing malware sample http://bit.ly/cU31y0 to look at…

(Originally on Twitter: Mon Jun 07 19:50:37 +0000 2010)

I officially hate spammer, they grab random PDF on the Internet and insert infective payload and send the infected PDF in your name.

(Originally on Twitter: Tue Jun 08 05:52:17 +0000 2010)

Seeing so many people going into my web page, they open the infected PDF made by those criminals. I put a warning on my home page…

(Originally on Twitter: Tue Jun 08 06:13:21 +0000 2010)

@zoobab the remaining 88% of people using the proprietary Windows platform and (as you said) the Acroread trojan…

(Originally on Twitter: Tue Jun 08 07:01:26 +0000 2010)

@zoobab Sure I can give a hand.

(Originally on Twitter: Tue Jun 08 08:43:29 +0000 2010)

@zoobab if you want to carry people between train station (Marbehan), I could give a hand. I’ll update the wiki.

(Originally on Twitter: Tue Jun 08 08:48:14 +0000 2010)

@miguno it’s really annoying… especially when they use your CV to include malware using WScript.CreateObject(“WScript.Shell”)… #PDF

(Originally on Twitter: Tue Jun 08 10:01:15 +0000 2010)

@mikkohypponen they used the “/Launch” function as described by @DidierStevens 2 months ago but it’s still very effective…

(Originally on Twitter: Tue Jun 08 10:33:04 +0000 2010)

@z0nbi Right. That means a lot of people are even opening the files with the Launch warning… looking at the email received… #socialworks

(Originally on Twitter: Tue Jun 08 10:48:38 +0000 2010)

@z0nbi Yep. This will install a dns resolver hook trojan + nasty misc called Win32/Alureon

(Originally on Twitter: Tue Jun 08 10:59:21 +0000 2010)

RT @tommiesunshine: The Recording Industry wants $1 billion from LimeWire. Our Government’s asking $69 million of BP. Modern priorities …

(Originally on Twitter: Wed Jun 09 06:04:14 +0000 2010)

RT @npettiaux: Through http://lepacte.be 69 belgian politicians support free software, free data and free internet

(Originally on Twitter: Wed Jun 09 06:11:12 +0000 2010)

For the nostalgic, “A penetration analysis of the Michigan terminal system” #pentest in 1980… http://bit.ly/9mA26P

(Originally on Twitter: Wed Jun 09 19:35:49 +0000 2010)

@xme in OpenPGP key signing parties, the picture is often the only way to link a guy/lady to his/her official documents…

(Originally on Twitter: Wed Jun 09 20:53:21 +0000 2010)

@jimmy_wales maybe the action of a deletionist… ah no, except if the deletionist also delete the Deletion log ;-)

(Originally on Twitter: Thu Jun 10 21:10:56 +0000 2010)

More background information on flash issue CVE-2010-2189? “issue occurs only on VMWare systems with VMWare Tools enabled.”

(Originally on Twitter: Fri Jun 11 09:31:37 +0000 2010)

Slides of the Google IPv6 implementor conference - https://sites.google.com/site/ipv6implementors/2010/agenda

(Originally on Twitter: Fri Jun 11 20:58:10 +0000 2010)

#Foo is a meta-syntactic variable and this is not the root of Football. Just a kind reminder for an email received about my domain name…

(Originally on Twitter: Fri Jun 11 21:49:59 +0000 2010)

#Belgium #election Benjamin Constant was right about the majority rule in democracy… A patchwork is not controlled by a majority.

(Originally on Twitter: Sun Jun 13 20:45:51 +0000 2010)

@npettiaux p283 du “Principes de politique, applicables à tous les gouvernements représentatifs” - version domaine public sur googlebooks

(Originally on Twitter: Mon Jun 14 05:36:38 +0000 2010)

Why ARF and X-ARF is not including source and destination port? would be useful for tracing abuse behind NAT logged pools.

(Originally on Twitter: Mon Jun 14 08:26:38 +0000 2010)

“#define DEBUG3_DOLOG_SYSTEM(x) system(x)” so simple but so efficient… When will be the GCC à la “Trusting trust” of K. Thompson?

(Originally on Twitter: Mon Jun 14 12:20:44 +0000 2010)

RT @raf_iot: ♺ @fo0_: RT @_dzen: Bonjour hadopi bonjour orange http://seclists.org/fulldisclosure/2010/Jun/346 #risee #de #tout #interne …

(Originally on Twitter: Tue Jun 15 19:37:08 +0000 2010)

@xme funny we made that for the first edition of hack.lu : http://www.foo.be/hacklu2005/p/hacklu2005-pegs.jpg

(Originally on Twitter: Tue Jun 15 19:42:01 +0000 2010)

@sam280 thanks, interesting especially if you have control on the device doing AES-128 encryption like a STU or STB…

(Originally on Twitter: Wed Jun 16 19:53:53 +0000 2010)

@sam280 right but a lot of STB designer assumed the encryption algorithm even interrupted or rolled back being safe…

(Originally on Twitter: Wed Jun 16 20:15:49 +0000 2010)

An old classic “Foundations of Computer Science” from Al Aho and Jeff Ullman http://infolab.stanford.edu/~ullman/focs.html freely available

(Originally on Twitter: Wed Jun 16 21:17:13 +0000 2010)

Flickr and getty are killing creative commons images with this stupid Getty images deal - http://bit.ly/4opVgW #cc

(Originally on Twitter: Fri Jun 18 21:57:11 +0000 2010)

“Reputation Reporting Protocol” - http://tools.ietf.org/html/draft-dskoll-reputation-reporting-01 - an I-D to report about event IP history

(Originally on Twitter: Fri Jun 18 22:17:34 +0000 2010)

made a quick blog entry - Searching Google using standard Unix tools - http://bit.ly/adj0zz

(Originally on Twitter: Sat Jun 19 10:17:15 +0000 2010)

Just bought the tickets to see (and obviously listen) #bauchklang at Esperanzah! 2010 #belgium #belgique

(Originally on Twitter: Sat Jun 19 20:16:56 +0000 2010)

I passively fuzzed while just feeding “standard” XHTML documents. I just crashed 3 different parsers with the same document… not good.

(Originally on Twitter: Sat Jun 19 20:48:33 +0000 2010)

DNS Skinhole ISO image available - http://isc.sans.edu/diary.html?storyid=9037 relying on SRI, ZeuS and dom malware blocklist.

(Originally on Twitter: Sun Jun 20 13:51:05 +0000 2010)

thinking of replacing my aging whiteboard with @ideapaint http://www.ideapaint.com/ any experience with the durability?

(Originally on Twitter: Sat Jun 26 06:56:23 +0000 2010)

RT @matrosov: Our report about TDSS v3: “TDL3: The Rootkit of All Evil?” http://www.eset.com/resources/white-papers/TDL3-Analysis.pdf #e …

(Originally on Twitter: Sat Jun 26 07:08:38 +0000 2010)

Apple updated his privacy policy, if you want to see the diff: http://bit.ly/dgsav4 #goodiff #quuxlabs #privacy #tos

(Originally on Twitter: Sat Jun 26 07:26:15 +0000 2010)

Telemarketer called me on my private mobile phone and they got this number by randomly composing numbers… key space is small.

(Originally on Twitter: Sat Jun 26 08:21:02 +0000 2010)

@xtcsh Thanks. The reason behind the “his” - We know that Apple is an “one-man show”…

(Originally on Twitter: Sat Jun 26 17:23:43 +0000 2010)

@superbus You are right, usually a Terms of Services (ToS) is more close to Terms of Slavery. That’s why we made goodiff.org

(Originally on Twitter: Sat Jun 26 17:39:38 +0000 2010)

RT @deputetardy: Tout chaud … le compte-rendu officiel de l’audition de la Hadopi à l’Assemblée nationale (en bas de ma note) http://b …

(Originally on Twitter: Sat Jun 26 21:21:35 +0000 2010)

@linuxfoundation the platypus is still my favorite by when I saw the Larry Ewing penguin with the 2.0 kernel, I knew it will stay.

(Originally on Twitter: Mon Jun 28 21:20:47 +0000 2010)

Radio regulatory is nonsense, you cannot have a FM transmitter to change easily the frequency… you open the box and use the dial switch

(Originally on Twitter: Tue Jun 29 21:02:33 +0000 2010)

Twitter is keeping track and also sharing “click statistics” - http://bit.ly/92xa5n #goodiff #quuxlabs #privacy

(Originally on Twitter: Wed Jun 30 05:27:28 +0000 2010)

“…we recommend that the functionality be re-enabled.” from Adobe about “/Launch” - http://bit.ly/aXyqXy - until next circumvent I assume

(Originally on Twitter: Wed Jun 30 06:26:20 +0000 2010)

In HackerMonthly issue #2, I enjoyed the article “Worst-Case Thinking” by Bruce Schneier. http://hackermonthly.com/ #infosec

(Originally on Twitter: Wed Jun 30 20:04:39 +0000 2010)

@eromang and then, the clever move from insurance companies was to legally force people to be insured. from low risks to legal risks…

(Originally on Twitter: Wed Jun 30 20:37:42 +0000 2010)

I hope that you like as much as I like those bookshelves http://bookshelfporn.com/ @bookshelfporn #bookworm

(Originally on Twitter: Thu Jul 01 21:45:58 +0000 2010)

PDF “Launch” Saga… It was faster than expected. #lessisbetter http://bit.ly/bXo6Al

(Originally on Twitter: Fri Jul 02 05:49:27 +0000 2010)

@joindiaspora Thanks for the monthly report. Why not already publishing your source code repository? even if this is very alpha.

(Originally on Twitter: Fri Jul 02 14:47:37 +0000 2010)

What’s my most frequent command while IPv6 connected? “nget -g alt.binaries.e-book.technical -r “pdf”” -> just testing connectivity.

(Originally on Twitter: Sat Jul 03 08:14:54 +0000 2010)

RT @ioerror: Are you interested in Tor and DNS? Here’s the most comprehensive document written on the subject as of today: http://bit.ly …

(Originally on Twitter: Sat Jul 03 08:21:40 +0000 2010)

If you want to watch “Star Wars”, just “telnet towel.blinkenlights.nl” #ascii #art #asciiart

(Originally on Twitter: Sat Jul 03 21:17:00 +0000 2010)

RT @dloss: .@enkido has put his muXTCP userland TCP/IP stack from 2005 on github http://github.com/enki/muXTCP/ #scapy #python

(Originally on Twitter: Sun Jul 04 15:16:19 +0000 2010)

Another good reason to have lacy phacelia in your garden : http://www.flickr.com/photos/adulau/4760962012/ #biodiversity

(Originally on Twitter: Sun Jul 04 19:28:07 +0000 2010)

@security4all if you want to have fun with #ATM, the Gas Protection Unit is a good start to dig into… simple physical attacks work great 2

(Originally on Twitter: Mon Jul 05 19:30:38 +0000 2010)

looking @MonsantoCo mantra “to help farmers produce more while conserving more” I suppose this is a fake account making fun of them…

(Originally on Twitter: Mon Jul 05 21:32:44 +0000 2010)

happy to see the “dictionary and set comprehensions” imported in Python 2.7 but such power comes with responsibilities…

(Originally on Twitter: Tue Jul 06 20:48:42 +0000 2010)

Reading a Bash book forgetting about the existence of “fmt”, the simple text formatter. A fast way to make 1 line out of multilines #unix

(Originally on Twitter: Tue Jul 06 21:30:25 +0000 2010)

RT @joswr1ght: Some progress on a WiMAX scanner: http://www.willhackforsushi.com/?p=484 Wish we had Clear in RI

(Originally on Twitter: Wed Jul 07 05:14:12 +0000 2010)

http://bit.ly/cokkGj Any feedback on the Origin: header proposal in HTTP? A realistic mitigation against Cross-Site Request Forgery?

(Originally on Twitter: Wed Jul 07 21:06:19 +0000 2010)

@pbeyssac thanks for the feedback. The js generated is indeed a good point… and obviously breaking the current HTTP Origin: model.

(Originally on Twitter: Thu Jul 08 12:23:16 +0000 2010)

Skype RC4 key expansion : http://cryptolib.com/ciphers/skype/ - Maybe this would increase the Skype analysis and its attack surface ?

(Originally on Twitter: Thu Jul 08 21:45:44 +0000 2010)

RT @AlainGerlache: Encenser ou démolir un journal parce qui’il est en ligne n’a aucun sens. Ce n’est pas le support qui fait la qualité …

(Originally on Twitter: Thu Jul 08 22:03:08 +0000 2010)

http://bit.ly/d3lz9w - skip BNF grammar and define the grammar in Python. Codetalker approach seems very elegant…

(Originally on Twitter: Fri Jul 09 05:56:06 +0000 2010)

Backdoor or debugging tool on 4G and HTC Hero? http://bit.ly/cL54Nf seems more like a simple and vulnerable debugging tool…

(Originally on Twitter: Sat Jul 10 09:17:06 +0000 2010)

RT @roessler: All 34 position papers for the W3C privacy workshop in one download: http://www.w3.org/2010/api-privacy-ws/papers.zip

(Originally on Twitter: Sat Jul 10 09:38:42 +0000 2010)

Notification of PCI de-listing for Visa/MC card reader/POS : http://bit.ly/aLs2vR why? easy to hook PIN skimmer…

(Originally on Twitter: Sat Jul 10 10:10:57 +0000 2010)

Happy to hear feedback from users using quick-and-dirty OddmuseGit - http://www.foo.be/cgi-bin/wiki.pl/OddmuseGit #oddmuse #git

(Originally on Twitter: Sat Jul 10 14:12:43 +0000 2010)

just released Forban 0.0.20 - bug fix release - http://www.foo.be/forban/ #p2p #epidemicp2p #mobile

(Originally on Twitter: Sat Jul 10 14:55:24 +0000 2010)

@ddenis Le contrôle des dispositifs CCTV c’est uniquement pour avoir un monopole d’État sur la vidéo surveillance…

(Originally on Twitter: Sat Jul 10 16:02:44 +0000 2010)

EFF Celebrates 20th Anniversary With New Animation by Nina Paley - https://w2.eff.org/ninapaley/ #EFF #freedom

(Originally on Twitter: Sat Jul 10 20:50:43 +0000 2010)

some discussed synthetic life but we are still not able to make safe and secure software. Imagine synthetic life just like today’s software.

(Originally on Twitter: Sun Jul 11 07:50:58 +0000 2010)

A distributed alternative to Wikileaks? Maybe the beginning of something … http://news.ycombinator.com/item?id=1505291

(Originally on Twitter: Sun Jul 11 10:48:31 +0000 2010)

@mikkohypponen if you like dataset from honeypots with attacker keystrokes : http://2010.hack.lu/archive/2009/InfoVisContest/

(Originally on Twitter: Sun Jul 11 13:37:36 +0000 2010)

@ChrisJohnRiley especially compared to the cost of a library. Remind me of Andrew Carnegie model for public libraries…

(Originally on Twitter: Sun Jul 11 15:58:31 +0000 2010)

@ChrisJohnRiley Great, I would go more often to the stadium if it was a giant library…

(Originally on Twitter: Sun Jul 11 16:04:57 +0000 2010)

eBay changed its user agreement and added a “Listing conditions” section http://bit.ly/cMr8T8 #eula #goodiff #quuxlabs #legal

(Originally on Twitter: Thu Jul 22 09:05:39 +0000 2010)

RT @fcouchet: Projets sous licence libre (dev, doc, culture…), candidatez aux H@ckWeeks http://hackweeks.epplug.org/fr/ #epplug #picardie

(Originally on Twitter: Thu Jul 22 10:14:41 +0000 2010)

For the Kraken source code -> http://reflextor.com/trac/a51/browser/tinkering/Kraken #gsm #a51

(Originally on Twitter: Thu Jul 22 12:55:28 +0000 2010)

Want to see the mess of subjectAltName use in TLS/SSL? a nice example found by Peter Gutmann http://bit.ly/aUYFSK #infosec #tls #pki

(Originally on Twitter: Thu Jul 22 19:01:27 +0000 2010)

Pluri-lateral (ACTA) - Chapter 2 Section 3 “Criminal Enforcement” http://bit.ly/9ZFP01 EU Council has the document but they don’t share…

(Originally on Twitter: Fri Jul 23 07:43:20 +0000 2010)

@bortzmeyer What’s the most painful? Unicode programming or programming at 40° C?

(Originally on Twitter: Fri Jul 23 09:08:46 +0000 2010)

OVH propose d’héberger france.fr gratuitement pour une année : http://forum.ovh.com/showthread.php?t=61597

(Originally on Twitter: Fri Jul 23 09:25:03 +0000 2010)

RT @doctorow: For the 1st time in human history, all the works produced by our contemporaries are inaccessible to us #orgcon @thepublicd …

(Originally on Twitter: Sat Jul 24 12:12:52 +0000 2010)

@davanac @SLE06 la politique est simplement le reflet de la société du spectacle - http://bit.ly/cdwtb7

(Originally on Twitter: Sat Jul 24 12:19:23 +0000 2010)

@roessler I would be afraid if someone jump on you at final movement of 9th Symphony… #AClockworkOrange

(Originally on Twitter: Sun Jul 25 09:20:43 +0000 2010)

RT @teamcymru: UK launching “Cyber Security Challenge” as a way to locate, invigorate the next gen of security talent http://bit.ly/9oVNTI

(Originally on Twitter: Mon Jul 26 20:42:32 +0000 2010)

Take a paper model for a dice (http://bit.ly/c1koGq), replace the numbers with QR Code and now, you have a dice-based random generator…

(Originally on Twitter: Mon Jul 26 21:12:09 +0000 2010)

RT @gchampeau: #EpicFAIL Pour arrêter le terrorisme, interdisons la programmation C++ (@Numerama) http://bt.io/FhkU

(Originally on Twitter: Tue Jul 27 11:10:42 +0000 2010)

ARKit an free/open-source rootkit detection library for win32 http://code.google.com/p/arkitlib/ looks quite good #win32 #infosec #malware

(Originally on Twitter: Tue Jul 27 12:11:44 +0000 2010)

RT @jeremiahg: Interesting timing on Disclosure statements from GOOG, MOZ, & MSFT. GOOG adds patch deadline. GOOG & MOZ up bug bounty. M …

(Originally on Twitter: Tue Jul 27 15:29:26 +0000 2010)

2010 Sort Benchmark winners - http://sortbenchmark.org/ #hadoop

(Originally on Twitter: Wed Jul 28 12:43:04 +0000 2010)

RT @0xcharlie: @ChrisJohnRiley I guess the fact nobody cares about reader 0-days is more interesting than a reader 0-day. It’s a reaso …

(Originally on Twitter: Thu Jul 29 09:06:53 +0000 2010)

“don’t blame the cryptographic protocol if no one is able to make a proper implementation” wait… maybe the protocol is so badly designed.

(Originally on Twitter: Thu Jul 29 21:01:44 +0000 2010)

one possible use of the Facebook profile information: generating a good dictionary from fabebook-names-original.txt to brute-force password

(Originally on Twitter: Fri Jul 30 09:14:30 +0000 2010)

1984 will be in France… a governmental end-point security software http://bit.ly/bVzzPy #hadopi

(Originally on Twitter: Fri Jul 30 09:51:14 +0000 2010)

@bortzmeyer http://bit.ly/cwmdxG an interesting DNSSEC comment in HN…

(Originally on Twitter: Fri Jul 30 11:56:16 +0000 2010)

RT @elise_huard: Whoever still harbors the delusion that French is a romantic language should spend some time with these folks

(Originally on Twitter: Sat Jul 31 09:07:46 +0000 2010)

@z0nbi decent tripod - giottos vt 806 - cheap - I recently cleaned it with a Karcher. Light enough for wild nature photography…

(Originally on Twitter: Sat Jul 31 09:22:43 +0000 2010)

We are still nowhere with e-book readers why the Kindle can’t read ePub? again nothing beat a paper book regarding e-book format…

(Originally on Twitter: Sun Aug 01 18:03:02 +0000 2010)

“Invasive species” is just a term to hide the activity of the real invasive specie : “Homo sapiens sapiens” #biology #biodiversity

(Originally on Twitter: Sun Aug 01 19:28:50 +0000 2010)

RT @wikileaks: Hilarious WikiLeaks rap gets it right. Is comedy the only honest commentary? http://bit.ly/9d60V3

(Originally on Twitter: Tue Aug 03 05:49:35 +0000 2010)

Per-site, theft-resistant passwords in Python (based on HMAC) http://lunaryorn.de/code/pwdhash.html #infosec

(Originally on Twitter: Wed Aug 04 06:16:29 +0000 2010)

An interesting analysis of Internet X.509 certificates - http://www.eff.org/observatory #pki #x509 they plan to release the dataset.

(Originally on Twitter: Thu Aug 05 07:54:43 +0000 2010)

http://bit.ly/9oW3aj - want to see Belgian activities in Afghan War Diaries Explorer - software used behind is free software #belgium

(Originally on Twitter: Thu Aug 05 08:59:27 +0000 2010)

“returning electronic documents” - a new DoD concept - http://cs.pn/a3PkQl #internet

(Originally on Twitter: Thu Aug 05 20:55:18 +0000 2010)

@FunkySteph @treehugger “New Belgium Brewery” is not even producing organic beer… strange for the “greenest brewery”

(Originally on Twitter: Fri Aug 06 15:02:59 +0000 2010)

Internet-Draft about EAP Support in Smartcard / Section 10 is an interesting read - http://bit.ly/ahkBiT

(Originally on Twitter: Sat Aug 07 06:50:37 +0000 2010)

Another example of deletionist misbehavior on Wikipedia. The Base62 page has been removed…

(Originally on Twitter: Sat Aug 07 11:06:08 +0000 2010)

@z0nbi that’s an art by itself especially with a 35mm close to people…

(Originally on Twitter: Sat Aug 07 13:56:47 +0000 2010)

RT @DNSMadeEasy: This is flooding the provider’s backbones. By far the largest attack we have had to fight in history.

(Originally on Twitter: Sat Aug 07 20:15:39 +0000 2010)

Negroponte said “physical books dead in 5 years” ? Interesting comments on HN http://fo.vc/2 #books #ebooks

(Originally on Twitter: Sat Aug 07 20:44:50 +0000 2010)

RT @russnelson: When you’re young, you worry about people stealing your ideas. When you’re old, you worry about people NOT stealing your …

(Originally on Twitter: Sun Aug 08 06:44:51 +0000 2010)

Maybe a partially good news for cryptography if “P is not equal to NP” under review paper is correct http://fo.vc/3

(Originally on Twitter: Mon Aug 09 07:08:07 +0000 2010)

@p4ula I would agree. IMHO this is a parallel to the “Mistrust authority, promote decentralization” mantra in various hacker ethic ref.

(Originally on Twitter: Mon Aug 09 07:20:10 +0000 2010)

Arbor networks acquired by Tektronix… What’s next?

(Originally on Twitter: Tue Aug 10 08:32:12 +0000 2010)

@xme right… perl -e ‘print ““.localtime $_’ is always useful ;-)

(Originally on Twitter: Tue Aug 10 14:54:54 +0000 2010)

Do you like cryptographic challenge? http://fo.vc/4 you could win an entrance for #hacklu 2010…

(Originally on Twitter: Tue Aug 10 20:33:11 +0000 2010)

“TP packets can be intercepted up to 40 meters from a passing car using GNU Radio with a basic low-noise amplifier. “ http://fo.vc/5

(Originally on Twitter: Wed Aug 11 07:07:16 +0000 2010)

RT @xme: Registration for #hacklu completed!

(Originally on Twitter: Wed Aug 11 09:33:34 +0000 2010)

@rbidule do you advise us to install a Trojan on our PC? @rommelfs gave me the EULA of Colasoft Capsa and that’s bloody scary…

(Originally on Twitter: Wed Aug 11 12:36:30 +0000 2010)

@rbidule I like it. So you are doing indirect drive-by download… it’s even more clever. What percentage do you get from that malware? ;-)

(Originally on Twitter: Wed Aug 11 15:01:55 +0000 2010)

Bug #626593 for Gnome is fun… https://bugzilla.gnome.org/show_bug.cgi?id=626593

(Originally on Twitter: Thu Aug 12 09:46:48 +0000 2010)

RT @jmason: hey, not nice! delicious no longer provides URLs older than 2008 in its backups – I have another 4 years of links!

(Originally on Twitter: Thu Aug 12 11:15:48 +0000 2010)

@ChrisJohnRiley I coincidently won a N900 at #FOSDEM and I’m using it. That’s a great portable computer but still a minimal phone….

(Originally on Twitter: Thu Aug 12 12:06:53 +0000 2010)

“Collisions in PDF Signatures” I like those standards and implementation “interpretations” leading to funny issues - http://fo.vc/6

(Originally on Twitter: Fri Aug 13 05:56:47 +0000 2010)

After SCO FUD, we have the Oracle FUD… maybe the end will be similar for Oracle.

(Originally on Twitter: Fri Aug 13 08:45:14 +0000 2010)

@patrickvw right but it’s really pity to see Oracle jumping and following the litigation path.

(Originally on Twitter: Fri Aug 13 09:02:05 +0000 2010)

@theodric right, a man can hope, especially if you are regularly going to HOPE (http://thenexthope.org/) or similar events…

(Originally on Twitter: Fri Aug 13 12:17:50 +0000 2010)

Maybe the patent mess is an opportunity for Google to standardize around Python or Go and finally use a decent language for Android…

(Originally on Twitter: Fri Aug 13 13:59:31 +0000 2010)

Listening to “Greyhawk - Boiled Acid”, I especially enjoy “Trance Elevator” even if the track name is misleading… the bass line is a must

(Originally on Twitter: Fri Aug 13 21:32:28 +0000 2010)

#hacklu I finally finished my reviews for http://2010.hack.lu and there are some real pearls, it will be announced in the next days.

(Originally on Twitter: Sat Aug 14 07:03:41 +0000 2010)

Forban announce discovery in 1 line -> tcpdump -c 1 -t -p -n -l -A -s0 -iany “udp and port 12555 and udp[8:2]==0x666f”

(Originally on Twitter: Sat Aug 14 07:24:57 +0000 2010)

just made a new blog post “Free Software Is Beyond Companies” - http://fo.vc/7

(Originally on Twitter: Sun Aug 15 09:56:42 +0000 2010)

0.13 μSv/H (Monday) -> 0.19 μSv/H (Sunday) in the south of Belgium when raining - my air measurements are surely broken… #radioactivity

(Originally on Twitter: Sun Aug 15 13:42:55 +0000 2010)

@rommelfs maybe it’s also related to the Chooz A nuclear plant dismantlement in Ardennes, France… #radioactivity #belgium http://fo.vc/8

(Originally on Twitter: Sun Aug 15 14:54:44 +0000 2010)

@roessler an opportunity to be creative with the remaining ingredients at home

(Originally on Twitter: Sun Aug 15 15:46:05 +0000 2010)

OpenSSL just crashed violently when parsing an X.509 certificate #accidentalfuzzing

(Originally on Twitter: Sun Aug 15 20:06:05 +0000 2010)

NTMLv2 presentation - Usenix 2010 (if you are curious about old and recurring protocol bugs) - http://fo.vc/9

(Originally on Twitter: Mon Aug 16 15:25:45 +0000 2010)

@ITnation For your new thriller, it would be nicer to use the Steven Levy definition of a Hacker…

(Originally on Twitter: Mon Aug 16 15:33:38 +0000 2010)

RT @feliam: Parse hard. Why parsing PDF is hard? I think it’s because of this… http://bit.ly/coRMtc . Basically the spec is broken…. …

(Originally on Twitter: Mon Aug 16 20:44:37 +0000 2010)

Don’t fall into the trap. If you see a book updated “25th Anniversary Edition”, there is nothing new and the older version is still better.

(Originally on Twitter: Mon Aug 16 20:49:16 +0000 2010)

RT @librarythingtim: Maximum times the “cyberpunk” tag has been applied to a book: OCLC 2. LibraryThing 1,321. There’s a lesson here.

(Originally on Twitter: Tue Aug 17 06:06:53 +0000 2010)

@Phonoelit @joernchen the stream works well. by the way, nice mix. is the track listing available?

(Originally on Twitter: Tue Aug 17 20:19:21 +0000 2010)

RT @esizkur: Sorry for the confusion everyone. Clarification from Tanja: #CRYPTO2010 rump session commences in 1:10h, at 19:30 PDT (webs …

(Originally on Twitter: Wed Aug 18 05:17:17 +0000 2010)

@joernchen Thank you for the track list, nice mix. You are obviously not member of MATOS (movement against tracklistings of sets) ;-)

(Originally on Twitter: Thu Aug 19 22:40:55 +0000 2010)

@mir_ripe_labs do you know why the private Bezeqint ASN 65024 show up in the RIS table recently? thank you.

(Originally on Twitter: Fri Aug 20 12:52:31 +0000 2010)

RT @mgeist: ACTA countries pledge to release final text before signing. Too late - once deal is done, take it/leave it http://bit.ly/aR0scE

(Originally on Twitter: Sun Aug 22 10:07:45 +0000 2010)

A bat likes my underwear (don’t worry it’s safe for work ;-) - http://fo.vc/A

(Originally on Twitter: Sun Aug 22 14:52:07 +0000 2010)

RFC 5953 - Transport Layer Security (TLS) Transport Model for SNMP - looks nice on paper… but read 4.1.1. -> X.509 craziness #security

(Originally on Twitter: Mon Aug 23 21:31:59 +0000 2010)

“Vulnerability Analysis of PAP for RFID Tags” - http://arxiv.org/abs/1008.3625 #rfid #infosec

(Originally on Twitter: Tue Aug 24 08:16:55 +0000 2010)

@mikebem and it’s even an understatement. #Godwinlaw

(Originally on Twitter: Tue Aug 24 12:15:49 +0000 2010)

RT @security4all: For the people that asked me about the IPv6 UTP cables in Akihabara, I found some pics http://bit.ly/9GBVo4

(Originally on Twitter: Tue Aug 24 16:00:17 +0000 2010)

“Security Mitigations for Return-Oriented Programming Attacks” - http://arxiv.org/abs/1008.4099 leak of virtual addresses is still an issue

(Originally on Twitter: Wed Aug 25 07:45:47 +0000 2010)

The illusion of diversity: visualizing ownership in the soft drink industry https://www.msu.edu/~howardp/softdrinks.html #infovis #food

(Originally on Twitter: Fri Aug 27 20:54:48 +0000 2010)

5$ won’t stop attackers to put malicious extensions in the Chrome extension gallery… remember spammers buying EV certificate. #infosec

(Originally on Twitter: Sat Aug 28 08:13:08 +0000 2010)

saw the scary warning of the day when compiling a cryptographic library “warning: value computed is not used”…

(Originally on Twitter: Sat Aug 28 08:36:28 +0000 2010)

@fboule thx, another interesting one for “auth-rsa.c” but the one seen is in AES function of some embedded code…

(Originally on Twitter: Sat Aug 28 09:04:56 +0000 2010)

@fboule but the one for the AES function is real… it’s an array declaration at the wrong place…

(Originally on Twitter: Sat Aug 28 09:27:52 +0000 2010)

Experimenting HN free software back-end for information security news http://news.hack.lu/ #HN #infosec #arc #lisp

(Originally on Twitter: Sat Aug 28 09:35:58 +0000 2010)

RT @laurentchemla: Par une coincidence troublante, les gamins d’en face apprennent à jouer de la vuvuzela pile le jour où je commence le …

(Originally on Twitter: Sat Aug 28 13:53:34 +0000 2010)

RT @xme: Just noticed that the #FOSDEM 2011 dates have been released: 5-6 Feb 2011. Blocked!

(Originally on Twitter: Sat Aug 28 19:20:25 +0000 2010)

Parsing is difficult even for BGP messages especially when you are Cisco and make a carrier-grade platform called CRS ;-)

(Originally on Twitter: Sat Aug 28 20:38:32 +0000 2010)

just released Forban 0.0.21 (bug fix release) - opportunistic p2p for local area/wireless network. http://www.foo.be/forban/ #p2p #sharing

(Originally on Twitter: Sat Aug 28 22:10:54 +0000 2010)

RT @jepoirrier: Quelqu’un d’autre a également l’impression que Test-Achats devient très mercantile ? http://ur1.ca/1crd3 #testachats #ve …

(Originally on Twitter: Mon Aug 30 08:02:59 +0000 2010)

a representative from #ACTA discussion just told me that their secret technique is called “belgian negotiation” #BeGov #belgium

(Originally on Twitter: Mon Aug 30 14:58:08 +0000 2010)

RT @msftsecresponse: Status update on the DLL preloading issue > http://bit.ly/cy4p8C and additional guidance on deploying mitigation …

(Originally on Twitter: Tue Aug 31 21:31:06 +0000 2010)

RT @thorstenholz: Now live: Challenge 5 of the Forensic Challenge 2010: “Log Mysteries” - http://bit.ly/d0n17H

(Originally on Twitter: Wed Sep 01 06:12:42 +0000 2010)

Just saw a third-order emergent structure in an old tea cup lying on my desk. In other words, my desk was a bit messy… #biology #nature

(Originally on Twitter: Wed Sep 01 20:56:52 +0000 2010)

RT @damienmiller: Just landed support for elliptic curve crypto in OpenSSH - ECDH KEX and ECDSA host/user keys: http://bit.ly/9AFLGj

(Originally on Twitter: Wed Sep 01 21:03:46 +0000 2010)

@raf_iot great… a technical howto to mashup your own data source would be nice too #bgp_ranking @ccc_trier

(Originally on Twitter: Wed Sep 01 21:22:17 +0000 2010)

RT @chriseng: RT @mckt_: RT @packetwerks You know what’s more wack? Directory indexing and sql files http://is.gd/eRXzK < How embarra …

(Originally on Twitter: Thu Sep 02 19:50:38 +0000 2010)

http://arxiv.org/abs/1008.4960 - “Growth and replication of red rain cells at 121 oC and their red fluorescence” #biology

(Originally on Twitter: Fri Sep 03 14:26:30 +0000 2010)

Acheter Son lait à la Ferme en Gaume - Google Maps http://fo.vc/B #belgique #belgium

(Originally on Twitter: Sun Sep 05 09:22:03 +0000 2010)

RT @quuxlabs: #Hadoop tutorials available on quuxlabs.com: http://fo.vc/a

(Originally on Twitter: Sun Sep 05 10:28:41 +0000 2010)

RT @quuxlabs: New blog post “Location and Friendship - Data Mining in #Facebook” : http://fo.vc/b #research #www #geolocation #geo

(Originally on Twitter: Sun Sep 05 10:30:20 +0000 2010)

RT @fluxfingers: the #hacklu prologue crackme will be released at 0.00 cet - less than two hours to go.

(Originally on Twitter: Sun Sep 05 20:56:44 +0000 2010)

RT @FFII: HOPE conf audio on ACTA etc. http://c2047862.cdn.cloudfiles.rackspacecloud.com/tnha27.mp3

(Originally on Twitter: Mon Sep 06 21:26:52 +0000 2010)

“Where they have burned books, they will end in burning human beings.” Heinrich Heine - still appropriate in today’s world.

(Originally on Twitter: Tue Sep 07 20:37:03 +0000 2010)

jsunpack-n emulates browser functionality when visiting an URL https://code.google.com/p/jsunpack-n/ #malware #security #analysis

(Originally on Twitter: Thu Sep 09 16:55:12 +0000 2010)

Finally the X-Frame-Options header is now part of Firefox 3.6.9 http://fo.vc/C #clickjacking #security

(Originally on Twitter: Fri Sep 10 12:02:03 +0000 2010)

http://code.google.com/p/abusehelper/ could improve abuse-handler community and seems quite handy #CSIRT #CERT

(Originally on Twitter: Fri Sep 10 13:41:49 +0000 2010)

saw “Exit Through The Gift Shop”, another proof of #Banksy capability to break the rules… #rat with #art

(Originally on Twitter: Fri Sep 10 21:45:40 +0000 2010)

RT @lrz: Cashier at Whole Foods pointed at my camembert and asked what it was, then if it was similar to the “laughing cow”.

(Originally on Twitter: Sat Sep 11 07:45:41 +0000 2010)

@lanyrd Do you have an alternative login method than using the Twitter login? That would be appreciated for the security minded ppl thx

(Originally on Twitter: Sat Sep 11 07:49:10 +0000 2010)

Using EMET 2.0 to block Adobe 0-day - http://fo.vc/D nifty but until there are again new funky ways to avoid ASLR or EAF…

(Originally on Twitter: Sun Sep 12 14:32:40 +0000 2010)

@bortzmeyer RPKI pq pas mais une partie des LIR ne sont pas tjs capables de maintenir des entrées en RPSL correctes pour leur ASN…

(Originally on Twitter: Sun Sep 12 16:27:58 +0000 2010)

@eromang yes, it looks like but luckily, http://www.openvas.org/ is accessible… #infosec #nessis

(Originally on Twitter: Sun Sep 12 17:38:16 +0000 2010)

RT @loggly: Introducing a HTTP to Syslog proxy written in Node.js: http://bit.ly/cJPnHt #nodejs #syslog #opensource

(Originally on Twitter: Mon Sep 13 05:37:17 +0000 2010)

Cross-platform vulnerability in Adobe Flash Player #CVE-2010-2884 - http://fo.vc/E a fix to be available…

(Originally on Twitter: Tue Sep 14 07:29:19 +0000 2010)

using proprietary technologies to protect privacy is a non sense… and we got again a proof the past days…

(Originally on Twitter: Wed Sep 15 11:54:31 +0000 2010)

@pbeyssac #haystack is/was a proprietary “technology” trying to protect privacy…

(Originally on Twitter: Wed Sep 15 20:08:56 +0000 2010)

RT @pierreneo: 215 000 étrangers au Luxembourg soit 44% de la population alors quelques Roms de plus ça devrait aller…

(Originally on Twitter: Wed Sep 15 21:24:14 +0000 2010)

RT @go_nuts: You can now write and run Go code from your browser! http://tinyurl.com/24rqdz4 Check out the new http://golang.org/ #golang

(Originally on Twitter: Thu Sep 16 05:42:57 +0000 2010)

Actively using TV-B-Gone is a matter of public health… http://www.youtube.com/watch?v=YJRwZMG5GQ4 #thesocietyofthespectacle

(Originally on Twitter: Thu Sep 16 14:47:43 +0000 2010)

RT @quuxlabs: New blog post “Matrix Factorization: A Simple Tutorial and Implementation in Python” : http://fo.vc/c #python #recommender …

(Originally on Twitter: Thu Sep 16 21:46:43 +0000 2010)

RT @SophianF: Ça déconne pas sur les watermarkés chez Warner. J’ai peur de déclencher une attaque chimique en ouvrant le CD. http://plix …

(Originally on Twitter: Fri Sep 17 12:54:51 +0000 2010)

@karlpro I share the same feelings when I want to write with my pencil in a e-book or give it to my neighbours… The e-book is a jail too.

(Originally on Twitter: Fri Sep 17 12:58:49 +0000 2010)

#begov #belgique J-J Viseur doit fumer trop la moquette… http://fo.vc/F n’oublions pas -> “Le nationalisme c’est la haine des autres”.

(Originally on Twitter: Fri Sep 17 14:51:18 +0000 2010)

I love the DF_RETURN_FC_ONLY in diStorm even if I was lost at the next offset… #rce http://code.google.com/p/distorm/

(Originally on Twitter: Fri Sep 17 20:44:04 +0000 2010)

Do you want to make a lightning talk during #hack.lu 2010? you can tweet me your proposal http://2010.hack.lu/

(Originally on Twitter: Sat Sep 18 08:51:37 +0000 2010)

CryptoAPI Tracer Script http://fo.vc/G #win32 very handy and just relying on “bm” to add breakpoints on Crypt32.dll

(Originally on Twitter: Tue Sep 21 06:29:43 +0000 2010)

@xme regarding risks and standards, a lot of companies should read (more) the RFC2196… instead of relying on complex risks analysis.

(Originally on Twitter: Tue Sep 21 09:39:56 +0000 2010)

evercookie is a javascript API available that produces extremely persistent cookies in a browser -> http://samy.pl/evercookie/

(Originally on Twitter: Wed Sep 22 05:19:36 +0000 2010)

http://fo.vc/H European Commission proposal about GMO summarized : boundaries stop the pollen at the border of each member state #GMO #fail

(Originally on Twitter: Thu Sep 23 05:10:58 +0000 2010)

The High Security Top Level Domain Verification at #ICANN http://fo.vc/I is this really useful?

(Originally on Twitter: Fri Sep 24 05:44:22 +0000 2010)

RT @hack_lu: a little bit more than 4 weeks to go until hack.lu 2010. #hacklu

(Originally on Twitter: Fri Sep 24 08:05:11 +0000 2010)

Google clarified its Froogle EULA http://fo.vc/J more inline with Google general search policy? #goodiff #quuxlabs

(Originally on Twitter: Fri Sep 24 08:43:38 +0000 2010)

@stephvg as long as the first to register is not abusing #HSTLD just like spammers are doing with X.509 certificate with extended validation

(Originally on Twitter: Fri Sep 24 08:50:02 +0000 2010)

RT @mov_ebp_esp: Exploring Stuxnet’s PLC Infection Process http://bit.ly/8WWEVg @symantec

(Originally on Twitter: Fri Sep 24 10:16:57 +0000 2010)

Paper Token: Gutenberg’s version of One Time Passwords http://fo.vc/K #infosec #simple

(Originally on Twitter: Mon Sep 27 20:56:32 +0000 2010)

RT @TeamARIN: Have you checked out our microsite (http://teamarin.net)? There is a multitude of educational information to learn about IPv6!

(Originally on Twitter: Tue Sep 28 16:03:10 +0000 2010)

@beist we were thinking of you for this year at #hack.lu 2010. There will be “beer tasting” workshop… http://fo.vc/d

(Originally on Twitter: Fri Oct 01 21:04:05 +0000 2010)

@FunkySteph thank you for all your support. I hope we will invent a bright and new future as mentioned by Alan Kay.

(Originally on Twitter: Fri Oct 01 21:12:32 +0000 2010)

#HN What’s your favorite window manager for X11? http://fo.vc/e

(Originally on Twitter: Sat Oct 02 08:34:08 +0000 2010)

PAM module for face “authentication” looks fun but it’s still just a public and weak identifier… http://fo.vc/f #infosec

(Originally on Twitter: Sat Oct 02 14:13:05 +0000 2010)

RT @joshu: my mother used the phrase “social media” earlier today. that’s it folks, it’s over.

(Originally on Twitter: Sun Oct 03 08:10:33 +0000 2010)

“You’re Stealing it Wrong: 30 Years of Inter-Pirate Battles” http://ascii.textfiles.com/archives/2714 #copyrightdelirium

(Originally on Twitter: Sun Oct 03 09:46:08 +0000 2010)

Time to register for hack.lu 2010 and don’t forget to register to the beer and chocolate tasting… http://2010.hack.lu/ #infosec

(Originally on Twitter: Tue Oct 05 20:06:25 +0000 2010)

RT @hack_lu: Be prepared, as announced, the CTF registration for the hack.lu CTF will start in 1 hour #hacklu #fluxfingers #ctf (via @kabel)

(Originally on Twitter: Tue Oct 05 21:03:25 +0000 2010)

5 years ago, we made a honeypot with modbus over TCP/IP and everyone said : “useless”… and nowadays? #infosec

(Originally on Twitter: Thu Oct 07 18:05:57 +0000 2010)

RT @jeremyjarvis: OH: “we don’t have VC but we’re on our second round of freedom”

(Originally on Twitter: Fri Oct 08 19:18:41 +0000 2010)

Just saw the Data Acquisition API (DAQ) 0.2 made for Snort 2.9.0… a clever API and also supporting OpenBSD IPFW… #nids

(Originally on Twitter: Fri Oct 08 19:40:31 +0000 2010)

De Wever is now appointed for clarification… It’s sure, they just legalized drugs in Belgium. #belgium #begov

(Originally on Twitter: Fri Oct 08 20:01:42 +0000 2010)

Looks like ISOC (http://fo.vc/g) is not aware of GooDiff (http://www.goodiff.org/) #goodiff #tos-tracking

(Originally on Twitter: Fri Oct 08 20:30:42 +0000 2010)

@bookshelfporn http://fo.vc/h The Humanist Library of Beatus Rhenanus - 600 years old manuscripts bookshelf. #books

(Originally on Twitter: Sun Oct 10 17:00:04 +0000 2010)

@niCRO Do you join us at hack.lu 2010? #hacklu

(Originally on Twitter: Wed Oct 13 20:12:43 +0000 2010)

“Origapy - a Python module to sanitize PDF files” http://fo.vc/i #infosec relying on Origami and it seems promising.

(Originally on Twitter: Wed Oct 13 20:17:01 +0000 2010)

http://2010.hack.lu/ - Agenda and workshops finalized… time to register. #hacklu #luxembourg #hack.lu

(Originally on Twitter: Thu Oct 14 14:26:56 +0000 2010)

“radare, the reverse engineering framework” http://www.radare.org/ #rce #infosec

(Originally on Twitter: Thu Oct 14 19:27:53 +0000 2010)

Perl Scrappy module is so great that I finally parsed the really crappy moniteur.be website to get new legal text http://fo.vc/j #perl

(Originally on Twitter: Thu Oct 14 20:30:34 +0000 2010)

RT @newsycombinator: Land of Lisp (Learn to Program in Lisp, One Game at a Time) http://j.mp/aBfX2K

(Originally on Twitter: Fri Oct 15 20:04:34 +0000 2010)

A paper Internet - how to preserve digital documents on the long-term? use paper… #papernet http://fo.vc/k

(Originally on Twitter: Sat Oct 16 10:31:30 +0000 2010)

What’s the definition of REST? I’m tempted to say: “easy to use from the command line with curl only”. #rest

(Originally on Twitter: Sat Oct 16 10:47:00 +0000 2010)

Starting with XML::IODEF parser not able to parse basic IODEF files and ending it up to make my own parser in Perl… yes, XML is just ASCII

(Originally on Twitter: Sun Oct 17 09:35:12 +0000 2010)

@niCRO Thank you. Anyway, next time you come in the region, we can arrange a gastronomic reverse engineering challenge…

(Originally on Twitter: Sun Oct 17 17:45:04 +0000 2010)

@kabel @rbidule We really need a workshop “growing Ilex paraguariensis at home” during hack.lu #hacklu…

(Originally on Twitter: Sun Oct 17 18:44:33 +0000 2010)

@kabel It seems that planting it indoor with regular watering is fine in our latitudes #gardening4geeks We need young plants or seeds..

(Originally on Twitter: Sun Oct 17 18:58:27 +0000 2010)

RT @hack_lu: Hurry up and register for hack.lu. Only some few places left and prices won’t change until Friday 22.10. #hacklu

(Originally on Twitter: Tue Oct 19 04:42:15 +0000 2010)

Il y a des talks sur les évasions logicielles : “escaping from protected mode” ou le workshop “Dive in to ROP “ #hacklu @eromang

(Originally on Twitter: Tue Oct 19 11:05:04 +0000 2010)

CVE-2010-3904 interesting bug and interesting notes from Linus about the use kmap_atomic() #security #kernel #linux http://fo.vc/l

(Originally on Twitter: Tue Oct 19 19:10:32 +0000 2010)

@zoobab FRAND or RAND are incompatibles with free software. http://fo.vc/m I don’t buy the “competition” arguments showed by lobbyist.

(Originally on Twitter: Tue Oct 19 20:43:02 +0000 2010)

@FOSSpatents the main issue with (F)RAND is the vagueness. Look at the IETF IPR statement, the successful protocols are the royalty-free…

(Originally on Twitter: Wed Oct 20 04:45:47 +0000 2010)

RFC2338 versus RFC 5023 (look at IETF IPR declaration). Flexibility? Legal uncertainty is just a way to kill competition. @FOSSpatents

(Originally on Twitter: Wed Oct 20 07:22:07 +0000 2010)

@FOSSpatents That’s the position of the BSA and they even exclude proprietary software interoperability. Excluding their own members…

(Originally on Twitter: Wed Oct 20 08:14:12 +0000 2010)

We just received the prices for the CTF at #hacklu #hack.lu - from iPad to Kindle and even USRP classic, bus pirates… http://hack.lu

(Originally on Twitter: Thu Oct 21 16:29:27 +0000 2010)

RT @ddurvaux: Thanks to @adulau there will be a #abusehelper workshop at #hacklu #hack.lu :-D http://bit.ly/aiq35g

(Originally on Twitter: Thu Oct 21 16:30:07 +0000 2010)

RT @esizkur: even though I’m a reverse-engineer and do cellphone security, I can be a real noob about how to turn on unknown devices of …

(Originally on Twitter: Fri Oct 22 05:04:54 +0000 2010)

http://fo.vc/n A document leaked by La Quadrature du Net shows Nicolas Sarkozy hijacking a conference promoting their view of Internet

(Originally on Twitter: Sat Oct 23 06:39:43 +0000 2010)

Maybe arXiv.org should release their dataset along with the back-end as free software to support even more open access? #arXiv #freesoftware

(Originally on Twitter: Sun Oct 24 11:22:31 +0000 2010)

@AcidRampage a possible definition of “exploit” : A computer program abusing one or more unexpected purpose for a given computer program.

(Originally on Twitter: Sun Oct 24 13:32:39 +0000 2010)

just posted - The “Open Access Movement” depends on Free Software http://fo.vc/o #openaccess #OAW2010 #science

(Originally on Twitter: Sun Oct 24 14:35:41 +0000 2010)

Finally, an academic paper calls into question the merit of continuing the practice of password expiration. - http://fo.vc/p #infosec

(Originally on Twitter: Sun Oct 24 16:56:26 +0000 2010)

want to make a lightning talk during hack.lu 2010 send us the title at info AT hack.lu… #hacklu #infosec #hack.lu

(Originally on Twitter: Mon Oct 25 20:38:47 +0000 2010)

Agenda PDF updated for hack.lu 2010 #hacklu #hack.lu http://2010.hack.lu/archive/2010/hacklu2010.pdf

(Originally on Twitter: Wed Oct 27 08:26:08 +0000 2010)

PDF Malware analysis workshop today at 11:00 AM and in the main Europe room (more space) #hack.lu #hacklu

(Originally on Twitter: Wed Oct 27 08:28:41 +0000 2010)

Back from hack.lu 2010 and already discussing planning for hack.lu 2011…. Very fun and thanks to everyone for their support. #hacklu

(Originally on Twitter: Fri Oct 29 18:58:33 +0000 2010)

@xme @raf_iot thank you too for your great contribution and good mood. #hacklu Hope to see you soon or at the next infosec conf…

(Originally on Twitter: Fri Oct 29 19:03:58 +0000 2010)

@esizkur thank you. It’s now in http://2010.hack.lu/archive/2010/ - Could you publish the lightning talk slides too? see you #hacklu

(Originally on Twitter: Fri Oct 29 19:22:28 +0000 2010)

RT @indi303: #hacklu watching a talk on WWW.netglub.org ! Badass fully opensource Intel gathering framework like Maltego but free.

(Originally on Twitter: Fri Oct 29 19:46:59 +0000 2010)

RT @xme: [/dev/random]: Hack.lu Day #3 Wrap-up http://blog.rootshell.be/2010/10/29/hack-lu-day-3-wrap-up/

(Originally on Twitter: Fri Oct 29 20:16:43 +0000 2010)

http://2010.hack.lu/archive/2010/ is slowly populated with the slides #hacklu #hack.lu

(Originally on Twitter: Fri Oct 29 20:26:06 +0000 2010)

@fluxfingers Thanks too. This was a great pleasure for us. We hope that we can host another crazy CTF from fluxfingers at #hacklu 2011…

(Originally on Twitter: Sun Oct 31 07:27:40 +0000 2010)

Facebook change quelques termes de son contrat d’utilisation… vie privée est maintenant confidentialité http://fo.vc/q #goodiff #quuxlabs

(Originally on Twitter: Sun Oct 31 08:53:02 +0000 2010)

RT @xme: Dear V€ndor$, I just would like to watch your documents or webcasts anonymously and not after filling a 25-fields form! #DontBugMe

(Originally on Twitter: Sun Oct 31 10:20:55 +0000 2010)

What the heck is truetwit.com? looks like another kind of phishing for Twitter users… #infosec #security #phishing

(Originally on Twitter: Sun Oct 31 10:36:42 +0000 2010)

Just 10,- YER (for someone to pick-and-carry again) + the carrier cost… The scheme is handy to avoid abusive custom taxes. @thierryzoller

(Originally on Twitter: Sun Oct 31 10:53:46 +0000 2010)

@thierryzoller As long as you can carry something from one place to another place, the scheme can be used for anything. What’s your point?

(Originally on Twitter: Sun Oct 31 10:58:22 +0000 2010)

@thierryzoller All the media articles are very vague on the topic… carrying explosive is very different than carrying an activated bomb.

(Originally on Twitter: Sun Oct 31 11:07:59 +0000 2010)

@eromang @thierryzoller “Amusing Ourselves to Death” of Neil Postman a good reading about the media and why we should not care about it…

(Originally on Twitter: Sun Oct 31 11:30:29 +0000 2010)

New flickr group for #hacklu - http://www.flickr.com/groups/1559269@N23/ feel free to post your photos there.

(Originally on Twitter: Sun Oct 31 13:39:22 +0000 2010)

just released Forban 0.0.22 ( fixing the silly start-up opportunistic bug ) http://foo.be/forban/ #p2p #lan #proximity

(Originally on Twitter: Mon Nov 01 14:15:37 +0000 2010)

RT @ProjectHoneynet: Project Honeynet releases Analyzing Malicious Portable Destructive Files Challenge (FC6): http://bit.ly/bOhDt7 #hon …

(Originally on Twitter: Mon Nov 01 14:45:54 +0000 2010)

FTC named Ed Felten as Agency’s Chief Technologist - http://www.ftc.gov/opa/2010/11/cted.shtm - excellent news…

(Originally on Twitter: Thu Nov 04 19:28:20 +0000 2010)

The Streisand effect will hit Microsoft regarding the free software driver bounty for the Kinect… http://fo.vc/r #interoperability #dmca

(Originally on Twitter: Sat Nov 06 07:16:19 +0000 2010)

Just received my Kindle and my first stupid question : “Why epub is not supported by default on the Kindle?” the reason is not technical…

(Originally on Twitter: Mon Nov 08 21:27:28 +0000 2010)

Don’t trust a barcamp named “collaborative hacking” when the organizer told you that “git” has nothing to do with collaboration… #fail

(Originally on Twitter: Tue Nov 09 20:02:04 +0000 2010)

Si vous voulez le dernier Michel Houellebecq en version électronique, il y a une version en CC-BY-SA. http://fo.vc/s #copyrightdelirium

(Originally on Twitter: Tue Nov 09 20:14:32 +0000 2010)

RT @cdaffara: It must be divine justice, after all the talk during our ISO sessions that IPR in standards is a good thing.

(Originally on Twitter: Tue Nov 09 21:48:20 +0000 2010)

and hop… there is now a minimal free driver done in 3 hours for the Kinect - http://fo.vc/t - #reversing

(Originally on Twitter: Wed Nov 10 21:17:27 +0000 2010)

@raf_iot Funny, I recently implemented a ssh black list merger to analyze recurring offending hosts… we should share the techniques.

(Originally on Twitter: Fri Nov 12 22:16:06 +0000 2010)

quickly made a Perl module to access RIPE RIS - Net::Whois::RIS - to have an accurate IP-to-ASN mapping… http://fo.vc/u

(Originally on Twitter: Sat Nov 13 09:00:48 +0000 2010)

@kabel I made a quick&ugly one : https://gist.github.com/676046 showing ASN and Country using IP::Country::Fast and Net::Whois::RIS #perl

(Originally on Twitter: Sun Nov 14 09:51:40 +0000 2010)

@AlainGerlache Il serait bon d’expliquer aux journalistes de la RTBF l’utilité des zones inondables au lieu de faire du direct pour rien…

(Originally on Twitter: Sun Nov 14 10:13:26 +0000 2010)

@xme Very interesting. I see an use of GNU Parallel to split the IPv4 space/hostname space on manyjobs/hosts. Just need an arg in your file

(Originally on Twitter: Sun Nov 14 11:28:37 +0000 2010)

http://phrack.org/issues.html?issue=67 The new Phrack 67 is out and again it’s a piece of art… #infosec #phrack

(Originally on Twitter: Wed Nov 17 20:44:56 +0000 2010)

Again today, the Banksy’s quote is verified : “People who enjoy waving flags don’t deserve to have one” #belgium #belgique

(Originally on Twitter: Thu Nov 18 19:38:44 +0000 2010)

@rbidule The Stuxnet effect is going beyond its technical implication. Stuxnet is even more efficient on the psychological aspect…

(Originally on Twitter: Thu Nov 18 19:44:08 +0000 2010)

@rbidule except if this is the whole purpose of their sponsors.. look at the C&C proto easy to detect (compared to Zeus or alike). #stuxnet

(Originally on Twitter: Thu Nov 18 20:03:01 +0000 2010)

Firefox should be able to display (and browse) xpi file content before add-ons installation… #infosec @mozillaorg

(Originally on Twitter: Fri Nov 19 10:26:45 +0000 2010)

@xme maybe you should mention to your customer about RBS Worldpay case and where the logs played a vital role for restoring the service…

(Originally on Twitter: Sat Nov 20 09:36:00 +0000 2010)

RT @Slate: Does the TSA ever catch terrorists? http://slate.me/aOB6vm

(Originally on Twitter: Sat Nov 20 10:04:17 +0000 2010)

I took some notes about my recent acquisition/use of the Kindle 3 e-book reader - http://fo.vc/v #kindle #books #ebooks

(Originally on Twitter: Sat Nov 20 11:49:03 +0000 2010)

One more time, the “gzip –rsyncable” option saves me from a never ending rsync… #whyyoushouldreadthemanpages #unix

(Originally on Twitter: Sun Nov 21 15:10:03 +0000 2010)

#planB The only decision to take is to remove the boundaries and let people live freely wherever they want. A nation is an outdated concept.

(Originally on Twitter: Sun Nov 21 19:53:25 +0000 2010)

@EvaRuwe Dreaming seems much more close to reality than any of the media bullsh*t like #planB, #byebyebelgium <- #Despektakelmaatschappij

(Originally on Twitter: Mon Nov 22 19:12:45 +0000 2010)

If you forgot, it’s time to make a donation to Wikipedia… I made one as usual. #wikipedia

(Originally on Twitter: Mon Nov 22 20:27:10 +0000 2010)

Maybe I should avoid to reverse engineer an evil binary while listening to “Alien Vampies” - EBM and malware don’t mix very well tonight.

(Originally on Twitter: Tue Nov 23 20:02:38 +0000 2010)

@xme looks like 2600 (without the monthly letters and the payphone fun) - it seems very low tech and low quality…

(Originally on Twitter: Wed Nov 24 21:09:53 +0000 2010)

Another good reason, to avoid the use of cryptography on virtual and non-virtual shared computers - http://eprint.iacr.org/2010/594

(Originally on Twitter: Wed Nov 24 21:27:45 +0000 2010)

RT @sans_isc: Local privilege escalation exploit published, affects most versions of Windows: http://goo.gl/8cmyC (via @sans_isc)

(Originally on Twitter: Wed Nov 24 22:00:41 +0000 2010)

@eromang I think the prudent approach is to change the password/api key of all your account/services below the domain secunia.com

(Originally on Twitter: Thu Nov 25 14:39:43 +0000 2010)

RT @hteso: New Pyew revision features “Code analyzer for x86 completely rewritten from scratch” and many bugs fixed. http://cort.as/0PjB

(Originally on Twitter: Thu Nov 25 15:55:36 +0000 2010)

@xme hack.lu 2011 will be the 20-21 September

(Originally on Twitter: Sat Nov 27 19:59:35 +0000 2010)

@xme a complete week of infosec pleasure… hack.lu, TF-CSIRT and BruCON. Hope to see you there.

(Originally on Twitter: Sat Nov 27 20:11:02 +0000 2010)

Lecture du magazine #Rue89 qui n’aime pas Wikileaks. Il devrait promouvoir plus de Wikileaks ou cryptome dans nos sociétés…

(Originally on Twitter: Sat Nov 27 21:21:41 +0000 2010)

RT @jedisct1: Quick patch in order to experiment w/ an increased TCP’s initial window on #openbsd http://bit.ly/f49rvS

(Originally on Twitter: Sun Nov 28 09:36:16 +0000 2010)

“De-Anonymizing Web Communities with Gravatar” http://fo.vc/w - using a pre-image hash attack to de-anonymize Gravatar hash

(Originally on Twitter: Sun Nov 28 09:36:56 +0000 2010)

just posted “Why Do We Need More Wikileaks and Cryptome ?” http://fo.vc/x

(Originally on Twitter: Sun Nov 28 11:48:26 +0000 2010)

@thierryzoller I suppose people will invent something new and increase the diversity of leaking platforms just like the full-disclosure list

(Originally on Twitter: Sun Nov 28 12:59:35 +0000 2010)

@sam280 Yes, I think so too. Maybe it’s the beginning of their diversity… by two very different technique of releasing content.

(Originally on Twitter: Sun Nov 28 13:08:02 +0000 2010)

@sam280 I don’t know. Maybe we need more leaking platforms operated by a community instead being only run by an “individual”

(Originally on Twitter: Sun Nov 28 13:41:04 +0000 2010)

@Frederiqueries Could you explain your #ACTA vote at the parliament? http://fo.vc/y - It’s not really supporting EU citizen freedom…

(Originally on Twitter: Sun Nov 28 15:48:50 +0000 2010)

Reading the #cablegate and maybe, you should type “dig -t SOA sgov.gov” in your favorite vty… #wikileaks

(Originally on Twitter: Sun Nov 28 21:17:11 +0000 2010)

@bortzmeyer it just exists within SIPRnet as an internal domain. Interesting, this is giving information about some IP network ops.

(Originally on Twitter: Sun Nov 28 21:30:52 +0000 2010)

Still no patch for RtlQueryRegistryValues() escalation? VU#529673 #win32

(Originally on Twitter: Mon Nov 29 10:53:15 +0000 2010)

RT @Ivanlef0u: hack.lu CTF - Challenge 12 WriteUp http://bit.ly/hQoHxi

(Originally on Twitter: Mon Nov 29 20:12:17 +0000 2010)

Looking at my logs, “P.Arthur 1.1” robot is a crappy HTTP bot but it is crawling in IPv6…

(Originally on Twitter: Mon Nov 29 20:13:46 +0000 2010)

History is just repeating itself : Virus.DOS.Tchantches is now called Trojan-Ransom.Boot.Seftad - http://fo.vc/z #virus

(Originally on Twitter: Tue Nov 30 09:10:38 +0000 2010)

@thierryzoller If you are talking about #GooDiff, it could be possible as the back-end software is just tracking web pages. http://fo.vc/L

(Originally on Twitter: Tue Nov 30 21:53:07 +0000 2010)

@thorstenholz @mikkohypponen no worries just like the Adobe Flexnet license manager writing in the MBR after every launch… #fun

(Originally on Twitter: Wed Dec 01 12:49:14 +0000 2010)

I like the tag #whereisjulian especially when we are just drinking a warm cup of Assam tea in the south of Belgium.

(Originally on Twitter: Wed Dec 01 19:32:44 +0000 2010)

RT @laurentchemla: Quand on répond n’importe quoi aux questions indiscrètes des sites de vente, on se fait souhaiter un bon anniversaire …

(Originally on Twitter: Wed Dec 01 19:38:49 +0000 2010)

An interesting Java decompiler https://github.com/akkumar/jreversepro #reversing

(Originally on Twitter: Wed Dec 01 20:46:16 +0000 2010)

RT @iseclaborg: Our paper on detecting malicious domains by passively analyzing DNS is now online: http://bit.ly/gTo7hX. Blog post to fo …

(Originally on Twitter: Wed Dec 01 20:50:33 +0000 2010)

@xme “Bulletproof providers” protecting C&C? only when requested by law enforcement or do we talk about some “underground” ISP ;-)

(Originally on Twitter: Thu Dec 02 15:09:27 +0000 2010)

@xme Right, that’s why they use a complete route object to have their own abuse-mailbox in the whois database. More the underground ISP…

(Originally on Twitter: Thu Dec 02 15:20:30 +0000 2010)

Tip of the day : If you are a savannah.gnu.org user, reset your password. #gnu #infosec

(Originally on Twitter: Thu Dec 02 18:29:32 +0000 2010)

RT @bayartb: wikileaks.fdn.fr #wikileaks done.

(Originally on Twitter: Fri Dec 03 15:46:40 +0000 2010)

RT @pbeyssac: Expérience de DNS immune aux DoS : pointez wikileaks.<votre domaine> sur 46.59.1.2, 213.251.145.96, etc et annoncez- …

(Originally on Twitter: Fri Dec 03 19:35:42 +0000 2010)

is listening to “Liaisons dangereuses” - “Los niños del parque” #music #electronicmusic - so great, so simple and so in-temporal.

(Originally on Twitter: Fri Dec 03 20:04:52 +0000 2010)

@xme @FunkySteph #FF Hope you enjoyed your Friday as much as I do. Cyberspace is so great those days…

(Originally on Twitter: Fri Dec 03 21:23:34 +0000 2010)

RT @ViRAms: [European Central Bank] Recent Advances in Modelling Systemic Risk using Network Analysis (Jan. 2010) [PDF] http://bit.ly/h2la3E

(Originally on Twitter: Sat Dec 04 07:18:02 +0000 2010)

I completely overlooked that jabber.org moved away from Free Sofware (ejabberd) to proprietary software (M-Link). What a shame.. #jabber.org

(Originally on Twitter: Sat Dec 04 17:13:00 +0000 2010)

@security4all for the #wikileaks mirror, I highly recommend to make a chroot/jail (-> jailkit) for the wikileaks account on your server

(Originally on Twitter: Sun Dec 05 16:52:22 +0000 2010)

@obra don’t you miss the eInk and can we read easily “RT essentials” as we do on the Kindle 3 with strong sunlight?

(Originally on Twitter: Sun Dec 05 17:15:24 +0000 2010)

@ioerror Is there already a prototyped implementation of mpOTR somewhere? #OTR

(Originally on Twitter: Sun Dec 05 20:53:04 +0000 2010)

RT @ioerror: Secure group chat with Mutli party OTR: http://www.cypherpunks.ca/~iang/pubs/mpotr.pdf

(Originally on Twitter: Sun Dec 05 20:54:08 +0000 2010)

RT @btabaka: #Wikileaks: pas d’autorisation judiciaire pour suspendre l’hébergement car OVH ne justifie pas de la nécessité http://bit.l …

(Originally on Twitter: Mon Dec 06 19:07:25 +0000 2010)

Even if I’m familiar about Whitfield Diffie’s work for long time, I didn’t know that he was also the initial inventor of #powerpoint

(Originally on Twitter: Mon Dec 06 19:45:41 +0000 2010)

RT @ioerror: If any harm comes to Julian, an entire generation will be radicalized.

(Originally on Twitter: Tue Dec 07 10:52:26 +0000 2010)

Changing a bit ~ubuntu-core-dev/cryptsetup/ubuntu/lib/setup.c don’t worry, it’s just for a proof-of-concept…

(Originally on Twitter: Tue Dec 07 21:25:39 +0000 2010)

The funsec mailinglist is not fun in those days.

(Originally on Twitter: Tue Dec 07 21:57:30 +0000 2010)

RT @FIRSTdotOrg: Happy Monday! 2011 Call for Speakers closes this Friday 12/10. Visit http://bit.ly/9uEJUj for more info. #cybersecurity

(Originally on Twitter: Wed Dec 08 12:17:34 +0000 2010)

http://www.romab.com/ironfox/ - Sanboxed Firefox wrapper for MacOS - I hope this will be a default Firefox feature in a near future…

(Originally on Twitter: Wed Dec 08 19:47:10 +0000 2010)

@peter_v The market-driven cs languages books are usually quickly outdated. Looking at my bookshelves: C, Lisp, Prolog are still there.

(Originally on Twitter: Wed Dec 08 20:11:34 +0000 2010)

If you are using Exim, look at : http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html -> apt-get install postfix #infosec

(Originally on Twitter: Thu Dec 09 15:52:49 +0000 2010)

released Forban 0.0.23 http://foo.be/forban/ - some bug fixes and thanks to @SteveClement and @rommelfs for their harsh testing #p2p

(Originally on Twitter: Thu Dec 09 20:40:36 +0000 2010)

It’s now official Java is dead. http://fo.vc/M

(Originally on Twitter: Thu Dec 09 21:20:45 +0000 2010)

@0x58 Yep, finally more space for Python, Ruby, Prolog, Lisp, Scala, Perl, Go, Arc, Scheme, Haskell or even BF… #javaisdead

(Originally on Twitter: Thu Dec 09 21:48:01 +0000 2010)

@jepoirrier Good question. Can you image Hadoop and Pig relying on Python instead of Java? Maybe I’m dreaming and I should get up…

(Originally on Twitter: Fri Dec 10 08:01:49 +0000 2010)

What’s your bet? BLAKE, Grøstl, Keccak, JH or Skein? Maybe BLAKE? We will know in 2012… #sha-1 #crypto #hash #nist

(Originally on Twitter: Fri Dec 10 18:50:32 +0000 2010)

RT @naypinya: Code source for the new IA BookReader with TTS, touch, support for full text search and more at (github) - http://bit.ly/g …

(Originally on Twitter: Fri Dec 10 19:33:11 +0000 2010)

I liked to purchase a device from a second-hand market and finding a CA’s private key from the supplier in the equipment… #infosec #pki

(Originally on Twitter: Sun Dec 12 10:11:31 +0000 2010)

extended traceroute-cirl to output Google Maps js code http://fo.vc/N - a sample (from BE to AU) : http://fo.vc/O #netvis

(Originally on Twitter: Sun Dec 12 18:51:06 +0000 2010)

Why public libraries disappear? It’s not the Internet but the editors that want to get rid of those public space. We need them on Internet.

(Originally on Twitter: Sun Dec 12 21:17:49 +0000 2010)

The verified boot in Chromium OS is solving some issues to avoid the tampering of the boot process with encrypted partition http://fo.vc/P

(Originally on Twitter: Tue Dec 14 19:55:33 +0000 2010)

@mikkohypponen Could be an issue but that’s the only mirror remaining of the old wikileaks “database”. Do you know any other old mirrors?

(Originally on Twitter: Tue Dec 14 21:15:45 +0000 2010)

YouTube privacy notice changed to add advertising from other advertising companies - http://fo.vc/Q #privacy #goodiff

(Originally on Twitter: Tue Dec 14 22:23:18 +0000 2010)

The watcher list of github is nifty especially for such tool like LOIC (Low Orbit Ion Cannon ) http://fo.vc/R #DoS #infosec

(Originally on Twitter: Wed Dec 15 10:26:19 +0000 2010)

RT @aloria: I think @Time just got confused– we wanted the dude whose leaks scare the government, not the one whose leaks upset 15 year …

(Originally on Twitter: Wed Dec 15 14:14:59 +0000 2010)

A clever mix between a readable language and the Erlang VM - http://reia-lang.org/ looks very promising #programming

(Originally on Twitter: Wed Dec 15 20:53:15 +0000 2010)

RT @thomashawk: An open letter to Carol Bartz, CEO Yahoo Inc. http://goo.gl/YbxcY

(Originally on Twitter: Wed Dec 15 21:12:36 +0000 2010)

RT @xme: [/dev/random]: Iptables Logs Mapping on GoogleMaps http://blog.rootshell.be/2010/12/15/iptables-logs-mapping-on-googlemaps/

(Originally on Twitter: Thu Dec 16 09:08:24 +0000 2010)

RT @NeelieKroesEU: Good luck to everyone joining #eurostat hackday today! In 5 cities and on IRC http://eurostat.okfn.org/

(Originally on Twitter: Thu Dec 16 09:29:31 +0000 2010)

@xme just like security certification (e.g. ISO 27001) where people focus on certification instead of doing the real work of securing…

(Originally on Twitter: Thu Dec 16 09:40:24 +0000 2010)

Vulnerability in the PDF distiller of the BlackBerry Attachment Service (BES) - http://fo.vc/T #infosec #blackberry

(Originally on Twitter: Thu Dec 16 15:21:31 +0000 2010)

del.icio.us is now officially killed by Yahoo! I really hope it’s a winter joke… @Delicious #delicious

(Originally on Twitter: Thu Dec 16 19:59:28 +0000 2010)

http://fo.vc/U - a quick comparison between “endive” and “chicon” in the new Google Labs Books Ngram viewer #nlp #googlebooks

(Originally on Twitter: Thu Dec 16 23:02:18 +0000 2010)

@cryptbin Why don’t you do some mcrypt-like functions in javascript already on the client side? to avoid clear-text on server side. #crypto

(Originally on Twitter: Thu Dec 16 23:13:45 +0000 2010)

In front of my desk, I have two colleagues trying to plug a phone in a computer. Looks like an IT crowd scene….

(Originally on Twitter: Fri Dec 17 16:06:47 +0000 2010)

@RIPE_NCC Looking for a way to look-up prefixes announced by an ASN, I used your Ajax API at RIPE RIS - http://fo.vc/V why not the whois?

(Originally on Twitter: Fri Dec 17 21:44:08 +0000 2010)

The funky Perl module of the day : “Sub::Frequency - Run code blocks according to a given probability” might be useful in some cases…

(Originally on Twitter: Sat Dec 18 08:49:56 +0000 2010)

RT @ddenis: The move to cloud computing is unstoppable – but WikiLeaks gives us pause: http://bit.ly/hazOyQ #etraces

(Originally on Twitter: Sat Dec 18 09:07:09 +0000 2010)

begins a RFC 2196 mapping and annotation project with the non-publicly accessible ISO 27001 standards - http://rfc2196.foo.be/

(Originally on Twitter: Sun Dec 19 18:05:10 +0000 2010)

RT @olg: Copie privée: la lecture de http://www.copieprivee.culture.gouv.fr/IMG/pdf/CR_15_novembre_2010.pdf est édifiante.

(Originally on Twitter: Mon Dec 20 11:34:25 +0000 2010)

@courts Excellent. “A free security service that audits your web.config settings.” and collects your sensitive intormation too ;-)

(Originally on Twitter: Mon Dec 20 11:42:37 +0000 2010)

RT @peteskomoroch: Former delicious PM: Yahoo could proactively release corpus of publicly-shared bookmarks & tags http://bit.ly/fTf1k5

(Originally on Twitter: Mon Dec 20 16:31:07 +0000 2010)

@courts They should take the opportunity to review all the CBC-mode algorithms and especially Blowfish #blf_cbc_encrypt() #crypto

(Originally on Twitter: Mon Dec 20 16:42:32 +0000 2010)

@elise_huard don’t use hash + salting. Use either HMAC or bcrypt with a cost value for the hashing. #crypto

(Originally on Twitter: Mon Dec 20 16:44:53 +0000 2010)

During a pentest, I recalled saying “if there is a rogue smart-card” and the vendor saying “No worries, we customized OpenSC” http://fo.vc/X

(Originally on Twitter: Mon Dec 20 17:09:24 +0000 2010)

@Aldiko instead of promoting DRM-aware products, you should provide a nice interface to Usenet e-books download ;-)

(Originally on Twitter: Tue Dec 21 12:29:08 +0000 2010)

Where’s the “dislike” button? An initiative from the Free Software Foundation http://fo.vc/Y

(Originally on Twitter: Tue Dec 21 20:57:54 +0000 2010)

If you have too many bitcoins, you can transfer them on my account : 1Koeg6s1eEQCBRYaP56w23sqJKiy9bfymr ;-) #p2p #bitcoin

(Originally on Twitter: Wed Dec 22 20:33:12 +0000 2010)

updated Forban 0.0.24 - bug fixes release - http://www.foo.be/forban/ #p2p #lan

(Originally on Twitter: Wed Dec 22 21:55:36 +0000 2010)

@bortzmeyer traceroute –with-xml-overhead ;-)

(Originally on Twitter: Wed Dec 22 22:21:07 +0000 2010)

@mir_ripe_labs Nice article. Is the complete dataset of “ASN Ranking Correlations Between Spam Blocklists” publicly available?

(Originally on Twitter: Thu Dec 23 11:28:46 +0000 2010)

Sur mon abonnement #SNCB, il est marqué de Luxembourg vers Marbehan. Pas “terminus à Arlon ensuite, débrouillez vous…” #fail

(Originally on Twitter: Fri Dec 24 10:29:33 +0000 2010)

RT @seeedstudio: DSO Quad is amazing, it supports 4 channel, 36 MHz bandwidth, (Can be over-clock to 72 MHz).

(Originally on Twitter: Fri Dec 24 11:00:47 +0000 2010)

Is this coding scheme http://arxiv.org/abs/1012.5174 the return of FHSS as a security measure? I’m scared… #infosec

(Originally on Twitter: Fri Dec 24 11:10:00 +0000 2010)

Major update in the LiveJournal privacy policy http://fo.vc/Z #goodiff #privacy #livejournal #tos

(Originally on Twitter: Fri Dec 24 14:04:51 +0000 2010)

Linus is right : “security bugs are not different from any other bugs” > all #bugs are about #security and Microsoft just prove it again…

(Originally on Twitter: Fri Dec 24 15:34:57 +0000 2010)

@eromang Yep, it looks like. Happy holidays too.

(Originally on Twitter: Fri Dec 24 15:38:34 +0000 2010)

The letter sent by Ross Anderson (Cambridge University) to UK Cards Association is a pleasure of #responsible #disclosure : http://fo.vc/10

(Originally on Twitter: Sat Dec 25 16:55:22 +0000 2010)

Advice today : “don’t underestimate an old-style forum with active users, it’s often more efficient than web 2.0” #internet #collaboration

(Originally on Twitter: Sat Dec 25 21:36:55 +0000 2010)

Dear @oreillymedia I’m sure there is a market for an updated version of “Network security with OpenSSL” especially for ECDSA aspects #crypto

(Originally on Twitter: Sun Dec 26 14:07:37 +0000 2010)

@i0n1c “The Rootkit arsenal” (2009) is still very interesting even if the sample code is sometimes very buggy. #infosec #malware

(Originally on Twitter: Sun Dec 26 14:23:29 +0000 2010)

“The Transistor level 6502 Hardware Simulation in Javascript” http://fo.vc/12 - an incredible beast made in Javascript #6502 #cpuhistory

(Originally on Twitter: Sun Dec 26 20:02:24 +0000 2010)

is wondering ways to improve the #bitcoin p2p bootstrap protocol - http://btc.fo.vc/ (current experiment via HTTP)

(Originally on Twitter: Sun Dec 26 21:33:53 +0000 2010)

“Analysis of Computer Science Communities Based on DBLP” - http://arxiv.org/abs/1012.5396 a nice and concise paper about #cs communities

(Originally on Twitter: Mon Dec 27 09:01:37 +0000 2010)

@venturehacks Just because large sites provide services but don’t provide privacy services… http://www.goodiff.org/ #privacy

(Originally on Twitter: Mon Dec 27 21:34:32 +0000 2010)

Any proud user of a nVidia TESLA C2050 board for hashing (SHA-256)? I’m looking for SHA-256 benchmarks #crypto #cuda #gpu

(Originally on Twitter: Mon Dec 27 22:40:37 +0000 2010)

By using the leak feed API ( http://api.leakfeed.com ), I saw a cable about US government support of Monsanto (MON810) http://fo.vc/13 #GMO

(Originally on Twitter: Tue Dec 28 09:21:38 +0000 2010)

Finally an Internet-Draft for enforcing HTTP over TLS at the client side “HTTP Strict Transport Security (HSTS)” http://fo.vc/14

(Originally on Twitter: Tue Dec 28 18:57:22 +0000 2010)

Looking at my notes, Tor exit node model improvement : “every Tor client should be an exit at a random interval for a short time’ #tor #wth

(Originally on Twitter: Tue Dec 28 19:08:04 +0000 2010)

@kabel yes but the objective is privacy not speed and that would limit the incentive to run a stable Tor exit node for interception.

(Originally on Twitter: Tue Dec 28 19:13:32 +0000 2010)

Expérience du jour dans un magasin “Avez-vous la carte de réduction” - “ Non, ma vie privée est mieux qu’une carte de réduction !” #privacy

(Originally on Twitter: Tue Dec 28 20:03:11 +0000 2010)

@fboule It’s pretty clear. Instead of having to set explicity in your Tor configuration that you are an exit node, it’s randomly allocated.

(Originally on Twitter: Wed Dec 29 19:20:47 +0000 2010)

with this bloody BCM4322 proprietary driver, I got a satellite link latency while being at 2 meters of my 802.11 access-point. #broadcom

(Originally on Twitter: Wed Dec 29 21:12:55 +0000 2010)

@rfc1149 ;-) Right, a CAT5-E cable is very handy to download one of those binary object for those brain damaged wireless chipsets…

(Originally on Twitter: Wed Dec 29 21:28:47 +0000 2010)

RT @xme: New NIST document released: Guidelines for the secure deployment of IPv6 - http://bit.ly/hBVRKF <- a must read before IPv4ca …

(Originally on Twitter: Wed Dec 29 21:35:19 +0000 2010)

Mentioning the ECDSA updates required for the OpenSSL book, It seems that Sony is anxiously waiting for its publishing #crypto #crypoishard

(Originally on Twitter: Thu Dec 30 20:30:42 +0000 2010)

@dakami Difficult. There are some experiments like muXTCP, S3 (Scheme) and even the crazy libUTP (~TCP). @bortzmeyer

(Originally on Twitter: Thu Dec 30 20:43:43 +0000 2010)

“Amazon Kindle loan” is how to create scarcity where it didn’t exist. #ebooks #freesociety #kindle

(Originally on Twitter: Thu Dec 30 21:22:30 +0000 2010)

@AlainGerlache “La création de richesses” devrait se nommer “les indicateurs de richesses” cf. André Gorz (L’immatériel) #PIB ~#FAIR

(Originally on Twitter: Fri Dec 31 08:31:53 +0000 2010)

Software is living organism and you have to manage your software like a living organism. #infosec #patch

(Originally on Twitter: Fri Dec 31 08:40:15 +0000 2010)

RT @torproject: the whole thread on the 27C3 discussion starts here, http://archives.seul.org/or/talk/Dec-2010/msg00253.html

(Originally on Twitter: Fri Dec 31 13:36:36 +0000 2010)

Just before 2011, Forban 0.0.25 released (easier to use out of the box + Forban Bash client PoC) - https://github.com/adulau/Forban

(Originally on Twitter: Fri Dec 31 16:02:45 +0000 2010)

posted http://fo.vc/15 “Often I’m Wrong But Not Always…” or one of my commitment for next years. #blog #innovate #doocracy #takingnotes

(Originally on Twitter: Sat Jan 01 11:08:00 +0000 2011)

Why some free software dev. still use for new projects the crappy sourceforge.net website? When you have gitorious.org ? #git #freesoftware

(Originally on Twitter: Sat Jan 01 11:24:48 +0000 2011)

@fcouchet Les normes ISO/IEC enfin libres, la suppression des brevets existants sur les logiciels/vivant et un droit d’auteur de 20 ans max.

(Originally on Twitter: Sat Jan 01 11:47:45 +0000 2011)

@RIPE_NCC FYI, whois.ripe.net (whois.db.ipv6.ripe.net) in IPv6 is not accessible via sixxs.

(Originally on Twitter: Sat Jan 01 11:52:29 +0000 2011)

@xme might be my open WiFi or the one from Bruce Schneier http://fo.vc/16 By the way, happy new year !

(Originally on Twitter: Sat Jan 01 12:28:55 +0000 2011)

140 char is not really covered by copyright… wait, seeing at DMCA takedown notices for Twitter http://fo.vc/17 -> #copyrightdelirium

(Originally on Twitter: Sat Jan 01 14:27:44 +0000 2011)

@sourceforge where to start? get rid of the intrusive advertising, simplify downloading interface and improve git support. hope this helps.

(Originally on Twitter: Sat Jan 01 18:38:19 +0000 2011)

just found that the YubiKey allows to reset the AES private key from the token. I need to test it with other HOTP solution if this works.

(Originally on Twitter: Mon Jan 03 20:33:46 +0000 2011)

42 registry is an interesting experiment. My “dig -t A www.nic.42” just works. If you are curious, http://42registry.org/ #dns #icann #free

(Originally on Twitter: Mon Jan 03 21:05:01 +0000 2011)

http://fo.vc/18 Logstash seems to be a promising free software alternative to Splunk or similar closed tools… #SIEMS #logging

(Originally on Twitter: Wed Jan 05 21:08:59 +0000 2011)

#begov #nogov “Le bordel Belge est récursif mais on ne sait jamais si on va sortir de la récursion…” #surrealism

(Originally on Twitter: Thu Jan 06 19:38:15 +0000 2011)

The today’s quote for the software vendor who is again blaming security researchers “Fix your code and stop whining” #infosec

(Originally on Twitter: Thu Jan 06 20:11:54 +0000 2011)

What’s the difference between “responsible disclosure” and “coordinated vulnerability disclosure”? The last is just adding 6 months more

(Originally on Twitter: Fri Jan 07 08:41:36 +0000 2011)

Want to see the differences in the legal terms after the introduction of the “Mac App Store”? http://fo.vc/1b #goodiff #apple #tos

(Originally on Twitter: Sat Jan 08 08:56:42 +0000 2011)

RT @daveaitel: Two girls race to top of US-Mexico fence in 15 seconds http://dlvr.it/Cw0rG

(Originally on Twitter: Sat Jan 08 11:31:47 +0000 2011)

@0x58 I’ll be at FOSDEM. At least for the lightning talks, I have 15 minutes to present Forban and its crazy idea #p2p #fosdem

(Originally on Twitter: Sat Jan 08 13:37:55 +0000 2011)

RT @birgittaj: Good article by Greenwald: DOJ subpoenas Twitter records of several WikiLeaks volunteers http://shar.es/XUoIT

(Originally on Twitter: Sat Jan 08 17:08:29 +0000 2011)

Looking at the excellent article made by @xme about MySQL logging with UDF, I was wondering if there is an UDF extension with #redis support

(Originally on Twitter: Sat Jan 08 17:35:02 +0000 2011)

@GutenbergNews How do you generate the Mobipocket files in the Gutenberg Project? PGTEI 0.4 doesn’t seem to support Mobipocket. Thanks.

(Originally on Twitter: Sat Jan 08 22:01:46 +0000 2011)

just committed wikirc2text to ease the sending of Wiki RC to XMPP (sendxmpp) without flooding with the same changes… http://fo.vc/1c

(Originally on Twitter: Sun Jan 09 17:56:03 +0000 2011)

http://fo.vc/1d The data devroom at #FOSDEM looks very promising. From Hadoop Pig, PyF to a talk about the use of Mongo.DB for Wikileaks

(Originally on Twitter: Sun Jan 09 19:29:19 +0000 2011)

http://fo.vc/1e OpenSSH-5.7 is looking for testers, this version now includes ECDH and ECDSA #openssh

(Originally on Twitter: Mon Jan 10 13:49:25 +0000 2011)

@0x58 Maybe TorChat should use OTR or MP-OTR to limit traffic analysis. #tor #otr #privacy http://www.cypherpunks.ca/otr/

(Originally on Twitter: Mon Jan 10 20:26:57 +0000 2011)

@duckduckgo what do you mean by “substantively updated” in your updated privacy policy? http://fo.vc/1f thank you

(Originally on Twitter: Mon Jan 10 20:36:22 +0000 2011)

@duckduckgo I think so if that is not a semantic change. By the way, could you provide a text/plain URL for GooDiff.org and others? Thanks

(Originally on Twitter: Mon Jan 10 21:45:13 +0000 2011)

Why it takes so long to have a fix for the Security Advisory MS 2488013? #microsoft #infosec

(Originally on Twitter: Tue Jan 11 18:45:59 +0000 2011)

@mytweet_id arf arf, exactly Microsoft should provide a link to alternative browsers when publishing their IE security advisories.

(Originally on Twitter: Tue Jan 11 18:52:31 +0000 2011)

RT @ioerror: The forensic specialist (who was friendly) explained that EnCase and FTK, with a write-blocker inline were unable to see th …

(Originally on Twitter: Wed Jan 12 20:39:07 +0000 2011)

réseaux sociaux et sécurité - doit-on les réinventer pour en éviter les attaques? http://fo.vc/1g #securite #social #freedom

(Originally on Twitter: Wed Jan 12 21:41:18 +0000 2011)

I really enjoy a fake /phpmyadmin/ default page especially when the attacker makes a cut-and-paste in the wrong form #infosec

(Originally on Twitter: Thu Jan 13 20:21:31 +0000 2011)

Node.js starts to be very interesting with the recent inclusion of TLS #nodejs

(Originally on Twitter: Thu Jan 13 22:12:02 +0000 2011)

RT @TopHackerNews: Fast Levenshtein distance using a Trie http://bit.ly/fXJ7Rz http://ff.im/-wyUjw

(Originally on Twitter: Sat Jan 15 16:48:10 +0000 2011)

http://lerecorddumonde.be/ is fun but completely missing the point. There are plenty of governments in #belgium one less is a good start…

(Originally on Twitter: Sat Jan 15 16:54:59 +0000 2011)

@eQuiNoX__ Good idea. hack.lu CTF at each edition of the hack.lu conference.

(Originally on Twitter: Sat Jan 15 19:22:23 +0000 2011)

@NeelieKroesEU Yes and also the power of free licenses like the GNU Free Documentation License or the CC BY-SA. #freedom #wikipedia

(Originally on Twitter: Sat Jan 15 19:28:31 +0000 2011)

http://fo.vc/1h Stuxnet scenario already evaluated in 2008 and 2009. Check page 55-60 of this presentation made at 2008 Automation Summit

(Originally on Twitter: Sun Jan 16 10:00:22 +0000 2011)

http://www.tcpdump.org/ is updated, great now libpcap and tcpdump is using #git as SCM -> will be easier to pull patches #infosec

(Originally on Twitter: Sun Jan 16 11:05:00 +0000 2011)

@fred_dela No worries, I don’t. I just believe that Belgium is a work of art. Nothing more.

(Originally on Twitter: Sun Jan 16 21:40:41 +0000 2011)

Forban 0.0.26 released - bug fixes - http://foo.be/forban/ - p2p -> sharing files locally with your neighbours

(Originally on Twitter: Mon Jan 17 21:00:28 +0000 2011)

RT @datenkeller: Call for Papers: Web 2.0 Security and Privacy 2011 Workshop (W2SP 2011) http://www.w2spconf.com/2011/cfp.html

(Originally on Twitter: Mon Jan 17 21:23:29 +0000 2011)

http://fo.vc/1i “SafeVchat: Detecting Obscene Content and Misbehaving Users in Online Video Chat Services” #chatroulette #science

(Originally on Twitter: Tue Jan 18 10:58:36 +0000 2011)

What? The W3C is doing a logo page for HTML5 in fixed width. Repeat after me : “fixed width design is a mistake”.

(Originally on Twitter: Tue Jan 18 18:37:11 +0000 2011)

http://fo.vc/1j The Microsoft Attack Surface Analyzer looks interesting but it’s only working on Windows 7 until now #infosec #malware

(Originally on Twitter: Tue Jan 18 18:54:53 +0000 2011)

Why the I-D Forward Secrecy Extensions for OpenPGP was never implemented? I’m looking for some background information #openpgp #crypto

(Originally on Twitter: Tue Jan 18 20:14:08 +0000 2011)

I’m sure there will be a black market for “incandescent lamp”. The pseudo-economical lamps are very slow to start, toxic and too complex.

(Originally on Twitter: Wed Jan 19 21:09:42 +0000 2011)

@theodric exactly. Energy efficiency is just a joke especially for short time light (as toilet light or storage room) as you have to wait…

(Originally on Twitter: Wed Jan 19 21:15:42 +0000 2011)

@bortzmeyer I used Tokyo Tyrant for different projects but recently moved them to redis. Just for a matter of flexibility with the redis API

(Originally on Twitter: Wed Jan 19 21:19:08 +0000 2011)

RT @s7ephen: Here is the paper for SoundMiner: a Proof-of-Concept Android trojan that uses Speech Recognition to steal CC numbers http:/ …

(Originally on Twitter: Wed Jan 19 21:48:41 +0000 2011)

@pbeyssac I’m still running my redis slave server with a SLAVEOF and a simple TCP redirector in client switching to slave when != reachable

(Originally on Twitter: Thu Jan 20 08:13:49 +0000 2011)

RT @mir_ripe_labs: Public demo sessions scheduled to develop a new RIPE NCC toolbox, called RIPEstat. Read on #RIPELabs: http://bit.ly/d …

(Originally on Twitter: Thu Jan 20 09:19:15 +0000 2011)

http://fo.vc/1k “An IPv6 Geographic Global Unicast Address Format” Internet-Draft seems nice but in practice? #ipv6 #geo

(Originally on Twitter: Thu Jan 20 21:13:47 +0000 2011)

@lensassaman I don’t know if Jamie failed but he proved that we need many years to reverse the dangerous tendency of industrial food.

(Originally on Twitter: Thu Jan 20 22:14:53 +0000 2011)

@lensassaman Right. I remember US friends visiting us saw our seeds preservation habit and asking why doing this if you can buy seeds…

(Originally on Twitter: Thu Jan 20 22:29:37 +0000 2011)

RT @UnGarage: RT @DaHammerstein: EU academic experts publish excellent critique of ACTA, ask rejection of text by EP. Support needed htt …

(Originally on Twitter: Fri Jan 21 07:11:24 +0000 2011)

@AppSecEU For your information, the link of the CfP is broken on your wiki. http://www.owasp.org/index.php/AppSecEU2011#tab=CFT_.26_CFP

(Originally on Twitter: Fri Jan 21 19:10:18 +0000 2011)

I now index the tweets in ElasticSearch via a Python script but it’s maybe the sign that I’m following too many people…

(Originally on Twitter: Fri Jan 21 20:56:49 +0000 2011)

RT @securityshell: Abusing HTTP Status Codes to Expose Private Information https://secure.grepular.com/Abusing_HTTP_Status_Codes_to_Expo …

(Originally on Twitter: Fri Jan 21 21:03:35 +0000 2011)

Sarcasm, I like those quarterly patches with a list of CVE numbers also fixing never mentioned vulnerabilities in the change log. #infosec

(Originally on Twitter: Sat Jan 22 18:02:29 +0000 2011)

@humanstxt Why do you use Key:Value (e.g. Chef:Juanjo Bernabeu) if you want it for human only? “The Chef is” would be more appropriate #fun

(Originally on Twitter: Sun Jan 23 10:19:24 +0000 2011)

@humanstxt I couldn’t resist to mention the three laws of robotics http://news.ycombinator.com/item?id=2132190 #robots

(Originally on Twitter: Sun Jan 23 10:32:57 +0000 2011)

just released Forban 0.0.27 - http://www.foo.be/forban/ - bug fixes and improvement in the bash client #p2p #sharing #local

(Originally on Twitter: Sun Jan 23 17:46:06 +0000 2011)

I’m feeling a bit dizzy with all those flags. What’s the use of a national flag? just to blindly follow some stupid statements. #shamebe

(Originally on Twitter: Sun Jan 23 17:52:47 +0000 2011)

RT @latrive: La recette pour cracker les DRM des ebooks de la FNAC est ici: http://bit.ly/ffrNcQ

(Originally on Twitter: Sun Jan 23 19:34:03 +0000 2011)

@bortzmeyer « Peut-on éteindre Internet ? » -> pour un pauvre citoyen du monde perdu dans les élucubrations politiques belges ;-)

(Originally on Twitter: Sun Jan 23 19:40:25 +0000 2011)

@FOSSpatents It’s not uncommon to have test case(s) shared between implementors to validate a specification. Case law exists on the topic.

(Originally on Twitter: Sun Jan 23 19:57:38 +0000 2011)

@FOSSpatents Not always, especially in interoperability test case. A hint No. 99-15852 (court of appeal). The tcode was from Harmony Project

(Originally on Twitter: Sun Jan 23 20:14:37 +0000 2011)

@FOSSPatents I hoped that you knew better that case. Even the infringing copies were allowed… especially to pursue the fair-use objective.

(Originally on Twitter: Sun Jan 23 20:20:54 +0000 2011)

@FOSSpatents read introduction paragraph (4) of No. 99-15852. (SONY COMPUTER ENTERTAINMENT INC v. CONNECTIX CORPORATION)

(Originally on Twitter: Sun Jan 23 20:27:05 +0000 2011)

RT @raf_iot: @adulau bgp ranking works. The new system is implemented and it uses less than 1Gb RAM for more than 30 days of ranks. 1/2

(Originally on Twitter: Mon Jan 24 05:36:17 +0000 2011)

@FOSSpatents Just like Android -> part of the building/reversing/testing process and even not used http://fo.vc/1l time to update your blog

(Originally on Twitter: Mon Jan 24 07:17:12 +0000 2011)

@FOSSpatents Sorry for updating the state-of-the-art of your office. What we have here is a fair use more than an infringement case. IM over

(Originally on Twitter: Mon Jan 24 07:35:11 +0000 2011)

@FOSSpatents Look at the specific test case suite, this is an interoperability/validating test for the policies. have a nice day. IM over

(Originally on Twitter: Mon Jan 24 07:44:14 +0000 2011)

RT @DidierStevens: Nice from Microsoft to offer a feature to bypass SRP and AppLocker. Quickpost coming up next week. Wrote details here …

(Originally on Twitter: Mon Jan 24 10:43:11 +0000 2011)

RT @xme: Making a tour of existing DLP solutions… Whatever you choose: know your data and data owners! It’s just a “dumb” tool!

(Originally on Twitter: Mon Jan 24 11:24:20 +0000 2011)

RT @NLnetLabs: Release day at NLnet Labs: besides NSD, #ldns and #Unbound released. http://tinyurl.com/ldns-1-6-8 http://tinyurl.com/unb …

(Originally on Twitter: Mon Jan 24 15:59:59 +0000 2011)

“The code injected to steal passwords in Tunisia” - http://fo.vc/1m - another good reason to look carefully at JS code in web pages

(Originally on Twitter: Mon Jan 24 20:00:57 +0000 2011)

@lensassaman Seeing how the X.509 signatures or even PGP ones are checked we are still at Morris worm’s ages. Still work for us ;-) #infosec

(Originally on Twitter: Mon Jan 24 20:13:56 +0000 2011)

@lensassaman Right as long there is no OCSP response type code 3 in the process. How do you see it? a community voting signature scheme?

(Originally on Twitter: Mon Jan 24 20:38:35 +0000 2011)

http://dionaea.carnivore.it/ Dionaea the low-interaction honeypot is getting better and better. I really like its XMPP interface #infosec

(Originally on Twitter: Mon Jan 24 21:39:25 +0000 2011)

@kabel maybe via UML with an appropriate netfilter6 REDIRECT to not mess up with the underlying home OS. just an idea.

(Originally on Twitter: Mon Jan 24 21:53:15 +0000 2011)

RT @pnoordhuis: Wow! Bump (the iPhone app) has 700GB of RAM dedicated to Redis: http://bit.ly/fMeGgU

(Originally on Twitter: Tue Jan 25 09:25:37 +0000 2011)

http://piana.eu/aduc - Aduc files class action against Microsoft - #oem #proprietarysoftware #microsoft

(Originally on Twitter: Tue Jan 25 18:45:30 +0000 2011)

I’m reluctant to renew my ACM membership especially if ACM doesn’t go into an open access model. #acm #openaccess

(Originally on Twitter: Tue Jan 25 22:25:29 +0000 2011)

Reading for the 4th time the RFC5746 , I’m really wondering why they kept the TLS renegotiation in the standard. #infosec

(Originally on Twitter: Wed Jan 26 15:23:58 +0000 2011)

RT @dragosr: Caveat to intel, “Unbreakable” never works as a marketing slogan. Examples left as exercise for the reader.

(Originally on Twitter: Wed Jan 26 20:21:39 +0000 2011)

@xme I saw it at the European Movie film in Virton. Not really good. Just a guy going mad.. for a hotmail stolen via wireless. #Pulsar

(Originally on Twitter: Wed Jan 26 20:30:11 +0000 2011)

“Multi-Level Steganography: Improving Hidden Communication in Networks” - http://arxiv.org/abs/1101.4789 #stegano

(Originally on Twitter: Thu Jan 27 08:37:03 +0000 2011)

is wondering if logstash cannot be used as a simplified Netflow ipfix collector https://github.com/logstash/logstash

(Originally on Twitter: Thu Jan 27 09:13:01 +0000 2011)

@SteveClement Enjoy your stay in #SF don’t forget to bring us a dedicated guitar from your favourite “artist” and a rainbow sticker #bar

(Originally on Twitter: Thu Jan 27 15:57:56 +0000 2011)

New Soekris NET6501 revealed http://www.soekris.com/net6501.htm I’m curious about “GPIO connected to user programmable FPGA”

(Originally on Twitter: Thu Jan 27 19:38:49 +0000 2011)

RT @xme: [/dev/random]: Keep Big Brother away from Your Privacy! http://blog.rootshell.be/2011/01/27/keep-big-brother-away-from-your-pri …

(Originally on Twitter: Thu Jan 27 20:28:39 +0000 2011)

A future dynamic duo? Forban http://foo.be/forban/ and the PirateBox http://wiki.daviddarts.com/PirateBox #p2p #sharing why not?

(Originally on Twitter: Thu Jan 27 22:02:44 +0000 2011)

Even the root name server (193.227.1.1) for the .eg domain is not responding any more. Announce was withdraw yesterday night #crazy

(Originally on Twitter: Fri Jan 28 07:13:59 +0000 2011)

@FunkySteph You too. Don’t forget to have fun and install Tor to support Egyptian people. #privacy #tor

(Originally on Twitter: Fri Jan 28 11:08:34 +0000 2011)

RT @41414141: Seriously @symantec, no less than 4 unauthenticated stack based buffer overflows + 1 command exec via msgsys.exe? Security …

(Originally on Twitter: Fri Jan 28 11:09:44 +0000 2011)

I use GNU Screen and tmux in parallel. tmux is great but has sometime strange refresh behaviour especially in large terminal…

(Originally on Twitter: Fri Jan 28 20:24:38 +0000 2011)

If you pay a yearly 20%-cost of software maintenance, it doesn’t mean that you’ll get the maintenance. It just means that you are eligible.

(Originally on Twitter: Fri Jan 28 21:01:15 +0000 2011)

RT @telecomix: Radio amateurs wanting to help #Egypt. Please join this chat http://chat.werebuild.eu/?nick=egypt..&channels=hamradio&uio=d4

(Originally on Twitter: Fri Jan 28 21:04:02 +0000 2011)

http://fo.vc/1n -> solving truncated shellcode with egg hunter , a nice example with Metasploit #infosec

(Originally on Twitter: Sat Jan 29 06:02:07 +0000 2011)

Now I suppose that everyone is searching for a file named “KAV8.zip” #infosec #av

(Originally on Twitter: Sat Jan 29 15:00:58 +0000 2011)

RT @doctorow: Francis Ford #Coppola is a #copyfighter! http://tinyurl.com/63h7f7p Who knew?

(Originally on Twitter: Sat Jan 29 18:34:37 +0000 2011)

RT @w3c: ISOC’s statement on and analysis of the Egyptian Internet shutdown: http://tinyurl.com/4tzytcj http://tinyurl.com/6f9uhpa

(Originally on Twitter: Sun Jan 30 11:10:54 +0000 2011)

traceroute-circl 0.2 released - https://github.com/CIRCL/traceroute-circl #infosec #csirt #cert

(Originally on Twitter: Sun Jan 30 12:10:38 +0000 2011)

@eromang Thank you but we knew about AbuseHelper as we are already working on some (to be released) extensions… nice project.

(Originally on Twitter: Sun Jan 30 12:38:51 +0000 2011)

RIPE has a live status showing the BGP updates for Egypt : http://stat.ripe.net/egypt/ #bgp #internet

(Originally on Twitter: Sun Jan 30 16:18:56 +0000 2011)

RT @opexxx: DDoS Bot Infests Food Processing Firms: http://bit.ly/eYBIEX

(Originally on Twitter: Tue Feb 01 18:01:47 +0000 2011)

X-ARF is going into the right direction. Using easy “parse-able” format while being human readable. http://x-arf.org/ #csirt #cert

(Originally on Twitter: Wed Feb 02 10:34:52 +0000 2011)

RT @searchio: To kill boredom at hotels rooms, I’ve been reversing Silverlight’s CLR, which is much more broken than I expected. #FUN++

(Originally on Twitter: Wed Feb 02 15:10:09 +0000 2011)

RT @torproject: Egypt is full online, http://www.renesys.com/blog/2011/02/egypt-returns-to-the-internet.shtml

(Originally on Twitter: Wed Feb 02 15:25:39 +0000 2011)

is wondering if FreeBSD core development finally moved to git for its development? #freebsd

(Originally on Twitter: Thu Feb 03 08:15:25 +0000 2011)

RT @glynmoody: Microsoft Fully Backs H.264 & Has 3,000 Words To Prove It - http://tcrn.ch/hxsd3y just loves smell of proprietary standar …

(Originally on Twitter: Thu Feb 03 08:21:19 +0000 2011)

Si vous êtes à Paris ce Dimanche 6 février, allez faire quelques photos au musée d’Orsay “Opération OrsayCommons n°2” http://fo.vc/1o

(Originally on Twitter: Thu Feb 03 08:26:22 +0000 2011)

“Legacy certificates generated by OpenSSH might contain data from the stack” http://www.openssh.com/txt/legacy-cert.adv -> use OpenSSH 5.8

(Originally on Twitter: Fri Feb 04 09:47:14 +0000 2011)

WOOT’11 Call for Papers - http://www.usenix.org/events/woot11/cfp/ - Submissions due: May 2, 2011, 11:59 p.m. PDT #infosec #cfp #usenix

(Originally on Twitter: Fri Feb 04 10:10:20 +0000 2011)

Due to the IPv4 space reaching the limit, the bogon list is now really small : http://fo.vc/1p don’t forger to update your filter list…

(Originally on Twitter: Fri Feb 04 10:17:31 +0000 2011)

I enjoy street art and even in Barcelona - http://fo.vc/1q - http://fo.vc/1r (by the way, I’m really sorry for the two tourists ;-)

(Originally on Twitter: Fri Feb 04 20:00:42 +0000 2011)

Major changes in the Apple itunes appstore terms - section added about subscription services in apps http://fo.vc/1s #goodiff #apple #legal

(Originally on Twitter: Fri Feb 04 21:11:08 +0000 2011)

At #FOSDEM lightning talks, many interesting talks with a good diversity. #freesoftware

(Originally on Twitter: Sat Feb 05 15:32:36 +0000 2011)

RT @bitcoineconomy: 1 BTC = $0.86 USD, Size: 5.32M BTC, Last 24h: 0.08M BTC in 0.9K trx, Difficulty: 22.0K, Forum posts/day: 418, Nodes: …

(Originally on Twitter: Sat Feb 05 22:56:48 +0000 2011)

http://fo.vc/1t Forban “a simple link-local opportunistic p2p free software” presentation given at #FOSDEM https://github.com/adulau/Forban

(Originally on Twitter: Sat Feb 05 23:06:34 +0000 2011)

Funky web crawler of the day “Logict IPv6 Crawler/1.0” but crawling in IPv4 even if my site is also reachable in IPv6… #fail

(Originally on Twitter: Sun Feb 06 11:04:54 +0000 2011)

RT @HerraBRE: Forban is a very interesting take on filesharing: opportunistic over local networks. Neat! #FOSDEM

(Originally on Twitter: Sun Feb 06 11:22:19 +0000 2011)

RT @p4bl0: http://uzy.me/5l Forban looks very interesting :-) #fosdem

(Originally on Twitter: Sun Feb 06 11:22:33 +0000 2011)

If you are at #FOSDEM, don’t forget to make a donation to #FOSDEM or any other free software projects present there and you like.

(Originally on Twitter: Sun Feb 06 11:27:06 +0000 2011)

@elise_huard did you get a ‘moobs’ visual experience in the last days at #fosdem?

(Originally on Twitter: Sun Feb 06 13:35:31 +0000 2011)

@elise_huard ;-) I won’t ask if it was going beyond the visual experience. #fosdem

(Originally on Twitter: Sun Feb 06 13:38:23 +0000 2011)

RT @stephaniewojcik: Updated : calls for papers (journals & conferences in FR & EN) on electronic democracy & political communication ht …

(Originally on Twitter: Sun Feb 06 18:42:13 +0000 2011)

RT @tqbf: Batshit FUD from F5 - don’t do SSL on x86 servers, because RSA-1024 and RC4 is “easy pickings” for attackers. http://bit.ly/fmssMK

(Originally on Twitter: Sun Feb 06 20:51:06 +0000 2011)

@0x58 upx -d greenpois0n.exe -> IDA_Pro -> interesting to see how the iBoot is patched… #fun

(Originally on Twitter: Mon Feb 07 12:50:33 +0000 2011)

Some years ago, I filled the Bug #241305 at Ubuntu… just to enable security.ubuntu.com in #IPv6. http://fo.vc/1u

(Originally on Twitter: Mon Feb 07 22:34:35 +0000 2011)

RT @lkratz: Générateur de start-up : http://www.ykombinator.com/ . Exactement ce que je cherchais.

(Originally on Twitter: Tue Feb 08 11:07:27 +0000 2011)

With those spammers, you discover something new everyday: did you know that FBI had a lottery? #spam #stupid

(Originally on Twitter: Tue Feb 08 13:08:11 +0000 2011)

RT @chaosupdates: Save the date! #CCC camp is coming up, 10-14th August 2011 at Finowfurt. http://events.ccc.de/2010/08/10/chaos-communi …

(Originally on Twitter: Tue Feb 08 16:11:18 +0000 2011)

Just finished “Globalia” a nice and smooth book written by Jean-Christophe Rufin #utopia #book #reading #scifi

(Originally on Twitter: Tue Feb 08 20:39:08 +0000 2011)

A bluetooth honeypot - bluepot http://code.google.com/p/bluepot #infosec #bluetooth #honeypot

(Originally on Twitter: Wed Feb 09 09:44:16 +0000 2011)

Dear @belgacom when do you plan to add IPv6 for your ADSL customer? I would love to be a beta tester…

(Originally on Twitter: Wed Feb 09 09:52:14 +0000 2011)

@0x58 Maybe @belgacom may charge for IPv6 but the current service is for Internet access and IPv6 is also Internet ;-)

(Originally on Twitter: Wed Feb 09 10:35:50 +0000 2011)

@danchodanchev Do you know the method of the eurostat survey? and where the 87% is coming from? I can’t find it in the eurostat source. thx.

(Originally on Twitter: Wed Feb 09 11:39:04 +0000 2011)

@thorstenholz How does an end-user know when the A/V fails? Maybe they have to wait for their next bank statement… ;-)

(Originally on Twitter: Wed Feb 09 11:56:27 +0000 2011)

Should we be worried if the session fingerprint is not matching in one way for TextSecure? #sms @whispersystems

(Originally on Twitter: Wed Feb 09 12:52:04 +0000 2011)

@ChrisJohnRiley Good luck. I’m sure you’ll rock SAP ;-)

(Originally on Twitter: Wed Feb 09 16:52:19 +0000 2011)

“The Linux Programming Interface” book is a work of art. I was looking for a terminal flag and I found the only correct answer in that book.

(Originally on Twitter: Wed Feb 09 20:29:16 +0000 2011)

RT @circl_lu: CIRCL published a technical report about the security of iOS based devices - http://www.circl.lu/ #ios #mobilesecurity #in …

(Originally on Twitter: Thu Feb 10 14:41:35 +0000 2011)

http://www.cuckoobox.org/ “binary analysis sandbox, designed and developed with the general purpose of automating the analysis of malware.”

(Originally on Twitter: Thu Feb 10 15:30:15 +0000 2011)

Why so many website (like Twitter) when changing your password, your old cookies are still valid for weeks… they should force to sign out

(Originally on Twitter: Thu Feb 10 18:03:01 +0000 2011)

@eromang right. that why an “rm -rf” of “~/.macromedia/Flash_Player/#SharedObjects/” at each browser shutdown is useful. #privacy #infosec

(Originally on Twitter: Thu Feb 10 22:24:47 +0000 2011)

RT @p4ula: WikiLeaks, Anonymous style: http://anonleaks.ru . Yes, the Anonymous. #popcorn

(Originally on Twitter: Sat Feb 12 16:56:24 +0000 2011)

Another way to bypass a DLP (Data Leak Prevention) system via a faked USB keyboard… http://fo.vc/1v #infosec #dlp_snakeoil

(Originally on Twitter: Sat Feb 12 17:14:41 +0000 2011)

What’s the heck is the DNA Spray used in Amsterdam? http://fo.vc/1w it seems to be a joke? At least, I hope so.

(Originally on Twitter: Sat Feb 12 18:05:24 +0000 2011)

@thomashawk Thank for your wonderful shots. If you had to go on an island with one lens? 24-70 f2.8 or 135 f2 or 50mm f1.2?

(Originally on Twitter: Sat Feb 12 18:42:39 +0000 2011)

I’m anxiously waiting for 2054 when the copyright on Tintin will be expired. #copyrightdelirium #tintin

(Originally on Twitter: Sun Feb 13 09:17:28 +0000 2011)

Did you know that @MonsantoCo is actively lobbying at EU EC “Health and Consumers DG” to weaken the current “zero tolerance” for GMO import?

(Originally on Twitter: Sun Feb 13 10:02:35 +0000 2011)

@xme I hope you purchased the SSD ones. That’s a real comfort especially when you travel a lot.

(Originally on Twitter: Sun Feb 13 17:26:48 +0000 2011)

Now I understand Nokia’s strategy, platform diversity (MeeGo, Symbian, WP7) is there to limit malware infection.

(Originally on Twitter: Sun Feb 13 18:13:39 +0000 2011)

If you are looking for a great command line tool to search your Maildir mbox, Mu is great. http://www.djcbsoftware.nl/code/mu/

(Originally on Twitter: Sun Feb 13 21:19:43 +0000 2011)

@fboule To be on the safe side, I would push the update on GitHub and Gitorious. It’s also better for your project visibility. #git

(Originally on Twitter: Mon Feb 14 15:29:32 +0000 2011)

RT @taosecurity: If your “security program” resembles “we’re going to deploy new tech like DLP,” instead of building new “services” (lik …

(Originally on Twitter: Mon Feb 14 20:10:55 +0000 2011)

Working on a web-based annotation extension to GooDiff - but more complex than expected… #goodiff #quuxlabs

(Originally on Twitter: Mon Feb 14 22:08:05 +0000 2011)

@lensassaman yes but usually card dumps on CC forum are from old-style skimmer (and mainly from US). US banks don’t want to invest in ATM.

(Originally on Twitter: Tue Feb 15 09:28:00 +0000 2011)

@securityall The volume of skimming in the US on ageing magnetic strip ATM is really important compared to EU.

(Originally on Twitter: Tue Feb 15 09:35:23 +0000 2011)

@lensassaman @security4all I think it’s easier to get cash via “western union” outside EU. I know it’s usually used by malware casher…

(Originally on Twitter: Tue Feb 15 09:53:08 +0000 2011)

@lensassaman Yep. The other way to send cash is to use an express courier… I fully agree that blocking Maestro outside EU is stupid.

(Originally on Twitter: Tue Feb 15 10:05:14 +0000 2011)

RT @ochsff: @shadowserver does it for free – RT @lcamtuf: http://goo.gl/J08oB. Hey, I’ll happily monitor botnets for $1M/yr.

(Originally on Twitter: Tue Feb 15 19:19:36 +0000 2011)

@fboule ssh-keydb looks interesting. How do you push and track securely the authorized_keys file? Do you have a kind of master key?

(Originally on Twitter: Wed Feb 16 22:14:01 +0000 2011)

RT @thomashawk: the five new Banksys in Los Angeles from Banky’s website. http://goo.gl/4NhFa

(Originally on Twitter: Thu Feb 17 05:43:25 +0000 2011)

“ILSpy is the open-source .NET assembly browser and decompiler.” http://wiki.sharpdevelop.net/ilspy.ashx #infosec #reversing

(Originally on Twitter: Thu Feb 17 08:04:04 +0000 2011)

RT @PvdWalle: @rafik @mathieuweill @bortzmeyer le gouvt belge démissionnaire fait du bon boulot. Gestion prudente. Pas de surenchères p …

(Originally on Twitter: Fri Feb 18 10:01:03 +0000 2011)

https://github.com/akheron/sala Simple encrypted password storage relying on GnuPG symmetric encryption. #infosec

(Originally on Twitter: Fri Feb 18 19:55:48 +0000 2011)

I like having a segfault while just doing a telnet to a byte stream oriented network service. #reversing #fun

(Originally on Twitter: Fri Feb 18 21:13:03 +0000 2011)

@bortzmeyer I’m wondering why OARC is still using Subversion. Not easy for tracking and contributing - https://github.com/adulau/dnscap

(Originally on Twitter: Sat Feb 19 15:56:06 +0000 2011)

@bortzmeyer Thank you, I really would like too but other CSIRTs activities. Do you know already when/where will be the 2012 workshop? #oarc

(Originally on Twitter: Sat Feb 19 16:19:53 +0000 2011)

Thumbs up to the #AFNIC for their transparency regarding the DNSSEC incident of 12 February. http://fo.vc/1x #dnssec

(Originally on Twitter: Sat Feb 19 18:18:18 +0000 2011)

love the latest “Banksy” team work in LA where Mickey Mouse and Minnie are living the “dream”… http://fo.vc/1y #art #society #consumerism

(Originally on Twitter: Sun Feb 20 08:39:42 +0000 2011)

http://fo.vc/1z FIPS-180-4 Draft (SHA-2) released and introduces speed improvement for 64-bit operations. Good or bad news ;-) #crypto #fips

(Originally on Twitter: Sun Feb 20 09:01:00 +0000 2011)

If you are interested in the tamperproof approach of Skype to protected its binary read section 7.2.4 of “Surreptitious Software” #reverse

(Originally on Twitter: Sun Feb 20 14:12:32 +0000 2011)

https://github.com/mattsta/redisfuse Yep redis accessible as a filesystem via fusefs… It looks crazy but could be useful. #redis #fuse

(Originally on Twitter: Sun Feb 20 21:16:18 +0000 2011)

ISC continues the HTTP headers project : http://isc.sans.edu/httpheaders/ not much web sites with X-XSS-Protection headers #infosec #http

(Originally on Twitter: Tue Feb 22 18:23:42 +0000 2011)

@DidierStevens Nice sensor. I think I’ll replace my old sensor for a similar one with humidity for my bookshelf monitoring http://fo.vc/1B

(Originally on Twitter: Tue Feb 22 20:24:27 +0000 2011)

RT @circl_lu: ISC releases a BIND advisory regarding a potential denial-of-service attack on name-servers using ISC BIND http://fo.vc/1C …

(Originally on Twitter: Wed Feb 23 15:52:02 +0000 2011)

AEG - automatically finds security-critical bugs and generate exploits - http://fo.vc/1D looks very nice but where is the source code? #NDSS

(Originally on Twitter: Wed Feb 23 21:56:36 +0000 2011)

@AcidRampage Yes that’s often the case for academic papers with nice and shiny description until you ask where to get the code. #cs

(Originally on Twitter: Wed Feb 23 22:16:20 +0000 2011)

http://fo.vc/1E “Pattern is a web mining module for the Python programming language.” #nlp #datamining #python

(Originally on Twitter: Thu Feb 24 19:37:17 +0000 2011)

Finally sent my email to Apple to get the refund of the never used MacOS License. My MBP is only running GNU/Linux. #freesoftware

(Originally on Twitter: Fri Feb 25 15:07:32 +0000 2011)

RT @antirez: membase guys don’t always behave correctly in hacker news comments IMHO. Too marketing oriented in programming forums sucks.

(Originally on Twitter: Fri Feb 25 19:47:21 +0000 2011)

@antirez Thank you for Redis. This is a great free software. I solved a never ending RDBMS issue with an 1 hour Perl script and Redis.

(Originally on Twitter: Fri Feb 25 21:24:11 +0000 2011)

@btwotch @0x58 My chance of success with Apple is similar to the early days where it was impossible to get a laptop without MSFT Windows.

(Originally on Twitter: Fri Feb 25 21:47:10 +0000 2011)

RT @jzawodn: Redis Sharding at Craigslist: http://blog.zawodny.com/2011/02/26/redis-sharding-at-craigslist/ #redis

(Originally on Twitter: Sun Feb 27 08:45:41 +0000 2011)

If I have again a student reluctant to contribute to free software because “it’s too difficult”, I’ll show this contribution http://fo.vc/1F

(Originally on Twitter: Sun Feb 27 16:02:13 +0000 2011)

SIFTR (Statistical Information For TCP Research) is included in the latest FreeBSD 8.2 -> logging stats of active TCP sessions #networking

(Originally on Twitter: Sun Feb 27 18:01:45 +0000 2011)

What’s the heck is the “o-o.resolver.<dotted>.clientip>.<nonce>.metricz.l.google.com” reply when you query the Google load balancer? @google

(Originally on Twitter: Mon Feb 28 13:50:27 +0000 2011)

@security4all I think having an invitation from John Ripper is nicer than one from Jack the Ripper…

(Originally on Twitter: Mon Feb 28 19:16:11 +0000 2011)

@kraih I really enjoy the secure by default HTML escaping in Mojolicious. By the way, really nice web framework. #perl

(Originally on Twitter: Mon Feb 28 20:51:43 +0000 2011)

RT @mattblaze: My take on IEEE (& ACM) copyright coercion: http://crypto.com/blog/copywrongs/

(Originally on Twitter: Tue Mar 01 05:43:40 +0000 2011)

http://fo.vc/1G Microsoft excludes the copyleft licenses from their Windows Phone 7 store… monopolist in action… #microsoft #copyleft

(Originally on Twitter: Tue Mar 01 07:28:48 +0000 2011)

Lesson learned today: “Sometime there is much more research in an irc channel with free software developers than in an university dept.”.

(Originally on Twitter: Tue Mar 01 21:51:46 +0000 2011)

Zynamics acquired by Google http://fo.vc/1H - What’s next? Hex-Rays… Imagine BinDiff + IDA Pro as a web-based google product ;-) #infosec

(Originally on Twitter: Tue Mar 01 22:03:19 +0000 2011)

RT @mattblaze: Join me in refusing to serve on PCs of conferences with closed-access proceedings: http://crypto.com/blog/copywrongs

(Originally on Twitter: Tue Mar 01 22:08:48 +0000 2011)

@gandibar Could you support the SSHFP DNS Record Type in your interface? #RFC4255 #infosec

(Originally on Twitter: Wed Mar 02 11:01:29 +0000 2011)

@FunkySteph We hope everything is fine for you. A nice photographic idea : http://arinfishkin.com/fishkin_delayed_gratification.html

(Originally on Twitter: Thu Mar 03 15:29:52 +0000 2011)

Volatility, an advanced memory forensics Python framework is getting better and better… http://fo.vc/1I #forensic #infosec

(Originally on Twitter: Thu Mar 03 22:24:59 +0000 2011)

@raf_iot Great news. By the way, a whois query interface for #bgpranking is on its way along to include the ranking in traceroute-circl.

(Originally on Twitter: Thu Mar 03 22:32:32 +0000 2011)

RT @ddenis: L’Hadopi belge refait surface, la contre-riposte graduée s’organise: http://bit.ly/gyQ6c9 #etraces

(Originally on Twitter: Thu Mar 03 22:42:33 +0000 2011)

RT @circl_lu: If you need to reverse analyze a suspicious Android Apps, androguard is very handy. http://fo.vc/1K #python #infosec

(Originally on Twitter: Fri Mar 04 10:38:00 +0000 2011)

“Scheduler Vulnerabilities and Attacks in Cloud Computing” - http://arxiv.org/abs/1103.0759 #amazon #ec2 #infosec

(Originally on Twitter: Fri Mar 04 19:35:05 +0000 2011)

A simple Scalar::Util::weaken() at the right place just saved me 4GB of memory on a long lasting program in Perl…. #perl

(Originally on Twitter: Fri Mar 04 21:51:32 +0000 2011)

If the police ask you to give back their tracking device, ask them to provide you a written letter with the serial number of their device…

(Originally on Twitter: Sat Mar 05 10:22:46 +0000 2011)

made some notes about monitoring processes who like to eat too much memory… -> http://fo.vc/1L #unix #munin #monitoring

(Originally on Twitter: Sat Mar 05 11:23:56 +0000 2011)

http://fo.vc/1M Roberto Di Cosmo fait un manifeste pour les creations artistiques libres mais le livre n’est pas libre (CC-BY-NC-ND) dommage

(Originally on Twitter: Sun Mar 06 07:59:42 +0000 2011)

http://fo.vc/1O NSA published a nice “Security Tips for Personally Managed Apple iPhones” #infosec #mobilephone

(Originally on Twitter: Mon Mar 07 11:52:01 +0000 2011)

Wietse Venema explained the plaintext injection in STARTTLS discovered in multiple software implementation http://fo.vc/1P #infosec

(Originally on Twitter: Mon Mar 07 22:06:04 +0000 2011)

The new version of arp-scan includes the ability to add 802.1q vlan tag. http://www.nta-monitor.com/tools/arp-scan/ #infosec

(Originally on Twitter: Tue Mar 08 08:32:24 +0000 2011)

RT @_LarsH: Smashthestack.org just announced a new wargame! Check it out at http://amateria.smashthestack.org:89/ But first finish codeg …

(Originally on Twitter: Tue Mar 08 12:21:31 +0000 2011)

looked in a passive DNS dataset, I’m surprised to see so many NS records with RFC 1918 addresses…

(Originally on Twitter: Tue Mar 08 21:24:11 +0000 2011)

“How Unique and Traceable are Usernames?” http://arxiv.org/abs/1101.5578 #privacy #infosec

(Originally on Twitter: Wed Mar 09 09:22:01 +0000 2011)

RT @obra: Apple’s charging for Xcode 4? So. Uh. When do we think that we’re going to have to start paying to use HTML5 apps in Safari?

(Originally on Twitter: Wed Mar 09 21:15:28 +0000 2011)

@mattblaze I think to convert my yearly subscription to ACM into a yearly donation to arXiv . Would this help? #copyrightdelirium

(Originally on Twitter: Wed Mar 09 21:59:55 +0000 2011)

RT @alexsotirov: My new project: short reviews of the essential contributions from the latest conference presentations: http://research. …

(Originally on Twitter: Thu Mar 10 20:21:09 +0000 2011)

RT @epelboin: Les musulmans sont les nouveaux juifs de la France, je suis d’accord avec Badinter http://ow.ly/4biZy

(Originally on Twitter: Fri Mar 11 06:01:14 +0000 2011)

(unofficial) delicious sold for $5 Million+? Maybe it’s time to build a really free and community-driven social bookmarking -> #tagr

(Originally on Twitter: Fri Mar 11 16:24:53 +0000 2011)

Very nifty ISO 8583 TLV EMV data decoder - http://iso8583.info/tools/TLVdecoder/ #smartcard #apdu #emv

(Originally on Twitter: Sat Mar 12 16:05:04 +0000 2011)

hack.lu 2011 call for paper released - http://2011.hack.lu/cfp/ #hacklu #cfp #infosec #conference

(Originally on Twitter: Sun Mar 13 15:00:08 +0000 2011)

Japan - official “Nuclear and Industrial Safety Agency” 19th report http://fo.vc/1Q -> do not mixup microSv/h - milliSv/h #japan #nuclear

(Originally on Twitter: Sun Mar 13 15:56:40 +0000 2011)

@lensassaman Running 30+ years-old nuclear plant is also very opportunistic ;-)

(Originally on Twitter: Sun Mar 13 17:27:46 +0000 2011)

@lensassaman I tend to prefer the PWR design. Maybe because it’s the main design in Belgium and its surrounding…. #nuclear

(Originally on Twitter: Sun Mar 13 17:54:24 +0000 2011)

@dj_juice24 @lensassaman The mixed-oxide can be indeed the most toxic part. What kind of mixed oxide is there? U/Pu + Cm?

(Originally on Twitter: Sun Mar 13 18:02:59 +0000 2011)

@maradydd @lensassaman Right, CANDUs-improved would be better than nothing but the production of deuterium is not really cost effective…

(Originally on Twitter: Sun Mar 13 18:22:40 +0000 2011)

Someone asked me if I’m regularly measuring radioactivity at home. Yes I do… http://www.flickr.com/photos/adulau/5523192214/ #curiosity

(Originally on Twitter: Sun Mar 13 18:36:14 +0000 2011)

@security4all QUART-RAD products are designed and built in Russia. It’s a simple, cheap and rock-solid device. Just missing an USB plug…

(Originally on Twitter: Sun Mar 13 18:53:21 +0000 2011)

@security4all http://www.anythingradioactive.com/geiger.htm should work

(Originally on Twitter: Sun Mar 13 19:23:43 +0000 2011)

@DidierStevens The Geiger-Muller tube design seems a bit different (limited?) in the DIY version. We could check with a reference source.

(Originally on Twitter: Sun Mar 13 20:35:09 +0000 2011)

RT @mattblaze: Bulk of analysis of Japan situation seems to be from either nuclear apologists or anti-nuclear hysterics. #sciencedoesntw …

(Originally on Twitter: Sun Mar 13 20:44:41 +0000 2011)

@DidierStevens If you find one tube with a good detection rate for beta/gamma and a simple to interface. let me know, thx. #stickers

(Originally on Twitter: Sun Mar 13 20:44:56 +0000 2011)

@maraegyt any country where the police is requesting back their tracking device ;-)

(Originally on Twitter: Mon Mar 14 11:12:51 +0000 2011)

RT @p4ula: High-res satellite image of Fukushima I plant after second explosion: http://flic.kr/p/9qiBWB

(Originally on Twitter: Mon Mar 14 17:10:28 +0000 2011)

http://fo.vc/1R -> Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat CVE-2011-0609 (all platform) #infosec #flash

(Originally on Twitter: Mon Mar 14 20:07:10 +0000 2011)

While debugging, I like to do “while true ; do tmux next-window ; sleep 5; done” to not overload my tmux session with many “tail -F” in //

(Originally on Twitter: Mon Mar 14 20:48:00 +0000 2011)

RT @raf_iot: Just add a list of IPs provided by @MDL to #bgpranking it gives interesting results… http://bgpranking.circl.lu/ (cc @a …

(Originally on Twitter: Mon Mar 14 21:42:04 +0000 2011)

@thierryzoller I suppose they forgot to read the RFC 4880 and they don’t do RSASSA-PSS… #crypto

(Originally on Twitter: Tue Mar 15 21:39:56 +0000 2011)

RT @sam280: “The Stealthiest File Infector Ever!” http://is.gd/jU7uTI <- hmm apparently @symantec never heard of CreateFile(…, FILE …

(Originally on Twitter: Tue Mar 15 22:50:28 +0000 2011)

RT @circl_lu: Until a patch for Adobe Flash is released, US-CERT published a list of workarounds http://fo.vc/1S #infosec

(Originally on Twitter: Wed Mar 16 08:54:44 +0000 2011)

@security4all The leukemogenicity of ionizing radiation has been shown and demonstrated many times…

(Originally on Twitter: Wed Mar 16 10:43:21 +0000 2011)

http://www.rsa.com/node.aspx?id=3872 “RSA identified an extremely sophisticated cyber attack in progress being mounted against them”

(Originally on Twitter: Thu Mar 17 21:59:48 +0000 2011)

I discover that my best thermal radiation detector is my cat, maybe I can verify the Planck’s law with my cat too? #cat #physics

(Originally on Twitter: Sun Mar 20 08:56:37 +0000 2011)

http://fo.vc/1U “Syslog Extension for Cloud Using Syslog Structured Data” -> show how identitier and resources exist in the “cloud” #ietf-ID

(Originally on Twitter: Sun Mar 20 09:09:56 +0000 2011)

Now we have nice facts why enterprise should use their own private key for the generation scheme of their OTP tokens #HOTP #infosec #rfc4226

(Originally on Twitter: Sun Mar 20 10:09:42 +0000 2011)

@tkeetch They should, at least for hard tokens (standalone) or paper tokens. Some hard token vendors allow to change the PSK.

(Originally on Twitter: Sun Mar 20 14:27:40 +0000 2011)

@tkeetch Regarding soft tokens, I would recommend to avoid them. A phone is just a operating system where it’s difficult to secure a PSK…

(Originally on Twitter: Sun Mar 20 14:30:29 +0000 2011)

It seems that I hit the wonderful Date::Manip memory leak by processing millions of records… grrrrrrr. http://fo.vc/1V #perl

(Originally on Twitter: Sun Mar 20 18:21:40 +0000 2011)

@tkeetch http://www.yubico.com/personalization-tool - YubiKey is one example. There are other RFC4226 hard tokens where you can set the psk

(Originally on Twitter: Sun Mar 20 22:07:36 +0000 2011)

a good start for the morning, a Certificate Authority compromised? http://fo.vc/1W #pki #x509 #infosec

(Originally on Twitter: Wed Mar 23 06:00:04 +0000 2011)

@kaizeronion 0,16 uSv/h (not far away from you ;-)

(Originally on Twitter: Wed Mar 23 12:06:22 +0000 2011)

RT @xme: How to deal with your #RSA tokens from now? http://twitpic.com/4cetx4

(Originally on Twitter: Wed Mar 23 12:14:13 +0000 2011)

RT @circl_lu: http://fo.vc/1X - “Firefox Blocking Fraudulent Certificates” - Double check any certificate issued by the mentioned certif …

(Originally on Twitter: Wed Mar 23 12:24:14 +0000 2011)

http://fo.vc/1Y - “Unsolicited Internet Traffic from Libya” #internet #ripe #caida

(Originally on Twitter: Wed Mar 23 17:56:34 +0000 2011)

http://fo.vc/1Z Major changes in the eBay privacy policy mentioning “approved by a number of European Union privacy regulators” ? #privacy

(Originally on Twitter: Thu Mar 24 05:21:09 +0000 2011)

I’m finally registered for #HES2011 http://hackitoergosum.org/ - see you there… #infosec

(Originally on Twitter: Thu Mar 24 10:45:12 +0000 2011)

Repeat after: “Single sign-on is not a security feature, it’s the opposite” #infosec #fail

(Originally on Twitter: Thu Mar 24 13:12:24 +0000 2011)

@mleisi “Single sign-on” and “done right” usually don’t show together…

(Originally on Twitter: Thu Mar 24 13:30:07 +0000 2011)

RT @JohnDCook: Enterprise software http://bit.ly/Hr158

(Originally on Twitter: Thu Mar 24 14:07:15 +0000 2011)

RT @mattblaze: Why does IEEE want to charge authors $3K for something Usenix provides for free?

(Originally on Twitter: Thu Mar 24 16:09:25 +0000 2011)

Don’t forget that the free typeface “DejaVu Sans Mono” is very close to the “Apple Menlo”. A good news for free terminal riders like us.

(Originally on Twitter: Fri Mar 25 00:13:18 +0000 2011)

Rules are made to be broken especially when it’s a PKI. #infosec

(Originally on Twitter: Sat Mar 26 09:15:39 +0000 2011)

@bortzmeyer ton article “Michel Riguidel est un imposteur” est excellent, il devrait être une réponse officielle dans @lemondefr …

(Originally on Twitter: Sat Mar 26 14:59:52 +0000 2011)

Technical Analysis and Win7 Exploitation of Flash 0Day CVE-2011-0609 http://www.vupen.com/blog/ #infosec #aslr

(Originally on Twitter: Sun Mar 27 11:25:37 +0000 2011)

@kraih The failraptor is great. Maybe the tail of the Velociraptor is bit longer and larger at the end… It’s so #perl style. #mojolicious

(Originally on Twitter: Mon Mar 28 20:26:12 +0000 2011)

is dreaming of IRT Object references not only for inetnum objects but also for domain name objects… #whois

(Originally on Twitter: Tue Mar 29 11:59:33 +0000 2011)

RT @circl_lu: A kind reminder for Mac OS users, OCSP and CRL checks are not enabled by default. Don’t forget to enable it in Keychain Ac …

(Originally on Twitter: Tue Mar 29 15:24:45 +0000 2011)

@mytweet_id you’re very welcome. We are still wondering about the iOS devices and how the OCSP and CRL can be (de)activated…

(Originally on Twitter: Tue Mar 29 19:22:19 +0000 2011)

RT @msftmmpc: Very bad news, with more bad news embedded http://blogs.technet.com/b/mmpc/archive/2011/03/24/very-bad-news-with-more-bad- …

(Originally on Twitter: Tue Mar 29 21:33:58 +0000 2011)

Are you TCP_TW_REUSE or TCP_TW_RECYCLE? That’s the question. #tcp

(Originally on Twitter: Tue Mar 29 22:18:20 +0000 2011)

“A Comparison of Link Layer Attacks on Wireless Sensor Networks” http://arxiv.org/abs/1103.5589 not highly technical but interesting…

(Originally on Twitter: Wed Mar 30 11:25:25 +0000 2011)

@SteveClement @PitWenkin at least, it’s Twinings… not the evil dust from Lipton. But if you really like tea bags -> Taylors of Harrogate

(Originally on Twitter: Wed Mar 30 20:13:29 +0000 2011)

@PitWenkin Tea in a bag (and flavoured ones too) is really a disaster… Try a leaf tea like Assam or even better an Oolong. #tea

(Originally on Twitter: Wed Mar 30 20:26:25 +0000 2011)

https://code.google.com/p/droidwall/ Interesting, you can use the standard Netfilter on Android and even filtering by application id…

(Originally on Twitter: Thu Mar 31 11:30:14 +0000 2011)

@msuiche I’ll need to renew my ASSCERT certificate as soon as possible. I hope #HES2011 will conduct an exam session.

(Originally on Twitter: Thu Mar 31 14:36:22 +0000 2011)

RT @cdaffara: Cisco was rejected 76 times by VCs before landing Sequoia for funding. Moral: be persistent, very persistent.

(Originally on Twitter: Fri Apr 01 14:20:35 +0000 2011)

@lensassaman Is it only the talk page that is hilarious or more the whole concept? #cissp

(Originally on Twitter: Fri Apr 01 15:49:42 +0000 2011)

@lensassaman I agree with you. Regarding funny certification, there is still the ASSCERT - http://www.asscert.com/

(Originally on Twitter: Fri Apr 01 16:07:46 +0000 2011)

http://arxiv.org/abs/1103.6219 “The weak password problem: chaos, criticality, and encrypted p-CAPTCHAs” auto strengthening passwords mmm…

(Originally on Twitter: Fri Apr 01 16:15:12 +0000 2011)

RT @BenLaurie: Improving SSL Certificate Security: http://googleonlinesecurity.blogspot.com/2011/04/improving-ssl-certificate-security.html

(Originally on Twitter: Fri Apr 01 16:32:11 +0000 2011)

An impressive side channel attack (via EMF) on a smartphone on its crypto implementation using ECC http://fo.vc/20 #cryptography #infosec

(Originally on Twitter: Fri Apr 01 19:20:11 +0000 2011)

RT @pbeyssac: zarbi, il faut soutenir les banques sinon tout pète, mais démolir la notation des états, par contre, c’est pas grave du to …

(Originally on Twitter: Fri Apr 01 19:48:25 +0000 2011)

@kraih Have you checked http://www.gandi.net/ @gandibar ?

(Originally on Twitter: Sat Apr 02 07:36:06 +0000 2011)

Why don’t we simply vote for X.509 certificate we trust? and share our votes with the rest of the world? Sorry there is no business case.

(Originally on Twitter: Sat Apr 02 14:30:38 +0000 2011)

@0xtosh Somehow similar to OpenPGP WoT without its complexity. You trust a list of friends (via SPSK) only (by so their votes (->signature))

(Originally on Twitter: Sat Apr 02 14:42:48 +0000 2011)

RT @UnGarage: RT @jerezim: Who should win in #EU? The Internet or the majors? Answer #IPRED consult before Sunday night! http://j.mp/idl …

(Originally on Twitter: Sat Apr 02 16:25:49 +0000 2011)

I just sent my late response to the IPRED consultation. Did you? http://fo.vc/21 #copyright

(Originally on Twitter: Sat Apr 02 17:03:04 +0000 2011)

The FBI is looking for ideas on how to break this “cipher” to solve a case… #cryptography http://fo.vc/22

(Originally on Twitter: Sat Apr 02 17:11:20 +0000 2011)

just added BGP Ranking output to traceroute-circl #csirt #cert http://fo.vc/N

(Originally on Twitter: Sat Apr 02 20:01:02 +0000 2011)

The Wikimedia engineering March 2011 report is an interesting read to see where the evolution could be… http://fo.vc/23 #wikipedia #wiki

(Originally on Twitter: Sat Apr 02 20:26:50 +0000 2011)

is driving crazy writing a tcpdump to Redis to seek faster in large capture set. #redis #infosec

(Originally on Twitter: Sat Apr 02 20:52:40 +0000 2011)

@bortzmeyer Yep, it’s from pcap files. Redis is used as as fast index in memory to reassemble filter streams or build new pcap files.

(Originally on Twitter: Sat Apr 02 21:10:53 +0000 2011)

@bortzmeyer FYI, the memory footprint of Cassandra was too heavy compared to Redis in our case.

(Originally on Twitter: Sat Apr 02 21:19:07 +0000 2011)

@Aissn True but sometimes it’s a matter of time. HTTP/0.9 was not scaling and only some people used it. Today, masses use HTTP w/o knowing

(Originally on Twitter: Sun Apr 03 05:59:15 +0000 2011)

made a small insect hotel and habitat in his garden http://www.flickr.com/photos/adulau/5584049103/ #biodiversity

(Originally on Twitter: Sun Apr 03 08:20:57 +0000 2011)

http://rfc2196.foo.be/ updated and everyone can now comment on the RFC2196 with their respective ISO2700x/other annotations… #rfc #infosec

(Originally on Twitter: Sun Apr 03 09:57:34 +0000 2011)

@zedshaw I like the idea but what will be officialy published to trigger the companies to fix the issues?

(Originally on Twitter: Sun Apr 03 16:56:08 +0000 2011)

RT @bortzmeyer: Good morning, Teddington! First day of the #SATIN2011 conference at the @NPL. http://conferences.npl.co.uk/satin/ #DNS

(Originally on Twitter: Mon Apr 04 06:49:25 +0000 2011)

@bortzmeyer no HSM is it really worse than having a single HSM interfaced with SQL updates from third-parties? (cf. Verisign design)

(Originally on Twitter: Mon Apr 04 09:08:15 +0000 2011)

RT @bortzmeyer: “Today, a #DNSSEC validation failure means almost always a misconfiguration, not an attack” #SATIN2011

(Originally on Twitter: Mon Apr 04 10:30:15 +0000 2011)

http://fo.vc/24 GnuPG recently merged ECC support into the main branch. (based on draft-jivsov-openpgp-ecc-06) #crypto #ecdsa

(Originally on Twitter: Mon Apr 04 11:04:51 +0000 2011)

A kind reminder to Jabber/XMPP users, encryption is not used when you are doing file exchange with a buddy. #infosec #weakestlink

(Originally on Twitter: Wed Apr 06 16:36:35 +0000 2011)

@raf_iot I tend to avoid importing ephemeral sources of DoS activity. Especially it will increase the funky “Dshield” effect ;-) #bgpranking

(Originally on Twitter: Wed Apr 06 16:45:35 +0000 2011)

@dbanes It’s not the standard behaviour of many XMPP clients especially when you have different XMPP clients -> fallback to weak XEP-0066

(Originally on Twitter: Wed Apr 06 16:50:33 +0000 2011)

@raf_iot or discarding the source in the overall calculation? By the way, the daily ASN max ranking would be a nice to have… #bgpranking

(Originally on Twitter: Wed Apr 06 19:44:49 +0000 2011)

#hes2011 Listening to an “inventory” talk about hardware breaking and permanent DoS.. I’m expecting a live demo but maybe expecting too much

(Originally on Twitter: Thu Apr 07 12:33:04 +0000 2011)

#hes2011 van Hauser just started the 101 of IPv6 ;-)

(Originally on Twitter: Thu Apr 07 13:06:34 +0000 2011)

@tricaud just points me to Nfsight (a promising extension to Nfsen) http://nfsight.sf.net/ #infosec #networkanalysis #netflow

(Originally on Twitter: Thu Apr 07 13:15:55 +0000 2011)

#HES2011 Windows 7 kernel pool exploitation - an interesting approach to overwrite PoolIndex… waiting for the slides and the sample code

(Originally on Twitter: Thu Apr 07 15:04:04 +0000 2011)

#HES2011 Windows 7 kernel pool exploitation paper and slides -> http://www.mista.nu/research/

(Originally on Twitter: Thu Apr 07 15:08:34 +0000 2011)

#hes2011 Current talk - Maybe Rodrigo misses the point of some Linux kernel developers -> “all bugs are security bugs”… #infosec

(Originally on Twitter: Fri Apr 08 08:58:47 +0000 2011)

#hes2011 Current talk: Spending money to product certification -> certification must be always positive (as you paid for it) #infosec #fail

(Originally on Twitter: Fri Apr 08 09:04:12 +0000 2011)

#hes2011 current talk : Good question “What are the features an AV has that a Rogue AV doesn’t?” #infosec #antivirus

(Originally on Twitter: Fri Apr 08 09:15:20 +0000 2011)

#hes2011 - current talk “Expoiting the Hard-Working DWARF” -> integrating trojan code in ELF executables without additional binary code…

(Originally on Twitter: Fri Apr 08 09:38:20 +0000 2011)

#hes2011 current talk - DWARF format in ELF was completely overlooked and this an incredible place for additional computation (malware ;-)

(Originally on Twitter: Fri Apr 08 09:54:43 +0000 2011)

@evilrez As far I know (and see no video camera around), I assume there is no livestream. #hes2011

(Originally on Twitter: Fri Apr 08 10:11:47 +0000 2011)

#hes2011 Crazy work, J. Oakley and S. Bratus are writing a virtual machine on top of DWARF libgcc-exception handler… impressive work.

(Originally on Twitter: Fri Apr 08 10:27:43 +0000 2011)

#hes2011 - DWARF slides and code -> http://www.cs.dartmouth.edu/~electron/dwarf/ (to be updated in the next days)

(Originally on Twitter: Fri Apr 08 10:38:15 +0000 2011)

#hes2011 - “A castle made of sand - Acrobat Reader X Sanbox” talk just started

(Originally on Twitter: Fri Apr 08 13:10:40 +0000 2011)

@lensassaman #hes2011 sure, where are you? ;-)

(Originally on Twitter: Fri Apr 08 13:12:46 +0000 2011)

@msuiche I’m surprised you didn’t design a special sticker for your incredible taste in pop music… #hes2011

(Originally on Twitter: Fri Apr 08 13:20:30 +0000 2011)

RT @aumasson: MysteryTwister, the Crypto Challenge Contest by ECRYPT cryptographers http://www.mysterytwisterc3.org/

(Originally on Twitter: Fri Apr 08 14:15:58 +0000 2011)

#hes2011 Femtocell presentation showed femtocell flexibility when you own the device -> SMS and voice interception… very nifty

(Originally on Twitter: Fri Apr 08 15:53:50 +0000 2011)

Very handy https://github.com/dvxhouse/jsonpipe -> Convert JSON to a UNIX-friendly line-based format

(Originally on Twitter: Sun Apr 10 19:42:17 +0000 2011)

RT @gal_diskin: Summary of talks from the second day of @HackitoErgoSum up on my blog: http://bit.ly/er0pol #HES2011 #infosec

(Originally on Twitter: Mon Apr 11 14:28:49 +0000 2011)

If you are looking for Critical Infrastructure Protection CIP standards http://www.nerc.com/page.php?cid=2|20 -> NERC-CIP #infosec #scada

(Originally on Twitter: Mon Apr 11 14:45:27 +0000 2011)

Congratulation to @HackitoErgoSum for their excellent 2011 edition. Great people, great talks and obviously great fun too. #infosec

(Originally on Twitter: Mon Apr 11 15:10:15 +0000 2011)

RT @travisgoodspeed: Photos of my tampered RSA #SecurID are up: http://tinyurl.com/goodid

(Originally on Twitter: Mon Apr 11 19:26:03 +0000 2011)

typing “rm -rf ~/” and reading it four times before hitting enter… I’m wondering why ;-) #unix

(Originally on Twitter: Mon Apr 11 19:51:48 +0000 2011)

My DNSSEC tentative of this evening is not resulting on some signed zones but three bugs reported…

(Originally on Twitter: Mon Apr 11 20:38:11 +0000 2011)

@0x58 True, bugs are inherent to software… but I’m not a fan when they try to reach some non-existent addressing space. #infosec #dnssec

(Originally on Twitter: Mon Apr 11 20:45:58 +0000 2011)

RT @circl_lu: http://fo.vc/25 “Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat” Updates to be available in the next h …

(Originally on Twitter: Tue Apr 12 07:56:27 +0000 2011)

@xme Having an NIDS without knowing your legitimate network flows… it’s useless, don’t you think?

(Originally on Twitter: Tue Apr 12 12:06:39 +0000 2011)

RT @codepo8: Why are all European sponsored projects built on very expensive .NET solutions? Couldn’t we use that money to support devel …

(Originally on Twitter: Wed Apr 13 09:32:49 +0000 2011)

RT @circl_lu: www.dnsviz.net a handy way to visualize the DNSSEC status of a DNS zone. #infosec #dns #dnssec

(Originally on Twitter: Wed Apr 13 11:57:30 +0000 2011)

Dear @gandibar where can I add my DS records in your interface to update the corresponding TLD? #dnssec

(Originally on Twitter: Wed Apr 13 20:27:16 +0000 2011)

Any good references for practical attacks against the NTRU public-key cryptosystem? #cryptography

(Originally on Twitter: Wed Apr 13 20:43:32 +0000 2011)

https://github.com/jgarzik/pyminer miner reference implementation for bitcoin. #bitcoin #python #p2p #currency

(Originally on Twitter: Mon Apr 18 06:09:15 +0000 2011)

http://fo.vc/26 Une excellente idée d’extension pour Forban - éditer et partager des fichiers bibtex en #p2p #forban

(Originally on Twitter: Mon Apr 18 14:12:09 +0000 2011)

@ioerror “An investigation of geographic mapping techniques for Internet hosts” is quite old but not too bad. #geoip

(Originally on Twitter: Mon Apr 18 18:02:21 +0000 2011)

@ioerror A technique that works quite well is to find the localization of the closest router with their reverse PTR record. #geoip

(Originally on Twitter: Mon Apr 18 18:05:07 +0000 2011)

http://forums.grsecurity.net/viewtopic.php?f=7&t=2596 A Response in Text and Code - improved PAX_USERCOPY - #kernel #grsecurity

(Originally on Twitter: Mon Apr 18 18:23:59 +0000 2011)

http://arxiv.org/abs/1104.3228 “Title: Metamorphic Virus Variants Classification Using Opcode Frequency Histogram” #infosec

(Originally on Twitter: Tue Apr 19 10:57:21 +0000 2011)

Looking for a simple command line OAUTH client, I just found the nifty oauth_sign : http://acme.com/software/oauth_sign/ #oauth #rfc5849

(Originally on Twitter: Tue Apr 19 20:15:54 +0000 2011)

Don’t look at the audit certificates provided by the CA to be included in the root certificate of your browser… it’s really scary. #pki

(Originally on Twitter: Tue Apr 19 20:28:44 +0000 2011)

@lkratz pour être proactif sur l’heure d’hiver… #customerservice

(Originally on Twitter: Wed Apr 20 10:18:08 +0000 2011)

People should read privacy policy, Apple updated their privacy policy 10 months ago about the storing of the location http://fo.vc/29

(Originally on Twitter: Wed Apr 20 20:12:50 +0000 2011)

@0x58 Right but that’s why we made www.goodiff.org some years ago but no one really cares… policies are even a pain to analyze. #alone

(Originally on Twitter: Wed Apr 20 20:24:31 +0000 2011)

RT @0xeb: VirusTotal plugin for IDA Pro 6.1. http://bit.ly/emNLkv

(Originally on Twitter: Thu Apr 21 15:21:33 +0000 2011)

FTP maybe has 40 years but sometime people should better use UUCP over SSH/SecSH #uucpiscool #infosec

(Originally on Twitter: Sat Apr 23 09:14:00 +0000 2011)

Using JBIG2Decode filter to pass crafted vulnerable TIFF image in PDF is clever… http://fo.vc/2a #infosec

(Originally on Twitter: Sat Apr 23 09:19:30 +0000 2011)

RT @hack_lu: Call for Papers/Presentation for hack.lu 2011 - http://2011.hack.lu/cfp/ #hacklu #cfp

(Originally on Twitter: Sat Apr 23 11:58:32 +0000 2011)

@namecoin I like the idea with the practical implementation. I just hope the initial blocks won’t be used to register some “spam” domains.

(Originally on Twitter: Sat Apr 23 21:17:44 +0000 2011)

@cvandeplas http://fo.vc/2b A quick patch made against RT/RTIR but never introduced in the main branch of RT until now.

(Originally on Twitter: Sun Apr 24 09:24:22 +0000 2011)

RT @bookshelfporn: Photo: Banned books return to shelves in Egypt and Tunisia A number of highly political titles censored by… http:// …

(Originally on Twitter: Sun Apr 24 11:11:30 +0000 2011)

RT @bestpractical: Important security announcement today if you use RT: http://blog.bestpractical.com/2011/04/security-vulnerabilities-i …

(Originally on Twitter: Sun Apr 24 15:09:08 +0000 2011)

made https://gist.github.com/939629 dumping HN user submitted URLs and sometime it’s just better than the del.icio.us network…

(Originally on Twitter: Sun Apr 24 16:01:49 +0000 2011)

Forban 0.0.29 released, mainly bug fixes, the Sneakernet support is foreseen for the next version #p2p #forban http://www.foo.be/forban/

(Originally on Twitter: Sun Apr 24 18:50:22 +0000 2011)

@robotcircus Beautiful video, I think the challenge is not for Nokia but for the bees to survive in such environment. We need more nature.

(Originally on Twitter: Mon Apr 25 10:51:23 +0000 2011)

“Security Concerns with IP Tunneling” - RFC 6169 published #rfc6169 http://tools.ietf.org/html/rfc6169 #infosec

(Originally on Twitter: Mon Apr 25 12:08:26 +0000 2011)

A nice reminder that a nuclear power plant is not only an output system it’s also an input system http://fo.vc/2c

(Originally on Twitter: Mon Apr 25 13:04:14 +0000 2011)

RT @hack_lu: Another incredible Capture the Flag created by @fluxfingers will take place during hack.lu 2011 #CTF http://fo.vc/2d #hacklu

(Originally on Twitter: Mon Apr 25 18:29:19 +0000 2011)

Security Through Amnesia: A Software-Based Solution to the Cold Boot Attack on Disk Encryption http://arxiv.org/abs/1104.4843 #crypto

(Originally on Twitter: Wed Apr 27 07:37:52 +0000 2011)

Just sent to Google a privacy question regarding their DNS answers… I hope to get an answer in the next days… @Google #privacy

(Originally on Twitter: Wed Apr 27 11:42:45 +0000 2011)

RT @xme: Will be in #Luxembourg the whole next week for a customer’s project. Are #infosec events foreseen in the evening? Want to meet? …

(Originally on Twitter: Wed Apr 27 11:59:35 +0000 2011)

@eromang maybe or information security hidden by a stack of paper…

(Originally on Twitter: Wed Apr 27 21:42:57 +0000 2011)

just added AVOS (the new delicious acquirer) privacy and ToS policies into GooDiff #quuxlabs

(Originally on Twitter: Wed Apr 27 22:00:52 +0000 2011)

@jimmy_wales now it’s time to implement it…

(Originally on Twitter: Thu Apr 28 19:33:27 +0000 2011)

RT @circl_lu: BGP Ranking to check online the security ranking of an Internet Service Provider ASN http://bgpranking.circl.lu/ (alpha ve …

(Originally on Twitter: Fri Apr 29 09:03:23 +0000 2011)

@xme I’m betting Belgacom/Skynet ;-) as they use the source number as a proof. #infosec

(Originally on Twitter: Fri Apr 29 09:48:47 +0000 2011)

@xme so it’s even a double #Fail as you didn’t need to spoof the Caller ID. I’m curious about who you have called ;-)

(Originally on Twitter: Fri Apr 29 09:55:56 +0000 2011)

arXiv.org is moving to Invenio http://invenio-software.org/ http://fo.vc/2f Maybe ACM digital library could do the same? #openarchive

(Originally on Twitter: Sat Apr 30 06:22:11 +0000 2011)

RT @xme: A new IDS stress-testing tool: Pytbull (like that name :-) http://bit.ly/jr71ky

(Originally on Twitter: Sat Apr 30 07:23:04 +0000 2011)

Everyday you discover something new in PGF/TikZ that you completely overlooked yesterday… #latex

(Originally on Twitter: Sat Apr 30 20:54:06 +0000 2011)

http://fo.vc/2g CompuTrace OEM malware is back on Toshiba Laptops… Maybe Toshiba got a recent agreement with Sony ;-)

(Originally on Twitter: Sun May 01 06:01:04 +0000 2011)

@zoobab “the product’s overall economic value” is already the next troll too. Maybe “easier” to strictly respect the article 52 (2) c …

(Originally on Twitter: Sun May 01 13:50:08 +0000 2011)

RT @raymondh: #python pro tip: html5lib is so much better than BeautifulSoup it’s not even funny. http://code.google.com/p/html5lib/

(Originally on Twitter: Sun May 01 17:06:48 +0000 2011)

If someone know how to attract and keep the encyrtidae wasps, you’ll receive my congratulations. #wasp #biology #ecology

(Originally on Twitter: Sun May 01 21:03:59 +0000 2011)

“Towards Street-Level Client-Independent IP Geolocation” http://fo.vc/2h #USENIX #geoip #privacy

(Originally on Twitter: Mon May 02 09:43:41 +0000 2011)

RT @rommelfs: $VENDOR: “The software doesn’t crash.”

(Originally on Twitter: Mon May 02 15:01:18 +0000 2011)

On a random set of CS academic papers we noticed a strange fact, the most cited papers contain 1 or less formula. #academic #papers

(Originally on Twitter: Tue May 03 09:53:51 +0000 2011)

@edarchis Yes that’s exactly my point. A lot of CS papers have the bad tendency (to be accepted in conferences) to add meaningless formulae

(Originally on Twitter: Tue May 03 15:38:23 +0000 2011)

RT @jeremiahg: Why would you store CC#s hashed (not key encrypted)? Aren’t basically unusable in that state? (cc @KimDavisIE)

(Originally on Twitter: Tue May 03 16:35:12 +0000 2011)

@bortzmeyer Hurricane Electric is quite good - http://www.he.net/ in addition, they have a clever policy for IPv4 and IPv6 peering.

(Originally on Twitter: Tue May 03 19:33:28 +0000 2011)

RT @mthorbruegge: New entry in the “clearinghouse for incident handling tools”:BGP Ranking http://goo.gl/j4ooF #cert #incidentresponse

(Originally on Twitter: Fri May 06 22:20:59 +0000 2011)

RFC6234 is now officialy replacing the RFC4634 if you are implementing SHA, HMAC or HKDF, that’s a must read. http://fo.vc/2i #infosec

(Originally on Twitter: Sat May 07 06:26:57 +0000 2011)

RT @logstash: logstash 1.0.0 is released - Announcement: http://goo.gl/TSeWZ Site: http://logstash.net/ #logging #sysadmin #opensource

(Originally on Twitter: Sat May 07 06:34:37 +0000 2011)

Sur lesoir.be “Copiepresse espère que Google conclura un accord” cela devrait être “Google ne négocie pas avec la mafia de la presse Belge”

(Originally on Twitter: Sat May 07 12:17:48 +0000 2011)

RT @h4z3dic: tcpjunk : TCP protocols testing and hacking utility http://bit.ly/m6ZoPh

(Originally on Twitter: Sat May 07 16:50:12 +0000 2011)

AVOS (del.icio.us buyer) is moving from an Inc. to an LLC - or it was a typo on their privacy policy? http://www.goodiff.org/changeset/617

(Originally on Twitter: Sun May 08 07:16:43 +0000 2011)

An interesting take on requirements for HTML escaping http://wonko.com/post/html-escaping #infosec #pentest

(Originally on Twitter: Sun May 08 12:44:21 +0000 2011)

RT @DidierStevens: Not only because of security, but also because I’m curious by nature and I like to known when the systems I use change.

(Originally on Twitter: Sun May 08 12:59:19 +0000 2011)

@jedisct1 LevelDB looks very interesting - how does it compare to Redis beside the limited data type available in LevelDB? @antirez

(Originally on Twitter: Sun May 08 15:18:20 +0000 2011)

Note to myself : “Don’t forget that man pages for GNU tools are usually not updated and always use info instead of man” #coreutils #gnu

(Originally on Twitter: Sun May 08 15:31:26 +0000 2011)

@tastefulwords Great job with Readable it’s very useful. Can we imagine a save button for his ebooks reader? Thank you.

(Originally on Twitter: Sun May 08 19:12:03 +0000 2011)

@antirez Thank you. By the way, happy user of Redis for network security related projects… (Passive DNS, PCAP indexing and BGP Ranking)

(Originally on Twitter: Sun May 08 20:29:09 +0000 2011)

“peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not.” http://fo.vc/2j #infosec

(Originally on Twitter: Mon May 09 21:08:34 +0000 2011)

@cvandeplas I suppose you know this scapy script to do TCP reassembly : http://malforge.com/linux/streams.py (not a real full-state machine)

(Originally on Twitter: Tue May 10 08:40:52 +0000 2011)

http://fo.vc/2k “Workers Leaving the Googleplex” or did you know about the yellow badge class at Google? is that true? #society #google

(Originally on Twitter: Wed May 11 07:06:24 +0000 2011)

http://fo.vc/2l A visualization of the MediaWiki 1.17 database schema with an explanation for each table. Very nifty… #mediawiki #wiki

(Originally on Twitter: Wed May 11 07:24:44 +0000 2011)

A kind reminder to everyone: don’t search for “access_token ….” in your favourite search engine. It’s not fair. #infosec

(Originally on Twitter: Wed May 11 13:09:23 +0000 2011)

At least ZeuS 2.0.8.9 is ready for the IPv6 day (at least the bcserver part). Like your network monitoring tool? #IPv6 #malware

(Originally on Twitter: Wed May 11 13:35:43 +0000 2011)

RT @raymondh: The #python Bloom filter recipe has become very popular this week (750+ visitors from 58 countries). http://bit.ly/bloom_ …

(Originally on Twitter: Wed May 11 20:12:42 +0000 2011)

“What Could You Buy for $8.5 Billion?” That’s an easy one: a malware. http://fo.vc/2o #infosec

(Originally on Twitter: Thu May 12 20:39:18 +0000 2011)

@npua Good question. I was thinking looking for extension header 44 but what’s the bpf filter for doing it? #tcpdump #bpf

(Originally on Twitter: Fri May 13 14:32:42 +0000 2011)

RT @circl_lu: US-CERT warns about “Multiple Vulnerabilities In Iconics Genesis” #scada #infosec http://fo.vc/2p

(Originally on Twitter: Fri May 13 14:50:58 +0000 2011)

EFF released the source code behind the SSL Observatory https://github.com/radii/observatory #infosec #tls #ssl

(Originally on Twitter: Fri May 13 15:02:59 +0000 2011)

Did you know that some mobile operators in Belgium intercepts SMS to deliver their ads based on transmitted content? #privacy

(Originally on Twitter: Sun May 15 08:12:11 +0000 2011)

@security4all @DidierStevens Take an unregistered Tempo card (Mobistar) send to that number “happy birthday” in Dutch or French? wait 1 hour

(Originally on Twitter: Sun May 15 14:17:41 +0000 2011)

RT @ochsff: new blogpost: Hooking 32bit System Calls under WOW64 – http://2011.5.16.hooking-32bit-system-calls-under-wow64.blog.oxff.net/

(Originally on Twitter: Mon May 16 16:36:49 +0000 2011)

RT @obra: Oracle is now dead to me. They’re using Comic Sans on the web http://www.oracle.com/technetwork/systems/index.html

(Originally on Twitter: Mon May 16 20:37:24 +0000 2011)

@raf_iot Maybe the real meaning of TMG is “Too Many Goatse.cx” #hadopi #fun #copyrightdelirium

(Originally on Twitter: Mon May 16 20:44:38 +0000 2011)

@letoams What DNS query triggers the crash of Unbound? I’m curious… #infosec

(Originally on Twitter: Mon May 16 20:51:41 +0000 2011)

RT @sclopit http://hunch.net/?p=1822 “Research Directions for Machine Learning and Algorithms” or why software implementation are important

(Originally on Twitter: Tue May 17 07:28:51 +0000 2011)

Next time you are in a hotel room -> http://hidethebible.tumblr.com/

(Originally on Twitter: Tue May 17 10:06:20 +0000 2011)

In Windows 7 while using “driverquery /si”, ksecdd is not signed but with sigcheck is signed… Is driverquery compatible with Win7?

(Originally on Twitter: Tue May 17 12:43:42 +0000 2011)

RT @SteveClement: Quantum Dot LED #experimental http://en.wikipedia.org/wiki/Quantum_dot http://spectrum.ieee.org/semiconductors/optoelectronics/quantum-dots-enhance-led-lighting

(Originally on Twitter: Tue May 17 17:02:33 +0000 2011)

@bortzmeyer how do evaluate the trust you have on those “funky” firmware? #android

(Originally on Twitter: Tue May 17 20:52:08 +0000 2011)

RT @hack_lu: @securitycfp hack.lu 2011 CfP abstract submission in less than 15 days… http://2011.hack.lu/cfp/ #hacklu #cfp

(Originally on Twitter: Tue May 17 20:59:40 +0000 2011)

Looking for an official feed of security advisories at Android.com and stumble upon an announce with one post in 2008. wtf? http://fo.vc/2t

(Originally on Twitter: Wed May 18 09:12:58 +0000 2011)

RT @cbrocas: RMLL 2011 Security topic program is online : http://2011.rmll.info/-Securite-?lang=en . Schedule with date/hour/room coming …

(Originally on Twitter: Wed May 18 12:53:30 +0000 2011)

https://github.com/wireghoul/htshells - yet another good reason to disable .htaccess files in your production environment #infosec

(Originally on Twitter: Wed May 18 13:00:51 +0000 2011)

RT @NeelieKroesEU: @clarinette02 EU firewall? The EU Commission has NO such intentions! #askneelie

(Originally on Twitter: Wed May 18 13:06:13 +0000 2011)

@edarchis Right the fragmentation is funky but even Microsoft is publishing security advisories and updates for their OEM version of Windows

(Originally on Twitter: Wed May 18 13:42:30 +0000 2011)

https://github.com/vecna/sniffjoke is funky but everyone is too lazy to rewrite a proper TCP reassembly per stack personality #infosec

(Originally on Twitter: Wed May 18 21:03:25 +0000 2011)

RT @xme: Let’s dive in the iPhone memory with Laurent Oudot #HITB2011AMS

(Originally on Twitter: Thu May 19 08:54:05 +0000 2011)

RT @mthorbruegge: European Commission public consultation about reducing plastic waste http://goo.gl/pH5Rl Get rid of those bags! #fb

(Originally on Twitter: Thu May 19 09:13:38 +0000 2011)

An interesting visualization of Linux kernel line update removed/added per change set http://neuling.org/linux-next-size.html #linux #kernel

(Originally on Twitter: Thu May 19 10:59:43 +0000 2011)

@kwisArts #npblu Is there a web page somewhere for the event in Luxembourg? just like the one in Bruxelles. Thanks.

(Originally on Twitter: Thu May 19 14:52:08 +0000 2011)

RT @jedisct1: What’s new in OpenSSH? Slides from AsiaBSDcon 2011 by @damienmiller: http://bit.ly/mBDl7k

(Originally on Twitter: Thu May 19 14:55:49 +0000 2011)

“When the server presents an X.509 server certificate, clients MAY use “Certification Path Validation”…” in the new RFC6251 - MAY?

(Originally on Twitter: Fri May 20 05:26:18 +0000 2011)

@AcidRampage right but I find funny that new RFCs are still putting the validation on client side as an OPTIONAL requirement #legacypain

(Originally on Twitter: Fri May 20 07:41:29 +0000 2011)

I’m reading a PDF about the analysis of a malicious PDF. I’m stuck in the security recursivity. #infosec

(Originally on Twitter: Fri May 20 20:53:49 +0000 2011)

http://code.google.com/p/rkanalyzer/ RKAnalyzer is a kernel level rootkit analyzer and defender using Hardware VT. -> simple SSDT Hooking

(Originally on Twitter: Fri May 20 21:04:16 +0000 2011)

@raf_iot Great news. I’ll update the whois interface to access and cache the JSON output. @bgpranking

(Originally on Twitter: Fri May 20 22:39:52 +0000 2011)

A good reminder, don’t forget old/legacy authorized_keys2 file on your OpenSSH server. http://fo.vc/2u #infosec #unix

(Originally on Twitter: Sat May 21 07:10:25 +0000 2011)

Sometime it’s good to remember the past especially while listening to B.W.P. Experiments tracks. Good old days. #electro #belgium

(Originally on Twitter: Sat May 21 20:04:36 +0000 2011)

If you are operating an SKS server (OpenPGP key server), you should have a look at the recent commits/updates in SKS http://fo.vc/2v

(Originally on Twitter: Sat May 21 20:19:32 +0000 2011)

RT @halvarflake: Me: “You’re trying to sell it to me before the bubble burst. Your company has a reputation of not holding stuff when it …

(Originally on Twitter: Sun May 22 10:31:31 +0000 2011)

posted “Ease Your Log Analysis With BGP Ranking and logs-ranking” http://fo.vc/2w to explain the “logs-ranking” script @bgpranking #infosec

(Originally on Twitter: Sun May 22 19:26:21 +0000 2011)

RT @sam280: Full key recovery via remote timing attack against a TLS server authenticating with ECDSA signatures: http://is.gd/puASLo

(Originally on Twitter: Sun May 22 20:00:56 +0000 2011)

Just heard right now in a conf-call about a software project “we don’t code early, we design first” aie aie, it starts to smell bad….

(Originally on Twitter: Mon May 23 20:04:48 +0000 2011)

RT @circl_lu: Many new blacklists added into BGP Ranking - http://bgpranking.circl.lu/ @bgpranking #infosec

(Originally on Twitter: Mon May 23 20:19:51 +0000 2011)

@sam280 Scrum-kan-ban or even the waterfall model are just there to amuse people (folklore). I’m more into “Programming, Motherfucker” model

(Originally on Twitter: Mon May 23 20:43:07 +0000 2011)

http://pastebin.com/9qwdL1pA Comodo has again some security issues…but they still have the AICPA audit certificate. #certificationORsec

(Originally on Twitter: Tue May 24 20:20:08 +0000 2011)

Looking for hierarchical trees or graphs designed with #Redis data-structure? I found this discussion thread http://fo.vc/2z #keyvalue

(Originally on Twitter: Tue May 24 20:47:34 +0000 2011)

In “WebTrust SM/TM Program for Certification Authorities”, you can find the word “process” at each page but “attacker” is found one time…

(Originally on Twitter: Tue May 24 20:55:02 +0000 2011)

RT @xme: “Logging is always too much until you need it, then it’s never enough” #QOTD #SIEM

(Originally on Twitter: Wed May 25 05:00:53 +0000 2011)

Oracle v. Google - A judge grounded in the real world http://fo.vc/2C #patentdelirium #groklaw

(Originally on Twitter: Thu May 26 14:35:30 +0000 2011)

You take a cookie session from a coding example in a book and you still have access to the author account on this website… #infosec #fail

(Originally on Twitter: Thu May 26 20:58:02 +0000 2011)

RT @bortzmeyer: Support freedom on the Internet: configure static #IPv6 addresses with “EFF” in one field http://www.eff.org/ T’will be …

(Originally on Twitter: Fri May 27 09:40:04 +0000 2011)

Worry about vulnerabilities in libpcap? read pcap without libcap with py-cap http://dirtbags.net/py-pcap.html #netforensic #python

(Originally on Twitter: Fri May 27 19:25:17 +0000 2011)

BGP Ranking whois extended to include Today’s best ranking and current malicious position - “whois -h pdns.circl.lu 15169” @bgpranking

(Originally on Twitter: Fri May 27 22:40:16 +0000 2011)

http://fo.vc/2G “Where’s Waldo: Matching People in Images of Crowds” Interesting research work done in pattern recognition #privacy #google

(Originally on Twitter: Sat May 28 07:57:13 +0000 2011)

With the recent Google API shutdown planning, the “Franklin Street Statement on Freedom and Network Services” shows its importance.

(Originally on Twitter: Sat May 28 08:16:13 +0000 2011)

“DAQ module implements “round robin” reading from network interfaces” Very handy when sniffing with cards without netbound http://fo.vc/2H

(Originally on Twitter: Sat May 28 15:20:24 +0000 2011)

http://fo.vc/2I Lockheed Martin Corporation is the first buyer of the first quantum computer… mmm, it’s a coincidence isn’t it? #infosec

(Originally on Twitter: Sat May 28 15:52:31 +0000 2011)

What are you installing first on a new Unix installation? Usually GNU Screen, git, vim/emacs…. now I added on the list Redis.

(Originally on Twitter: Sat May 28 21:29:23 +0000 2011)

@lrz It’s the neutrino…

(Originally on Twitter: Sun May 29 06:29:31 +0000 2011)

@taskwarrior Thank you for this great tool but wondering why there is no “time spent” output per task in version 1.9.x. http://fo.vc/2J #gtd

(Originally on Twitter: Sun May 29 09:52:44 +0000 2011)

@_pst SCADA SIEM why not… but a good start would be to enable logging on the SCADA devices and read them regularly… #infosec #siem

(Originally on Twitter: Mon May 30 15:54:36 +0000 2011)

Are you running VBulletin? (4.0.x, 4.1.0, 4.1.1 and 4.1.2) exploits in the wild… so you know what you have to do tonight. #infosec

(Originally on Twitter: Mon May 30 19:17:58 +0000 2011)

http://2011.hack.lu/cfp/ hack.lu call for paper abstract deadline is within 15 hours. It’s time to submit if you want to have fun #infosec

(Originally on Twitter: Tue May 31 07:41:05 +0000 2011)

@jeffreycarr Don’t forget that LM was regularly infected by virii like the notorious SoBig.F malware already in 2003 http://fo.vc/2L

(Originally on Twitter: Tue May 31 11:34:18 +0000 2011)

RT @security4all: Oh joy, so soon I can optin for a free massage at EU airports…

(Originally on Twitter: Tue May 31 11:48:03 +0000 2011)

RT @circl_lu: To prevent the current #CookieJacking Microsoft recommends to use the private browsing mode http://fo.vc/2M should be the …

(Originally on Twitter: Tue May 31 13:43:05 +0000 2011)

RT @edarchis: Je viens de lire que le Ministre Lutgen avait fait retirer la vidéo d’origine: http://ma-tvideo.france3.fr/video/iLyROoafz-wQ.html Allez, faisons-lui un e …

(Originally on Twitter: Tue May 31 20:09:10 +0000 2011)

http://fo.vc/2O Good and recent comment in tcpdump why the snap len should be carefully chosen. or why “-s 0” is not always the best option

(Originally on Twitter: Tue May 31 21:02:10 +0000 2011)

“Any simple problem can be made insoluble if enough meetings are held to discuss it.” Mitchell’s Law of Committees has been again proved

(Originally on Twitter: Tue May 31 21:15:19 +0000 2011)

RT @DragonResearch: Security Innovation Grant Finalists! AIDE, Cuckoo Sandbox, NoScript, OpenBL.org - http://dragonresearchgroup.org/gra …

(Originally on Twitter: Tue May 31 21:25:17 +0000 2011)

Multiple fixes for the various XMPP server using “billion laughs” attack targeting XML parsers. Maybe some still vulnerable? #infosec

(Originally on Twitter: Tue May 31 21:32:36 +0000 2011)

It seems that the wallet encryption for bitcoin client starts to be really required. #bitcoin #infosec

(Originally on Twitter: Wed Jun 01 12:23:04 +0000 2011)

@eurodns ns1/ns2.eurodns.com seem to have difficulties to answer queries. Are you working on this issue right now? if not, you should…

(Originally on Twitter: Wed Jun 01 15:07:50 +0000 2011)

@EuroDNS thank you for the update, this is appreciated. By the way, when do you plan to add AAAA records for ns1 and ns2? #ipv6

(Originally on Twitter: Wed Jun 01 16:13:43 +0000 2011)

http://fo.vc/2Q “RunTrace - Prospector components (part of COSEINC’s BugMine)” detect writes outside the allocated heap memory #pintool

(Originally on Twitter: Thu Jun 02 07:20:27 +0000 2011)

If you have Tor running, you should have a look at http://ianxz6zefk72ulzz.onion/ - Neuromancer is not far away. #bitcoin #cyberspace

(Originally on Twitter: Thu Jun 02 14:31:34 +0000 2011)

http://www.spamrankings.net/ Sometimes Belgium is on top but here is Win.be operator is second place for medical spam in April #infosec

(Originally on Twitter: Thu Jun 02 17:03:19 +0000 2011)

RT @jerezim: Le Rapporteur Spécial de l’ONU à la Protection de la Liberté d’Expression, défonce #Hadopi, #Loppsi, #ACTA, #G8 http://ur1. …

(Originally on Twitter: Thu Jun 02 21:02:38 +0000 2011)

RT @circl_lu: http://fo.vc/2R Privilege escalation in Plone (all version affected since 2.5) - A hotfix is available #infosec #plone CVE …

(Originally on Twitter: Fri Jun 03 06:59:48 +0000 2011)

http://zeltser.com/remnux/ REMnux, a Linux Distribution for Reverse-Engineering Malware looks very good. Just pyew is missing? #infosec

(Originally on Twitter: Fri Jun 03 10:07:20 +0000 2011)

RT @cesarcer: Research tip: it’s better to look for new attack vectors than vulnerabilities, if you find just one new vector you find do …

(Originally on Twitter: Fri Jun 03 13:38:10 +0000 2011)

When I’m reading a CS paper saying they have done some “TCP reassembly” in two words without ref, I always ask myself “which one?” #infosec

(Originally on Twitter: Fri Jun 03 13:57:51 +0000 2011)

@fpietrosanti Thank you I saw @sniffjoke but I’m really wondering why the academic research underestimates the TCP reassembly issues.

(Originally on Twitter: Fri Jun 03 14:54:52 +0000 2011)

@imrim I think I should not ask on how the key enrolment is done for this “128-bit AES encryption keyboard” or if Zbot is already installed

(Originally on Twitter: Fri Jun 03 14:59:18 +0000 2011)

RT @raymondh: Updated the Bloom Filter recipe. Simpler code, cleaner APi, easily subclassable. Thx for the feedback. http://bit.ly/bloom …

(Originally on Twitter: Fri Jun 03 19:57:08 +0000 2011)

saw this excellent comment “Libraries shouldn’t be closed: they should be reinvented for the XXI century. “ #library #libraries

(Originally on Twitter: Sat Jun 04 10:04:48 +0000 2011)

RT @fpietrosanti: @lensassaman I’ve been with @sniffjoke during weekend at Italian #eprivacy / #bigbrotherawards in Florence . The proje …

(Originally on Twitter: Sun Jun 05 07:10:18 +0000 2011)

PyCodin is an open source Python library that allows instrumentation of low-level code for different architectures. http://fo.vc/2U #infosec

(Originally on Twitter: Sun Jun 05 08:15:44 +0000 2011)

#protolol The pity with a lawful interception joke is always unlawful to someone else. #privacy

(Originally on Twitter: Sun Jun 05 10:41:04 +0000 2011)

@2600 Could you disable the DRM for your Kindle subscription? or is it only DRMized during the trial period?

(Originally on Twitter: Sun Jun 05 10:54:03 +0000 2011)

@security4all but AS15169 might host malicious content too. Their current ranking is 977 over 11101 http://fo.vc/2V @bgpranking

(Originally on Twitter: Sun Jun 05 10:59:17 +0000 2011)

Any user of SciEngine RIVYERA S3-5000? and especially the performance while using SHA-2? http://fo.vc/2W #crypto #fpga

(Originally on Twitter: Sun Jun 05 11:07:40 +0000 2011)

kindly reminds large corporations, it’s always good to have a public security point of contact with a PGP key that you can verify. #CSIRT

(Originally on Twitter: Sun Jun 05 15:13:41 +0000 2011)

It’s not because you add “Parliamentary” in your organization name that will become a democracy… #infosec

(Originally on Twitter: Sun Jun 05 16:57:21 +0000 2011)

RT @itgirljs: The best thing about script jokes is that they start with a bang. #protolol

(Originally on Twitter: Sun Jun 05 17:26:43 +0000 2011)

http://fo.vc/2X Sur ces bêtises médiatiques. je vais aller manger mes germes de luzerne avec un petit fromage de chèvre. #eatlocalorganic

(Originally on Twitter: Sun Jun 05 17:31:31 +0000 2011)

RT @damienmiller: Did Redhat just “fix” OpenSSH by making it seed with only 6 bytes from /dev/random? http://goo.gl/7fT6p

(Originally on Twitter: Mon Jun 06 08:08:29 +0000 2011)

“Prank on a Belgian call center” Incredible #mobistar http://www.youtube.com/watch?v=mxXlDyTD7wo

(Originally on Twitter: Mon Jun 06 21:09:56 +0000 2011)

@kevinmitnick It’s not a matter of encrypting the seeds of the token, customer must be able to control his token’s private key #rsa

(Originally on Twitter: Tue Jun 07 05:24:36 +0000 2011)

To see the list of EMC Security Advisories you need a “Powerlink” credentials. So their security advisories are not public… #fail

(Originally on Twitter: Tue Jun 07 08:24:12 +0000 2011)

@y0m There will be a funky CTF during hack.lu 2011 done again by the incredible @fluxfingers #hacklu #ctf

(Originally on Twitter: Tue Jun 07 17:03:11 +0000 2011)

RT @thorstenholz: Most of the PDFs of our group are now available at http://emma.rub.de/research/publications/, the Usenix papers will f …

(Originally on Twitter: Tue Jun 07 19:32:07 +0000 2011)

@syn2cat I can support you with some standard money (or even bitcoins) but next time avoid to use dynamic pages ;-)

(Originally on Twitter: Tue Jun 07 20:49:05 +0000 2011)

Funny to see in the passive DNS so many IPv6 addresses terminating by “::53” for DNS server (passive scanning is more easy in IPv6).

(Originally on Twitter: Wed Jun 08 09:08:11 +0000 2011)

http://fo.vc/33 [PDF] “Cybersecurity, Innovation and the Internet Economy” published by Internet Policy Task Force #infosec

(Originally on Twitter: Wed Jun 08 19:24:18 +0000 2011)

@mikkohypponen I’m surprised that there are still questions about who created Stuxnet after seeing this presentation http://fo.vc/35 [PDF]

(Originally on Twitter: Thu Jun 09 11:49:42 +0000 2011)

Attackers using white-space obfuscation in a PHP/JS-based malware http://fo.vc/36 old but seems still very effective. #infosec #malware

(Originally on Twitter: Thu Jun 09 12:13:00 +0000 2011)

@myvonline Right, the SSIC projects were not completely stupid. I have a dump of the Oddmuse content if you want. A new version on github?

(Originally on Twitter: Thu Jun 09 13:01:26 +0000 2011)

@mvyonline At least it will be useful for the attackers to have a covert channel framework….

(Originally on Twitter: Thu Jun 09 13:18:36 +0000 2011)

@HoffmannMich PET recycling is just a myth and the marketers abused that myth on their bottle.

(Originally on Twitter: Fri Jun 10 09:49:04 +0000 2011)

@HoffmannMich It’s a myth 70% of collected PET bottles are transformed into filaments used in non-recyclable objects. Glycolysis is not used

(Originally on Twitter: Fri Jun 10 11:53:38 +0000 2011)

Major updates in the Apple iTunes ToS http://fo.vc/38 they prefixed iTunes to all products and services name. #goodiff maybe for #icloud ?

(Originally on Twitter: Fri Jun 10 13:27:33 +0000 2011)

RT @circl_lu: BGP Ranking got a new worldmap with the highest malicious ranking per country http://bgpranking.circl.lu/maps #infosec #malware @bgpra …

(Originally on Twitter: Sat Jun 11 11:35:08 +0000 2011)

ospy looks interesting - “Advanced reverse-engineering tool for spying on Windows software” #windows #reversing http://fo.vc/3a

(Originally on Twitter: Sat Jun 11 16:33:57 +0000 2011)

I found a winner for tonight : “a firewall layer-7 proxy not supporting gzip and passing compressed streams to the other end.” #infosec

(Originally on Twitter: Sat Jun 11 19:25:20 +0000 2011)

APT is Again Powned by Treating security as a certification process. #infosec

(Originally on Twitter: Sat Jun 11 19:45:12 +0000 2011)

@slideshare Why a login is required to download a document on slideshare? Do you really want to break the Internet model?

(Originally on Twitter: Sun Jun 12 20:49:23 +0000 2011)

http://fo.vc/3b A master’s thesis proposal to move X.509 on top of DNSSEC using DANE…. In one semester for one or two students ;-)

(Originally on Twitter: Mon Jun 13 10:43:19 +0000 2011)

@zoobab To summarize: FRAND sucks just like RAND licensing. That’s why Royalty Free licenses is the only way to go in a free society….

(Originally on Twitter: Mon Jun 13 10:48:03 +0000 2011)

@zoobab FRAND must be ditched in favor of Royalty Free Licensing for free standards. But I think my lobbying force is near zero…

(Originally on Twitter: Mon Jun 13 11:09:40 +0000 2011)

@unpacker looking at the Siemens advisory it seems there are no patches available today but the mitigation is to disable the HTTP server.

(Originally on Twitter: Wed Jun 15 05:54:48 +0000 2011)

RT @circl_lu: A good reminder http://fo.vc/3d for all Bitcoin users why it’s important to protect your wallet.dat (unencrypted). #bi …

(Originally on Twitter: Wed Jun 15 09:17:49 +0000 2011)

I have the impression to move a lot these past days… from #AIMS2011 to #FIRST2011 to National CSIRT meeting to what’s next?

(Originally on Twitter: Thu Jun 16 16:30:08 +0000 2011)

At #FIRST2011 it seems that Kenya will be the next source of attacks… looking at their cheap entry price for mobile operator. #infosec

(Originally on Twitter: Fri Jun 17 09:35:23 +0000 2011)

@mikkohypponen Following your #FIRST2011 talk, what’s the boundary between legitimate A/V businesses and fake A/V businesses? #virustotal

(Originally on Twitter: Fri Jun 17 09:38:49 +0000 2011)

@mikkohypponen I was just wondering regarding your “mention” of some potential suspicious A/V vendors at VirusTotal. Thx. #FIRST2011

(Originally on Twitter: Fri Jun 17 10:00:16 +0000 2011)

@jcanto @bquintero Right. The question was mainly about submitting infected sensitive documents that could end up in various countries.

(Originally on Twitter: Sat Jun 18 09:44:45 +0000 2011)

12 days left before the hack.lu CFP 2011 is officially closed. This year looks very promising… be part of it. #hacklu http://2011.hack.lu/cfp/

(Originally on Twitter: Sat Jun 18 16:06:55 +0000 2011)

at #metalab, listening to classical 8 bits songs. Nice #hackerspace.

(Originally on Twitter: Sat Jun 18 21:25:21 +0000 2011)

@AcidRampage the performer during hack.lu 2009 was “playboy bend” #hacklu - for the preHack party on 19.09.2011 there might be some surprise

(Originally on Twitter: Sun Jun 19 07:14:45 +0000 2011)

@lensassaman #metalab is indeed a kind of model for the other ones. I’m surprised there is no model reusing public librairies + #hackerspace

(Originally on Twitter: Sun Jun 19 07:17:27 +0000 2011)

@AbuseHelper got a Twitter account. If you are interested in automatic incident handling, AbuseHelper is a nifty tool. #csirt #infosec #cert

(Originally on Twitter: Sun Jun 19 10:25:39 +0000 2011)

After 7 successful check-in of my Leatherman by mistake in hand luggage, it failed Today. There are still some proper security check…

(Originally on Twitter: Mon Jun 20 15:20:11 +0000 2011)

The GnuPG option of the day to avoid HKP requests based on key materials “–keyserver-options no-honor-keyserver-url” #pgp #gnupg

(Originally on Twitter: Mon Jun 20 20:21:59 +0000 2011)

@AcidRampage 12.5% success rate is still very good for the security circus at the airport control. I didn’t expect such result from a circus

(Originally on Twitter: Mon Jun 20 20:29:05 +0000 2011)

Bad advice of the evening, don’t type “keylogger” in the search box of pastebin.com. You’ll be surprised… #infosec

(Originally on Twitter: Mon Jun 20 21:04:17 +0000 2011)

@eff http://news.ycombinator.com/item?id=2677477 Why don’t you use the bitcoins for the objectives of the EFF? instead of redistributing them randomly #bitcoin

(Originally on Twitter: Tue Jun 21 09:18:24 +0000 2011)

RT @lennyzeltser: A reminder of the extent to which we rely on authentication: Dropbox passwords were optional for 4 hrs: http://j.mp/ka10Dd

(Originally on Twitter: Tue Jun 21 13:21:20 +0000 2011)

@SteveClement It should be part of the minimal services for a “cloud” service. Providing you the logs of who accessed your account. #infosec

(Originally on Twitter: Tue Jun 21 13:27:18 +0000 2011)

http://www.appseceu.org/wp-content/presentations/ OWASP AppSec presentations published #infosec

(Originally on Twitter: Tue Jun 21 14:33:33 +0000 2011)

RT @adamshostack: RT @tillig: Our PCI assessor is so secure he locked himself out of his own car. Locksmith on site now. << PCI vs …

(Originally on Twitter: Tue Jun 21 16:22:51 +0000 2011)

@xme http://www.syncany.org/ is a good alternative for GNU/Linux users.

(Originally on Twitter: Tue Jun 21 19:05:04 +0000 2011)

Cumulative prospect theory is a direct model for IT risk management and especially the usual mantra “we don’t fix issues and wait…”

(Originally on Twitter: Tue Jun 21 19:37:40 +0000 2011)

A B&W picture of @mikkohypponen at FIRST 2011 http://www.flickr.com/photos/adulau/5857551391/ #FIRST2011

(Originally on Twitter: Tue Jun 21 21:21:31 +0000 2011)

RT @unpacker: Evilcore Bootkit - Pwning Multiprocessor Systems http://bit.ly/lY49IC

(Originally on Twitter: Wed Jun 22 09:36:40 +0000 2011)

http://www.openwall.com/lists/john-users/2011/06/22/1 John the Ripper 1.7.8 released including the new improved S-box expressions made by Roman Rusakov #infosec #crypto

(Originally on Twitter: Thu Jun 23 12:25:45 +0000 2011)

@jaysonstreet I thought that PowerPoint is already #NSFW even without porn inside ;-)

(Originally on Twitter: Thu Jun 23 12:37:15 +0000 2011)

A clever use of arxiv.org “A Novel Attack against Android Phones” as a proof for responsible disclosure http://arxiv.org/abs/1106.4184 #infosec

(Originally on Twitter: Thu Jun 23 12:43:22 +0000 2011)

@Aissn I just hope that the paper will be replaced with the full paper after the graceful period.

(Originally on Twitter: Thu Jun 23 12:50:53 +0000 2011)

@Aissn on arxiv.org, you can replace an article submitted http://arxiv.org/help/replace but the old one will remain accessible.

(Originally on Twitter: Thu Jun 23 13:06:46 +0000 2011)

RT @circl_lu: LibreOffice 3.3 ‘Lotus Word Pro’ document import filter contains multiple vulnerabilities -> 3.3.3/3.4.0 fixed http://t …

(Originally on Twitter: Thu Jun 23 13:20:42 +0000 2011)

What’s the proportion of vulnerable applications listed n in robots.txt? It’s usually very high. A good directory service for attackers…

(Originally on Twitter: Thu Jun 23 13:29:24 +0000 2011)

@chux0r yes indeed robots.txt can be still used as nifty sinkholes or honeypots. Maybe they may have effects for tarpiting web malware…

(Originally on Twitter: Thu Jun 23 13:46:05 +0000 2011)

“Early Phishing”-> AOL phishing attacks in 1995… #infosec #history http://arxiv.org/abs/1106.4692

(Originally on Twitter: Fri Jun 24 10:35:22 +0000 2011)

RT @teamcymru: bought anything from NATO’s e-Bookshop? You may want to change your password #cybercrime http://bit.ly/kpgZM9

(Originally on Twitter: Fri Jun 24 18:55:19 +0000 2011)

RT @xme: Found this in my archives: Alternet Backbone map in 1995: http://twitpic.com/5g6ypd #collector #internet

(Originally on Twitter: Fri Jun 24 19:22:29 +0000 2011)

@security4all I really enjoyed “Jamie at Home: Cook Your Way to the Good Life” #gardening and #cooking is a nice mix.

(Originally on Twitter: Fri Jun 24 20:03:04 +0000 2011)

A PIN tool extension to trace malware and reimport the result into IDA pro for tagging the disassembled code nifty http://code.google.com/p/tartetatintools/

(Originally on Twitter: Sat Jun 25 10:17:06 +0000 2011)

@davanac “Facebook has become the wiring hub of the connected Web “ Ah bon? Facebook c’est plutôt le nouveau AOL ou MSN classic #privateweb

(Originally on Twitter: Sat Jun 25 10:29:14 +0000 2011)

I didn’t know that No Starch Press just published a second edition of the “IDA Pro book” http://nostarch.com/idapro2.htm any review?

(Originally on Twitter: Sat Jun 25 10:46:32 +0000 2011)

http://www.imperialviolet.org/2011/06/12/goopenpgp.html - http://golang.org/pkg/crypto/openpgp/ OpenPGP support in Go #golang

(Originally on Twitter: Sat Jun 25 11:09:05 +0000 2011)

RT @hack_lu: @securitycfp last 5 days before end of CfP for #hacklu 2011 topics include network/system security, reversing but also hard …

(Originally on Twitter: Sat Jun 25 11:35:31 +0000 2011)

RT @0x58: Anybody has experience with #google map api & #geocoding where the returned #json array is truncated using #pycurl? #python (R …

(Originally on Twitter: Sun Jun 26 08:21:53 +0000 2011)

RT @rfc3849: Mac OS X 10.6 Snow Leopard Security Configuration http://bit.ly/macsec #osx #mac #security #pdf

(Originally on Twitter: Mon Jun 27 09:30:25 +0000 2011)

RT @circl_lu: Remote “vulnerability”/DoS in l2cap configuration request (via Bluetooth) on Linux kernel http://marc.info/?l=linux-bluetooth&m=130891949809746&w=2 #infosec

(Originally on Twitter: Mon Jun 27 14:47:52 +0000 2011)

http://www.mathieu-g.be/en/2011/05/constant-osf-family/ real furniture designs available under a free art license… free software hits the physical world #beyondfreesoftware

(Originally on Twitter: Mon Jun 27 15:59:06 +0000 2011)

Ubuntu smoked crack while designing the new configuration model for Grub 2 (grub-pc) - we don’t need abstraction, keep simple config files.

(Originally on Twitter: Wed Jun 29 13:37:38 +0000 2011)

@Aissn The causes are diffuse (grub-pc script in Ubuntu is a bit messy). Where the broken LVM over softRAID support is more Grub 2 related.

(Originally on Twitter: Wed Jun 29 14:47:31 +0000 2011)

“Common Weakness Scoring System” CWSS it’s an extended CVSS including environmental context… still very approximative http://cwe.mitre.org/cwss/

(Originally on Twitter: Thu Jun 30 08:24:04 +0000 2011)

@fboule sorry to say that but that’s the same shit with grub-pc ;-)

(Originally on Twitter: Thu Jun 30 09:18:27 +0000 2011)

“2011 CWE/SANS Top 25 Most Dangerous Software Error” published June 29, 2011 - a good overview #infosec http://cwe.mitre.org/top25/index.html

(Originally on Twitter: Fri Jul 01 10:31:07 +0000 2011)

GNUnet Emulation Framework Paper Accepted accepted at CSET’11 workshop (USENIX 2011) https://gnunet.org/node/1298 #p2p #p2ptesting #dht

(Originally on Twitter: Sat Jul 02 08:33:38 +0000 2011)

http://tools.ietf.org/html/rfc6302 “Internet-Facing Server Logging” officially recommends to log the source port number along with the IP address #rfc6302

(Originally on Twitter: Sat Jul 02 08:38:57 +0000 2011)

@ndw The first programming language must be at least two programming languages. So, your nephew will build his ability to compare them.

(Originally on Twitter: Sat Jul 02 08:59:10 +0000 2011)

https://github.com/inquisb/shellcodeexec “shellcodeexec is a small script to execute in memory a sequence of opcodes.” not tested but looks very handy. #infosec

(Originally on Twitter: Sat Jul 02 15:08:26 +0000 2011)

The 10 years old feature request in Thunderbird https://bugzilla.mozilla.org/show_bug.cgi?id=86405 being able to edit LDAP address book…

(Originally on Twitter: Sat Jul 02 19:12:27 +0000 2011)

“Emails from PayPal will always address you by your first and last name.” Whoaaaa that’s a security measure, read in a real @paypal email.

(Originally on Twitter: Mon Jul 11 07:48:53 +0000 2011)

@lensassaman We will miss you. A brilliant mind and a great human being.

(Originally on Twitter: Mon Jul 11 19:54:00 +0000 2011)

RT @BoozAllen: As part of @BoozAllen security policy, we generally do not comment on specific threats or actions taken against our systems.

(Originally on Twitter: Mon Jul 11 20:04:53 +0000 2011)

LiveJournal updated its privacy policy to include some “clarification” with third parties advertisers #goodiff #quuxlabs http://fo.vc/3g

(Originally on Twitter: Tue Jul 12 20:44:33 +0000 2011)

http://durandal-project.org/ “Distributed CPU/GPU Hash Cracker” #infosec

(Originally on Twitter: Wed Jul 13 07:14:57 +0000 2011)

Using Redis for Passive DNS - some figures with my current experiment https://plus.google.com/112095729959662313642/posts/L5ptPBvC4Gq #redis #infosec

(Originally on Twitter: Wed Jul 13 08:37:27 +0000 2011)

RT @bortzmeyer: Van Jacobson et le réseau centré sur le contenu http://www.bortzmeyer.org/van-jacobson-ccn.html

(Originally on Twitter: Wed Jul 13 09:12:27 +0000 2011)

A nice initiative from UCL to develop an open-source networking textbook licensed under the CC BY-SA (book in ReST) http://inl.info.ucl.ac.be/CNP3/

(Originally on Twitter: Thu Jul 14 21:12:59 +0000 2011)

RT @circl_lu: http://www.kb.cert.org/vuls/id/122054 HP ArcSight Connector Appliance XSS vulnerability #CVE-2011-0770 #siem #infosec

(Originally on Twitter: Mon Jul 18 13:49:52 +0000 2011)

https://telex.cc/ “Anticensorship in the Network Infrastructure” it seems to be a complement to Tor… #privacy

(Originally on Twitter: Mon Jul 18 14:35:05 +0000 2011)

RT @raf_iot: http://www.2villepin2012.fr/ == http://www.conseil-funeraire.fr (via @mourphy)

(Originally on Twitter: Mon Jul 18 14:45:36 +0000 2011)

made a quick-and-dirty script to read top articles from lesoir.be on his Kindle without the advertising… https://github.com/adulau/lesoir2text/ #belgium

(Originally on Twitter: Mon Jul 18 20:21:13 +0000 2011)

RT @jduck1337: Analysis of the jailbreakme v3 font exploit - Sogeti ESEC Lab http://j.mp/raw41D

(Originally on Twitter: Mon Jul 18 20:29:52 +0000 2011)

http://oreilly.com/catalog/0790145316974/ “Windows Sysinternals Administrator’s Reference” book published. any good review? #infosec

(Originally on Twitter: Tue Jul 19 09:24:01 +0000 2011)

RT @bortzmeyer: The ten years of the Jabber foundation: https://stpeter.im/index.php/2011/07/12/xsf-10/ #XMPP

(Originally on Twitter: Tue Jul 19 10:54:38 +0000 2011)

RT @mikkohypponen: Murdoch is offended that Lulzsec broke in just to create some news.

Hmm… Didn’t his newspaper use exactly the sam …

(Originally on Twitter: Tue Jul 19 11:55:26 +0000 2011)

@Securelist I tried to reproduce the 30% rate of AXFR allowed from all the IANA TLDs without success. Did you perform the AXFR for each TLD?

(Originally on Twitter: Tue Jul 19 13:02:51 +0000 2011)

RT @LaF0rge: is there no #firefox pluging for removing those stupid #google redirect URLs out of search results?

(Originally on Twitter: Tue Jul 19 14:23:17 +0000 2011)

http://blog.snort.org/2011/07/snort-291-rc-is-now-available-including.html IP Reputation preprocessor in Snort 2.9.1 (maybe a nifty way to integrate BGP Ranking dataset within Snort) @bgpranking

(Originally on Twitter: Tue Jul 19 15:50:55 +0000 2011)

hamake - Hadoop Make utility based on a dependency graph between each dataset to be processed http://code.google.com/p/hamake/ #mapreduce

(Originally on Twitter: Tue Jul 19 20:15:11 +0000 2011)

RT @moxie__: @maradydd @sirvaliance Yes, I keep seeing research and thinking “great, another idea that will never be fully implemented.”

(Originally on Twitter: Wed Jul 20 05:35:16 +0000 2011)

http://arxiv.org/abs/1107.3593 “Privacy-Enhanced Methods for Comparing Compressed DNA Sequences” but still vague regarding the algo used #privacy #dna

(Originally on Twitter: Wed Jul 20 08:05:03 +0000 2011)

RT @0x58: Hahah today’s #xkcd cannot be more true http://xkcd.com/927/ #universalStandard

(Originally on Twitter: Wed Jul 20 08:06:12 +0000 2011)

@garybernhardt Maybe a review of the key-value store libraries/interfaces for Python… #python

(Originally on Twitter: Wed Jul 20 19:56:26 +0000 2011)

“Sending Hidden Data via Google Suggest” http://arxiv.org/abs/1107.4062 A clever 10bit/s steganography … #infosec #google #stegano

(Originally on Twitter: Thu Jul 21 11:25:17 +0000 2011)

@fboule You made my day. The MAC address authentication for VPN was a funny joke. Euuuh? It’s not a joke? #infoseconcrack

(Originally on Twitter: Thu Jul 21 21:43:08 +0000 2011)

RT @aumasson: the submission server of CT-RSA 2012 is now up https://ctrsa2012.cs.haifa.ac.il/iChair/

(Originally on Twitter: Fri Jul 22 05:54:09 +0000 2011)

@roessler out of my mind… two pencils, a book corner, a glossy paper that can cut two fingers in a row and a badly soldered arduino board.

(Originally on Twitter: Fri Jul 22 08:43:09 +0000 2011)

RT @xme: Saw a security awareness msg: “Don’t click on suspicious e-mails!” < Why only “suspicious”? Most dangerous ones aren’t!

(Originally on Twitter: Mon Jul 25 09:38:34 +0000 2011)

Don’t forget if you check SSH fingerprints, that the new version of OpenSSH is not only RSA or DSA fingerprints to check but also ECDSA FP.

(Originally on Twitter: Mon Jul 25 14:16:21 +0000 2011)

We have computers to automate stuff and I still can’t share automatically my flickr / rss streams to google+ wtf? http://www.flickr.com/photos/adulau/ #fail

(Originally on Twitter: Mon Jul 25 20:38:03 +0000 2011)

If you still use xargs, you should really have a look at GNU Parallel. http://www.gnu.org/s/parallel/ a nice piece of software #unix #distributed

(Originally on Twitter: Tue Jul 26 20:57:45 +0000 2011)

RT @oletange: @guguscat @adulau If you want a package as part of the distribution, this is the bug to push: https://bugs.launchpad.net/ubuntu/+bug/740630

(Originally on Twitter: Wed Jul 27 06:23:53 +0000 2011)

RT @circl_lu: “The science of password selection” A nice and exhaustive review on how people choose their password. #infosech http://t.c …

(Originally on Twitter: Thu Jul 28 07:59:19 +0000 2011)

@superlol did you activate the Kernel dump? gdb -c “/PanicDumps/….” and dump the stack… maybe you just found a vulnerable application?

(Originally on Twitter: Thu Jul 28 09:46:18 +0000 2011)

A new version of Arachni is out (0.3) - Check the modules some are quite useful for web pentesting http://arachni.segfault.gr/ #infosec

(Originally on Twitter: Thu Jul 28 15:16:40 +0000 2011)

@ALDIAustralia Are the Conficker infected external hard drive distributed outside Australia? #infosec http://www.zdnet.com.au/aldi-sells-hard-drives-with-malware-inside-339319481.htm

(Originally on Twitter: Fri Jul 29 09:18:09 +0000 2011)

RT @aumasson: only two days left to submit your papers to http://2011.indocrypt.org/

(Originally on Twitter: Fri Jul 29 09:40:35 +0000 2011)

RT @Ivanlef0u: I really hate when someone present a tool at a conference but doesn’t publish it after. Guess I should recode it by mysel …

(Originally on Twitter: Fri Jul 29 09:54:35 +0000 2011)

I should not listen Labiur when cleaning of my desk, it’s even more messy after. #electronicmusic #belgium

(Originally on Twitter: Sat Jul 30 09:00:53 +0000 2011)

@sam280 Is the approach to select the appropriate parameters a common one? As BKZ security depends on the difficulty to find the SVP?

(Originally on Twitter: Sat Jul 30 20:47:11 +0000 2011)

“William’s miscellaneous git tools” The git-wtf looks very nifty… to be tested. http://git-wt-commit.rubyforge.org/ #gif #scm

(Originally on Twitter: Sat Jul 30 20:54:55 +0000 2011)

@0x58 When I saw a Trojan named “BASH”, I was expecting something really different than a fake and trojaned Flash installation ;-)

(Originally on Twitter: Mon Aug 01 08:02:29 +0000 2011)

RT @jedisct1: Erlang/OTP SSH Library Random Number Generator Weakness: http://bit.ly/n5B3jH

(Originally on Twitter: Mon Aug 01 19:46:29 +0000 2011)

@sam280 Thank you. For your information, there is a discussion on HN on the Homomorphic Encryption topic: http://news.ycombinator.com/item?id=2826687 #crypto

(Originally on Twitter: Tue Aug 02 08:52:13 +0000 2011)

RT @circl_lu: http://markmaunder.com/2011/zero-day-vulnerability-in-many-wordpress-themes/ “Zero Day Vulnerability in Many Wordpress Themes” if they use timthumb.php (an image re-sizing tool), …

(Originally on Twitter: Tue Aug 02 12:22:26 +0000 2011)

RT @gal_diskin: RT @hack_lu More speakers added to the list. See urself at http://2011.hack.lu/index.php/List#List_of_Talks #hacklu << I’ll be giving #DBI workshop

(Originally on Twitter: Tue Aug 02 14:42:02 +0000 2011)

RT @y0m: Forensic Challenge 9 - “Mobile Malware” - http://bit.ly/qRGimK #mobile #forensic #challenge #honeynet

(Originally on Twitter: Wed Aug 03 13:40:27 +0000 2011)

RT @NolanBushnell: At Atari we hired based on hobbies and not grades in school. We ended up with he best engineering group in the world.

(Originally on Twitter: Wed Aug 03 19:46:19 +0000 2011)

RT @reversemode: “Easter egg in two versions of the S7-300 PLC firmware” “html file that depicts a handful of dancing chimpanzees” http: …

(Originally on Twitter: Thu Aug 04 12:48:24 +0000 2011)

“An agile, distributed, and secure alternative to the Certificate Authority system.” https://github.com/moxie0/Convergence http://convergence.io/

(Originally on Twitter: Fri Aug 05 07:03:24 +0000 2011)

Is this bug really or correctly fixed in Chrome? http://code.google.com/p/chromium/issues/detail?id=1622 or the EV validation of this certificate is still missing? #x509

(Originally on Twitter: Fri Aug 05 09:04:02 +0000 2011)

@soufron pourtant c’est le cas. La quantité des textes législatifs (avec interaction) augmente la complexité générale de leur analyse.

(Originally on Twitter: Fri Aug 05 09:11:19 +0000 2011)

@soufron Je ne vois pas comment un parser peut faire mieux que des juges qui font déjà des interprétations diff. d’un même texte législatif

(Originally on Twitter: Fri Aug 05 09:21:13 +0000 2011)

RT @0x58: “Unfortunately, the current generation of mail programs do not have checkers to see if the sender knows what he is talking abo …

(Originally on Twitter: Fri Aug 05 09:29:14 +0000 2011)

RT @mruef: @0x58 Not a problem at all: Screen the mail sig with a regex for CISSP, CISA, MCSE, etc. to determine lack of substance ;)

(Originally on Twitter: Fri Aug 05 09:33:40 +0000 2011)

When you read in a vendor blog post “it’s very hard to compromise”, you should be really worried if you use their product. #infosec

(Originally on Twitter: Fri Aug 05 09:36:11 +0000 2011)

@FunkySteph you too, enjoy your day and (sunny?) weekend. By the way, we still need to find a day for a lunch… (before #hacklu 2011 ;-)

(Originally on Twitter: Fri Aug 05 09:40:09 +0000 2011)

RT @aumasson: perhaps the first fault analysis publication on a hash function to be presented at FDTC’11 (on SHA1)

(Originally on Twitter: Fri Aug 05 12:39:26 +0000 2011)

“TCP/IP Illustrated, Volume 1, Second Edition” Nov 2011, Hardback, 1008 pages. I can’t wait until November. I hope as good as the original

(Originally on Twitter: Fri Aug 05 13:55:59 +0000 2011)

@mruef @y0m right, the style of R. Stevens was great and very accesible. I’ll pre-order…

(Originally on Twitter: Fri Aug 05 14:04:26 +0000 2011)

“(gcalcli) Google Calendar Command Line Interface” in Python and seems quite nifty… http://code.google.com/p/gcalcli/

(Originally on Twitter: Fri Aug 05 20:16:51 +0000 2011)

@snazmeister We work with with everyone even some funky Brits ;-) By the way, don’t forget to say hi to the Swedish guy.

(Originally on Twitter: Sat Aug 06 06:40:53 +0000 2011)

@ChrisJohnRiley What ZDI is doing with the remaining 70%? It’s rejected and discarded. Or do they keep them to validate other submissions?

(Originally on Twitter: Sat Aug 06 06:47:11 +0000 2011)

A small reminder the printers are vulnerable with or without search engine. Usually there is an emphasis on the search engine by the vendor.

(Originally on Twitter: Sat Aug 06 06:50:28 +0000 2011)

RT @cudeso: #adobeedge fires up a local webserver at localhost:54321 #security ?

(Originally on Twitter: Sat Aug 06 13:21:19 +0000 2011)

@2le_net Amapy semble sympa. Où est le code source de l’application? #organic #bio

(Originally on Twitter: Sat Aug 06 15:21:35 +0000 2011)

A small note to journalists “expert” in economy: “the bond market” is not the “the stock market”. #economy #finance

(Originally on Twitter: Sat Aug 06 16:31:43 +0000 2011)

https://code.google.com/p/moshimoshi/ “Moshi Moshi is a VoIP Bot written in Python that uses SIP as VoIP Protocol” #infosec #malware

(Originally on Twitter: Sun Aug 07 06:41:51 +0000 2011)

http://blog.mandiant.com/archives/1899 “Exploring Artifacts in Heap Memory with Heap Inspector” until now, works only with live system analysis. #infosec

(Originally on Twitter: Sun Aug 07 06:50:24 +0000 2011)

@novytweety Funny. During the night, they might be even some confusion… you know “every moment is an experience”.

(Originally on Twitter: Sun Aug 07 16:53:33 +0000 2011)

RT @i0n1c: Last day in Vegas about to get started. 8 days in Vegas are more than enough.

(Originally on Twitter: Sun Aug 07 17:05:47 +0000 2011)

@gitfr C’est simple comme le “git push” ne connait pas l’état de la branche master en checkout (ainsi que son index) sur le remote…

(Originally on Twitter: Sun Aug 07 20:58:24 +0000 2011)

@gitfr mais c’est un effet de bord uniquement sur la branche master. Rien n’empeche le push sur une autre branche…

(Originally on Twitter: Sun Aug 07 20:59:51 +0000 2011)

https://github.com/r0ket/r0ket the code and hardware behind the badge for the Chaos Communication Camp 2011 - what the cost of the hardware?

(Originally on Twitter: Sun Aug 07 21:05:43 +0000 2011)

@imrim the recommendation should be more: “Beware of software and hardware in enterprise…” #everythingisvulnerable

(Originally on Twitter: Mon Aug 08 08:15:09 +0000 2011)

@dakami Do you plan to release Phidelius source code in a near future? It looks very promising.

(Originally on Twitter: Mon Aug 08 08:18:37 +0000 2011)

RT @jeffreycarr: What’s ironic about Mcafee’s whitepaper is that McAfee is leveraging Shady RAT for marketing value but they have no pro …

(Originally on Twitter: Mon Aug 08 08:57:05 +0000 2011)

@dakami Thank you. If you need some help for the release, don’t hesitate.

(Originally on Twitter: Tue Aug 09 08:09:37 +0000 2011)

RT @circl_lu: http://blog.trendmicro.com/analysis-of-bkdr_sogu-a-database-accessing-malware/ “Analysis of BKDR_SOGU.A, Database-Accessing Malware” another good reason to enable logging on ODBC co …

(Originally on Twitter: Tue Aug 09 08:32:30 +0000 2011)

RT @unpacker: [HexBlog] New feature in IDA 6.2: The proximity browser http://bit.ly/o2JCyG

(Originally on Twitter: Tue Aug 09 11:34:48 +0000 2011)

https://github.com/kaepora/cryptocat/ Source code of cryptocat, an encrypted web chatroom. Nice but how do you verify the remote JS crypto code? signed JS?

(Originally on Twitter: Tue Aug 09 20:03:46 +0000 2011)

http://www.social-europe.eu/2011/08/the-london-riots-on-consumerism-coming-home-to-roost/ “The London Riots – On Consumerism coming Home to Roost” the old division is still existing just in a different form

(Originally on Twitter: Tue Aug 09 20:11:05 +0000 2011)

I like when my neighbour brings his laptop, I get usually more malware sample on it than on an old Nepenthes collector. #honeypot

(Originally on Twitter: Tue Aug 09 20:26:16 +0000 2011)

RT @mattblaze: Our #Usenix Security paper on weaknesses in P25 2-way radios is out today. See http://crypto.com/p25

(Originally on Twitter: Wed Aug 10 14:03:05 +0000 2011)

http://git.xelerance.com/cgi-bin/gitweb.cgi?p=ldnsx.git;a=tree Frustrated with the ldns Python module? you should have a look at ldnsx… time to move to ldnsx. #python #dns

(Originally on Twitter: Wed Aug 10 20:24:55 +0000 2011)

@kaizeronion Russula foetens or gyromitra esculenta? pick the right one.

(Originally on Twitter: Thu Aug 11 17:36:01 +0000 2011)

RT @paulg: 2011 Startup School, October 29 at Stanford: http://startupschool.org

(Originally on Twitter: Thu Aug 11 17:44:13 +0000 2011)

RT @ochsff: WTF is wrong with Damballa? SpyEye source has not been released, it was a post on how to crack the (binary) builder! Noobs! :(

(Originally on Twitter: Fri Aug 12 09:35:05 +0000 2011)

RT @_saadk: Société Générale rises as a global worry #NYT http://nyti.ms/qzxMwI #economy #2008dejavu

(Originally on Twitter: Sat Aug 13 05:44:40 +0000 2011)

RT @PatrickFrench2: The only shop NOT looted down the road from where I live was Waterstones. I guess the rioters have Kindles - bought …

(Originally on Twitter: Sat Aug 13 05:49:35 +0000 2011)

https://paulsparrows.wordpress.com/2011/08/11/one-year-of-android-malware-full-list/ “One Year Of Android Malware (Full List)” I’m not sure it’s really the “full list”, it’s easy to miss a Malware.

(Originally on Twitter: Sat Aug 13 07:40:51 +0000 2011)

@safecastdotorg Why user submitted European measures don’t appear on the safecast map? #radioactivity

(Originally on Twitter: Sat Aug 13 08:03:27 +0000 2011)

http://thc.org/thc-ipv6/ THC-IPV6 v1.8 “CCC Camp release” with more than 40 ipv6 security tools #infosec #ipv6

(Originally on Twitter: Sat Aug 13 15:53:55 +0000 2011)

@safecastdotorg The map is http://maps.safecast.org/fusion - which one is showing all the submitted values? thank you.

(Originally on Twitter: Sat Aug 13 23:07:42 +0000 2011)

http://wiki.qemu.org/ChangeLog/0.15 qemu 0.15 released. Major improvement in the ARM support.

(Originally on Twitter: Sun Aug 14 07:54:20 +0000 2011)

http://pandas.sourceforge.net/index.html “pandas: a python data analysis library” The DataFrame model looks very nice when handling date-based series. #python

(Originally on Twitter: Mon Aug 15 12:30:58 +0000 2011)

http://blog.eset.com/2011/08/15/warming-up-for-the-autumn-conferences “Warming up for the Autumn Conferences” Pierre-Marc Bureau will also give a keynote at #hacklu 2011. #conference

(Originally on Twitter: Mon Aug 15 12:34:15 +0000 2011)

RT @hack_lu: http://2011.hack.lu/index.php/List#Keynote2 second keynote announced “Security Problems in Operational Navy Systems, Industrial Point of View” by D …

(Originally on Twitter: Tue Aug 16 08:15:54 +0000 2011)

http://arxiv.org/abs/1108.2704 Attacks on Local Searching Tools like Google Desktop Search #infosec

(Originally on Twitter: Tue Aug 16 09:24:24 +0000 2011)

http://article.gmane.org/gmane.linux.network/203223 “Improve sequence number generation.” in Linux Kernel. Moving TCP sequence gen. from partial MD4 to MD5. #infosec

(Originally on Twitter: Tue Aug 16 09:56:42 +0000 2011)

@pello “…we moved from MD5 to a cut-down version of MD4 because it was causing significant performance issues…” in 2002 from Ted Ts’o.

(Originally on Twitter: Wed Aug 17 15:03:09 +0000 2011)

https://plus.google.com/112095729959662313642/posts/JD1QUttcPvh is working on a second version of the Wiki Creativity Index #metric #creativity #wiki

(Originally on Twitter: Wed Aug 17 21:44:18 +0000 2011)

http://googleonlinesecurity.blogspot.com/2011/08/four-years-of-web-malware.html “Four Years of Web Malware” interesting statistics from Google showing an increase in IP cloacking. #infosec

(Originally on Twitter: Thu Aug 18 05:36:00 +0000 2011)

Call for testing: OpenSSH-5.9 (including sandboxing in pre-auth privsep process) http://www.gossamer-threads.com/lists/openssh/dev/52382

(Originally on Twitter: Thu Aug 18 05:49:03 +0000 2011)

The ArDrone corruption to be presented at hack.lu 2011 http://2011.hack.lu/index.php/List#ArDrone #hacklu #infosec

(Originally on Twitter: Thu Aug 18 09:49:45 +0000 2011)

http://msmvps.com/blogs/spywaresucks/archive/2011/08/18/1797801.aspx Interesting police fine spam/malware with forged headers or compromised server? #infosec #malware

(Originally on Twitter: Thu Aug 18 12:29:33 +0000 2011)

@hsf2012 @syn2cat @security4all @wimremes Why not having a rotating summer camp/festival in Benelux each year? #hackerspace

(Originally on Twitter: Thu Aug 18 12:46:15 +0000 2011)

@hsf2012 great news. do you have already a fixed or foreseen date for the festival in 2012? to fix the agenda ;-) #hackerspace

(Originally on Twitter: Thu Aug 18 13:09:04 +0000 2011)

RT @edarchis: When you hear thunder outside and see your lights flashing off/on, you’re happy to hear the clicking sound of your UPS tak …

(Originally on Twitter: Thu Aug 18 17:00:37 +0000 2011)

RT @circl_lu: http://www.securelist.com/en/blog/208193084/The_Miner_Botnet_Bitcoin_Mining_Goes_Peer_To_Peer “The Miner Botnet: Bitcoin Mining Goes Peer-To-Peer” #bitcoin #malware #p2p

(Originally on Twitter: Fri Aug 19 15:41:55 +0000 2011)

@novytweety http://www.chassepierre.be/

(Originally on Twitter: Sat Aug 20 07:19:53 +0000 2011)

http://code.google.com/p/binwalk/ “Firmware Analysis Tool” might be useful with this trend of malware trying to hide stuff at strange places…

(Originally on Twitter: Sat Aug 20 07:52:27 +0000 2011)

@bortzmeyer I’ll vote against because this has been requested by the Board of Trustees where the role is to support creation not filtering.

(Originally on Twitter: Sun Aug 21 20:14:41 +0000 2011)

likes when a software is faster when reading and processing the LZO1X-1 compressed files than reading uncompressed files. #memoryiscool

(Originally on Twitter: Tue Aug 23 15:04:05 +0000 2011)

RT @wimremes: Someone tried to make me sign a liability form for a mandated driving course. THAT didn’t work the way he expected.

(Originally on Twitter: Wed Aug 24 09:34:51 +0000 2011)

http://code.google.com/p/r-u-dead-yet/ “R-U-Dead-Yet, or RUDY for short, implements the generic HTTP DoS attack via long form field submissions.”

(Originally on Twitter: Wed Aug 24 11:41:16 +0000 2011)

At such rate ( http://wordpress.org/extend/plugins/search.php?q=security+fix&sort=updated ) of security updates for WordPress plugins… it’s easier to make exploit them than update them.

(Originally on Twitter: Thu Aug 25 08:30:37 +0000 2011)

RT @jedisct1: A fully functional training environment for exploring Android mobile application security: https://code.google.com/p/owasp-goatdroid/

(Originally on Twitter: Thu Aug 25 14:55:16 +0000 2011)

RT @hack_lu: http://2011.hack.lu/index.php/CaptureTheFlag The first pre CTF challenge is available - it’s time to win a free entrance ! #hacklu #fluxfingers #ctf

(Originally on Twitter: Thu Aug 25 21:14:06 +0000 2011)

http://www.flickr.com/photos/adulau/6090333514/in/set-72157627539996284 Some pictures from Phasme(s) played in Florenville… #art #theatre #belgium

(Originally on Twitter: Sun Aug 28 20:32:23 +0000 2011)

RT @DidierStevens: Paranoid behavior: getting back in touch with childhood friend, but first check if his hotmail pwd hasn’t been leaked.

(Originally on Twitter: Mon Aug 29 02:15:12 +0000 2011)

RT @jedisct1: Javascript cryptography considered harmful: http://www.matasano.com/articles/javascript-cryptography/

(Originally on Twitter: Mon Aug 29 02:17:02 +0000 2011)

RT @wimremes: By the end of today we’re halfway done. I swear. #wim4board http://bit.ly/r3LnjT – Only 1 speed : GO ! #wim4isc #wimming

(Originally on Twitter: Mon Aug 29 08:32:13 +0000 2011)

RT @circl_lu: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3aWin32%2fMorto.A Morto a new worm spreading by compromising administrator accounts via Remote Desktop Protocol (RDP). # …

(Originally on Twitter: Mon Aug 29 08:32:32 +0000 2011)

http://2011.hack.lu/index.php/Agenda First version of the agenda for hack.lu 2011 set-up… more to come in the next days. #hacklu #conference #infosec

(Originally on Twitter: Mon Aug 29 15:02:12 +0000 2011)

RT @tqbf: Right now, when an SSL cert doesn’t validate, you get a dialog box. When DNS fails, 80-90% of software just sees NULL “struct …

(Originally on Twitter: Tue Aug 30 05:03:59 +0000 2011)

RT @cudeso: hey guys, I don’t mind sending out defacement notices but please update your reg-details at your registrar.

(Originally on Twitter: Wed Aug 31 04:54:18 +0000 2011)

http://jessekornblum.livejournal.com/275736.html “Symantec Agrees md5deep is False Positive” #md5deep #antivirus

(Originally on Twitter: Wed Aug 31 05:38:20 +0000 2011)

In Firefox the “When an OCSP server connection fails, treat the certificate as invalid” is disabled by default. What about the others? #x509

(Originally on Twitter: Wed Aug 31 15:42:49 +0000 2011)

@tkeetch You see many “sec_error_ocsp_server_error” just because the OCSP server is overloaded. TCP handshake and then timeout… #fail

(Originally on Twitter: Wed Aug 31 20:14:28 +0000 2011)

Many OCSP server implementations are just not designed to be on the Internet… just looking at the random garbage that you can get. #x509

(Originally on Twitter: Wed Aug 31 20:19:18 +0000 2011)

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/798858 Don’t trust input from external devices even USB devices. An interesting bug with the USB Webkey… #infosec #usb

(Originally on Twitter: Wed Aug 31 20:30:04 +0000 2011)

http://www.kernel.org/ “Security breach on kernel.org” Trojan/rootkit discovered from error messages of Xnest /dev/mem. check your logs too.

(Originally on Twitter: Thu Sep 01 05:27:34 +0000 2011)

RT @fluxfingers: #hacklu meeting whole friday, 10am ID/401.

(Originally on Twitter: Thu Sep 01 05:29:31 +0000 2011)

A gentle reminder to the media, SSL =/= X.509 and the current security issues with some CA are on the X.509 part, not SSL itself. #infosec

(Originally on Twitter: Thu Sep 01 12:52:49 +0000 2011)

http://isc.sans.edu/diary.html?storyid=11500 “DigiNotar breach - the story so far” +1 for the quality of the article and the timeline. #pki #infosec

(Originally on Twitter: Thu Sep 01 13:15:14 +0000 2011)

http://dank.qemfd.net/dankwiki/index.php/RDRAND “A nondeterministic hardware process provides a 3Gbps entropy source as paired 256-bit values” really? I need to test

(Originally on Twitter: Thu Sep 01 21:51:48 +0000 2011)

http://arxiv.org/abs/1109.0097 “Website Detection Using Remote Traffic Analysis” side-channel attack to discover browsed website… #infosec #privacy

(Originally on Twitter: Fri Sep 02 07:30:34 +0000 2011)

RT @bortzmeyer: #IETF promotes DANE (keys in DNS) by letting the X.509 cert of www.ietf.org expire :-)

(Originally on Twitter: Fri Sep 02 09:39:11 +0000 2011)

@bortzmeyer and the OCSP server for the X.509 certificate for www.ietf.org is not responding “sec_error_ocsp_unauthorized_request”

(Originally on Twitter: Fri Sep 02 09:40:48 +0000 2011)

RT @circl_lu: Don’t forget to register for the hack.lu 2011 conference, we hope to see you there. http://2011.hack.lu/ #hacklu #infosec …

(Originally on Twitter: Fri Sep 02 12:07:12 +0000 2011)

“The Dutch government has since audited DigiNotar’s performance and rescinded this assessment.” #pki https://blog.mozilla.com/security/2011/09/02/diginotar-removal-follow-up/

(Originally on Twitter: Sat Sep 03 05:45:13 +0000 2011)

Do you think they will audit/review the firmware in the Linux kernel? a nice place to hide some stuff… #infosec http://git.kernel.org/?p=linux/kernel/git/dwmw2/linux-firmware.git;a=shortlog;h=master

(Originally on Twitter: Sat Sep 03 06:00:33 +0000 2011)

@aissn as said by @bortzmeyer with the recent compromise of kernel.org, the firmware directory is a nice place to trojan the kernel.

(Originally on Twitter: Sun Sep 04 06:27:46 +0000 2011)

RT @mikkohypponen: What happened at Diginotar couldn’t possibly happen at any other CA. Because others are perfectly secure. Diginotar w …

(Originally on Twitter: Sun Sep 04 06:38:28 +0000 2011)

http://blog.gerv.net/2011/09/diginotar-compromise/ “…details of 247 certificates, covering 23 CNs,…” the list of CNs is scary especially addons.mozilla.org #infosec

(Originally on Twitter: Sun Sep 04 06:44:03 +0000 2011)

“Diginotar broken arrow as a tour-de-force of PKI fail” from Peter Gutmann nice summary of PKI design-to-fail http://permalink.gmane.org/gmane.comp.security.cryptography.randombit/1215

(Originally on Twitter: Sun Sep 04 06:46:00 +0000 2011)

@aissn @bortzmeyer indeed the local git merge will fail but as those are binary blobs it’s more difficult to find the differences. #infose

(Originally on Twitter: Sun Sep 04 08:01:47 +0000 2011)

RT @mikkohypponen: Diginotar hacker created a certificate for the website of another CA: startssl.com. If I were them, I’d check my syst …

(Originally on Twitter: Sun Sep 04 16:21:17 +0000 2011)

blogged “Information Security Is Not a Matter of Compliance” http://www.foo.be/cgi-bin/wiki.pl/2011-09-04_Information_Security_Is_Not_a_Matter_of_Compliance #infosec

(Originally on Twitter: Sun Sep 04 16:34:57 +0000 2011)

RT @ioerror: The worst about these certs? The attackers got ..com and ..org from Koninklijke Notariele Beroepsorganisatie CA

(Originally on Twitter: Sun Sep 04 16:36:55 +0000 2011)

RT @torproject: DigiNotar Damage Disclosure: https://blog.torproject.org/blog/diginotar-damage-disclosure

(Originally on Twitter: Sun Sep 04 19:14:39 +0000 2011)

@OpenAtMicrosoft As you are now more open, could you point us to the standard document for the Visio binary format? Thank you #microsoft

(Originally on Twitter: Mon Sep 05 12:05:26 +0000 2011)

RT @tricaud: “64KB ought to be enough for an event record size” #cee #loganalysis http://bit.ly/q8fW6j

(Originally on Twitter: Mon Sep 05 12:22:18 +0000 2011)

RT @tricaud: Since 2008 I worked on stuff you have seen and other things you haven’t. I will disclose it during #hacklu in a few days.

(Originally on Twitter: Mon Sep 05 13:59:40 +0000 2011)

Does someone know who is operating the 10 Tor exit nodes named Amunet1-12 (registered as Formeless Networking LLC)? answers can be off #tor

(Originally on Twitter: Mon Sep 05 14:47:29 +0000 2011)

@ioerror As Tor user, can we trust those exit nodes? I’m looking for a golden set of Tor exit nodes to check/compare SSL handshakes.

(Originally on Twitter: Tue Sep 06 05:13:51 +0000 2011)

@ioerror Thank you. If you have a list of golden exit nodes somewhere, might be worth to get. #tor

(Originally on Twitter: Tue Sep 06 09:30:27 +0000 2011)

RT @hack_lu: #hacklu: 23 talks, 6 Workshops and some surprises and of course socializing (party, booth and…). You definitely should sign …

(Originally on Twitter: Tue Sep 06 14:23:04 +0000 2011)

@edarchis http://arxiv.org/abs/1109.0507 In the paper, the topic is a bit different “to keep security patches secret before release”…

(Originally on Twitter: Tue Sep 06 14:34:03 +0000 2011)

RT @kaspersky: Why Diginotar may turn out more important than #Stuxnet http://bit.ly/mS4sWN via @schouw @securelist

(Originally on Twitter: Tue Sep 06 15:22:05 +0000 2011)

RT @circl_lu: http://www.globalsign.com/company/press/090611-security-response.html “ As a responsible CA, we have decided to temporarily cease issuance of all Certificates until the inv …

(Originally on Twitter: Wed Sep 07 07:37:19 +0000 2011)

RT @rommelfs: more news from ComodoHacker: http://pastebin.com/85WV10EL and http://pastebin.com/jhz20PqJ including signed binary, issued by DigiNotar

(Originally on Twitter: Wed Sep 07 07:41:51 +0000 2011)

@rommelfs as the binary sig looks fine, it’s a window of opportunity for infecting systems before the CA is really removed from all system.

(Originally on Twitter: Wed Sep 07 07:43:06 +0000 2011)

@FunkySteph Funky hello too ;-). would you (and maybe your colleagues) join us for #hacklu 2011? http://2011.hack.lu/

(Originally on Twitter: Wed Sep 07 08:08:38 +0000 2011)

@wimremes Right and to make it worst, how many systems are running outdated OpenSSL? BTW, http://openssl.org/news/secadv_20110906.txt new security updates 1.0.0e

(Originally on Twitter: Wed Sep 07 08:21:54 +0000 2011)

@wimremes funny. Remind me of Isaac Asimov “Knowledge can create problems, it is not through ignorance that we can solve them” #infosec

(Originally on Twitter: Wed Sep 07 08:33:31 +0000 2011)

“Hackerspaces: The Beginning (September 2011)” http://www.archive.org/details/hackerspaces-the-beginning #ebook #hackerspace

(Originally on Twitter: Wed Sep 07 11:34:09 +0000 2011)

my ugly backup policy - https://plus.google.com/112095729959662313642/posts/QFN8qJ7tydB #backup #unix #rsync #jwz

(Originally on Twitter: Wed Sep 07 20:10:29 +0000 2011)

RT @AbuseHelper: First draft (= working version) of the BGP ranking bot commited #bgpranking #abusehelper

(Originally on Twitter: Thu Sep 08 11:21:48 +0000 2011)

RT @SnorreFagerland: I had a look at the BIOS-flash trojan Mebromi http://bit.ly/nUuLzZ

(Originally on Twitter: Thu Sep 08 11:39:37 +0000 2011)

RT @circl_lu: http://www.cisco.com/warp/public/707/cisco-sa-20110907-nexus.shtml “Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability” when adding a ACL …

(Originally on Twitter: Thu Sep 08 12:12:38 +0000 2011)

RT @y0m: Software updates that fix vulnerabilities in Nexus Series available. Cisco patches replicants.

(Originally on Twitter: Thu Sep 08 12:28:37 +0000 2011)

Michael S. Hart died - http://www.gutenberg.org/w/index.php?title=Michael_S._Hart #ebook #freedom #gutenberg

(Originally on Twitter: Thu Sep 08 13:25:08 +0000 2011)

RT @eromang: 1 week until @hack_lu and @brucon ! Register or you will regret it

(Originally on Twitter: Thu Sep 08 18:35:47 +0000 2011)

“Mallory MITM proxy for application and device testing” it seems to support non standard protocols on TCP or UDP https://bitbucket.org/IntrepidusGroup/mallory

(Originally on Twitter: Thu Sep 08 19:20:29 +0000 2011)

RT @pyllyukko: i wonder how many times you need to be reminded to trust your instincts, until you finally learn to do it?

(Originally on Twitter: Fri Sep 09 15:02:41 +0000 2011)

My 8 hours of train was close to an anthropology trip especially “the human couple who drink “beer” (carapils) at 7:00 AM in front of you”.

(Originally on Twitter: Sat Sep 10 20:52:01 +0000 2011)

http://www.nicta.com.au/pub?doc=5076 (PDF) “Insecurity in Public-Safety Communications: APCO Project 25” #infosec I like the “Message-Modification Attack”

(Originally on Twitter: Sun Sep 11 06:15:10 +0000 2011)

@dewtone is a great radio. If you like innovative electronic music, you should listen. I hope they will keep the same approach in future.

(Originally on Twitter: Sun Sep 11 08:55:52 +0000 2011)

se demande pourquoi les éditions Exils ne republie pas “L’éthique hacker” en français, le livre est épuisé depuis plusieurs années…

(Originally on Twitter: Sun Sep 11 10:01:46 +0000 2011)

@winremes http://groups.google.com/group/fa.linux.kernel/msg/52f04d4ab1121c9b reminded me of Linus pointing back that biology is a matter of sheer luck… #biology #software #errors

(Originally on Twitter: Sun Sep 11 10:15:05 +0000 2011)

@Ge0bidouille Pas vraiment… l’éditeur a les droits sur la traduction française et préfère ne pas faire de réédition pour l’instant.

(Originally on Twitter: Sun Sep 11 12:45:31 +0000 2011)

RT @picviz: All #infosec folks gathering in Lyon, France this week are welcome to message us to have an office visit and a drink!

(Originally on Twitter: Sun Sep 11 21:08:26 +0000 2011)

RT @y0m: HoneySink : open source network sinkhole for detection and prevention of malicious traffic. http://bit.ly/pm50lZ #malware #Honey …

(Originally on Twitter: Mon Sep 12 09:23:28 +0000 2011)

I think in the next hours and days… a lot of people will look in Google maps to locate Marcoule, Gard, France #radioactivity

(Originally on Twitter: Mon Sep 12 11:54:51 +0000 2011)

RT @_saadk: @adulau and of course, #France has doom proof nuclear technology as Le Canard Enchaîné keeps demonstrating #irony #radioactivity

(Originally on Twitter: Mon Sep 12 13:10:22 +0000 2011)

Reading tcpdump pflog files with tshark gives different results on 32-bit systems and 64-bit systems… bug filling in progress… #infosec

(Originally on Twitter: Tue Sep 13 16:20:36 +0000 2011)

RT @runasand: ShmooCon and The Shmoo Group are soliciting papers and presentations for the eighth annual ShmooCon: http://www.shmoocon.org/cfp

(Originally on Twitter: Tue Sep 13 16:33:02 +0000 2011)

RT @npua: RIP Jean-Claude Asselborn (+ 10.9.2011) http://computarium.lcd.lu/photos/people/Asselborn/obituary_JCl.html

(Originally on Twitter: Tue Sep 13 20:08:28 +0000 2011)

RT @fluxfingers: 2nd pre-CTF challenge released! Have a good time solving it, the first to send a mail with the correct solution wins: h …

(Originally on Twitter: Tue Sep 13 20:10:14 +0000 2011)

Want to win another free entrance for hack.lu? Time to play the second contest from @fluxfingers @hack_lu #ctf #conference #challenge

(Originally on Twitter: Tue Sep 13 20:12:48 +0000 2011)

RT @indi303: RT @wimremes: unofficially, I need 8 more votes :) #wim4board < PLEASE VOTE FOR WIM!

(Originally on Twitter: Tue Sep 13 21:01:03 +0000 2011)

http://www.flickr.com/photos/adulau/6144674635/ What’s above Uma? still wondering… #photography #streetart #paris

(Originally on Twitter: Tue Sep 13 21:35:21 +0000 2011)

RT @fluxfingers: 2nd pre-CTF challenge solved by Eloi Vanderbéken. Since he already has a ticket for hack.lu the second to send the solu …

(Originally on Twitter: Tue Sep 13 21:40:45 +0000 2011)

RT @mikkohypponen: Hackers breach the site of μTorrent - the most common Bittorrent client - replacing the download binary with malware …

(Originally on Twitter: Wed Sep 14 06:42:08 +0000 2011)

http://2011.hack.lu/index.php/Agenda hack.lu lecture and workshop agenda updated #hacklu #conference #infosec

(Originally on Twitter: Wed Sep 14 15:26:19 +0000 2011)

I’m getting old when someone told me while looking at my bookshelves “cool, you have books about iOS network security but for version 12.0?”

(Originally on Twitter: Wed Sep 14 20:21:33 +0000 2011)

RT @tqbf: Reddit is way better with crypto topics than HN: http://bit.ly/rbiHeC

(Originally on Twitter: Thu Sep 15 04:41:58 +0000 2011)

RT @kernelpool: Kernel pool quota pointer attack no longer works on Windows 8. Process pointer is XOR’ed with a random cookie (nt!ExpPoo …

(Originally on Twitter: Thu Sep 15 12:07:49 +0000 2011)

is thinking of the community voting scheme for @bgpranking and might come with a prototype for the BGP ranking meeting at @hack_lu #hacklu

(Originally on Twitter: Thu Sep 15 22:13:43 +0000 2011)

RT @thinksec: “OAuth and OpenID - Securing the Insecure” with @khashkiani next week @hack_lu http://is.gd/OPYdVL

(Originally on Twitter: Fri Sep 16 04:58:48 +0000 2011)

RT @hack_lu: we know that you play the CTF for the pleasure and the fun but we listed some of the geeky prices for the winners. @fluxfin …

(Originally on Twitter: Fri Sep 16 05:03:51 +0000 2011)

http://2011.hack.lu/index.php/TryandVetTshirtContest “Try and Vet T-shirt Contest” during hack.lu 2011 #hacklu #infosec #conference

(Originally on Twitter: Fri Sep 16 11:50:39 +0000 2011)

RT @fluxfingers: In the meantime some more hackers solved the 2nd pre-CTF challenge, but still the ticket is available.Get to your shell …

(Originally on Twitter: Fri Sep 16 16:26:46 +0000 2011)

hack.lu 2011 agenda updates, new talk added “Scaling up DoS: taking out your mobile phone, bank and internetz” #infosec #conference #hacklu

(Originally on Twitter: Fri Sep 16 16:51:34 +0000 2011)

The new delicious owner (AVOS) updated the terms of services for delicious. http://www.goodiff.org/changeset/635/avos/avos.com/terms/index.html #goodiff #delicious #eula #tos

(Originally on Twitter: Sat Sep 17 06:14:35 +0000 2011)

Would you be scared? “cd /etc/ssl/certs/; ls -1 | xargs openssl verify | grep -v OK” #x509 #infosec

(Originally on Twitter: Sat Sep 17 09:43:46 +0000 2011)

https://plus.google.com/112095729959662313642/posts/daLXzWEJiwn made some notes why monitoring and comparing CRLs rate is important… and why crlwatch from @ioerror is a good start

(Originally on Twitter: Sat Sep 17 11:04:22 +0000 2011)

@xme @ddurvaux it’s always the same dudes working on those network install. My turn is tomorrow afternoon. #hacklu #brucon

(Originally on Twitter: Sat Sep 17 15:20:28 +0000 2011)

RT @jedisct1: It’s kinda scary that V8 uses signed integers all over the place instead of size_t for objects sizes.

(Originally on Twitter: Sat Sep 17 21:10:00 +0000 2011)

On some low-interaction HTTP honeypots, I see an increase for “admin/sqlpatch.php” access… some new SQLi in Zen Cart? #infosec

(Originally on Twitter: Sun Sep 18 08:37:07 +0000 2011)

RT @gal_diskin: Heading to @hack_lu I will be giving a #DBI workshop. Come listen if you’re there

(Originally on Twitter: Sun Sep 18 09:18:47 +0000 2011)

RT @hack_lu: We still love some old technologies @hack_lu like IRC. You can connect to irc.hack.lu and join the channel #hack.lu and #ctf

(Originally on Twitter: Sun Sep 18 09:42:48 +0000 2011)

RT @hack_lu: We still love some old technologies @hack_lu like IRC. You can connect to irc.hack.lu and join the channel #hack.lu and #ctf

(Originally on Twitter: Sun Sep 18 09:42:49 +0000 2011)

RT @jaysonstreet: Watch out Luxembourg even after a ‘random check’ at LUX customs I’m here with USA pepperoni, a vest of doom & a slide …

(Originally on Twitter: Sun Sep 18 17:18:12 +0000 2011)

#hacklu network activated IPv4 and IPv6.

(Originally on Twitter: Sun Sep 18 17:19:13 +0000 2011)

RT @fluxfingers: RT @freddyb excited about #hacklu CTF. we will start tomorrow (September 19th, 11.00 CEST)! See http://2011.hack.lu/index.php/CaptureTheFlag an …

(Originally on Twitter: Sun Sep 18 21:13:15 +0000 2011)

RT @AcidRampage: @adulau I bet many will have iptables -P INPUT DROP, but not ip6tables -P INPUT DROP… link-local #ftw

(Originally on Twitter: Mon Sep 19 05:15:30 +0000 2011)

I don’t like when there is a SCADA and ICS talk at #hacklu and there are some electrical problems in Bruxelles… #infosec #coincidence

(Originally on Twitter: Mon Sep 19 14:39:29 +0000 2011)

RT @malc0de: Possible SpyEye sqli, vulnerable script “frm_cards_edit.php”, affected version ALL - python script to test http://bit.ly/ppnQ8M

(Originally on Twitter: Mon Sep 19 14:47:04 +0000 2011)

RT @FredRaynal: Talk done at #hacklu. Was amazed that only 10 people in the room knew about “Critical Infrastructures”. Hope we made it …

(Originally on Twitter: Mon Sep 19 14:57:02 +0000 2011)

RT @syn2cat: Even more pictures of our stand @hack_lu: http://yfrog.com/nznfkrhj

(Originally on Twitter: Mon Sep 19 14:57:15 +0000 2011)

http://2011.hack.lu/index.php/TryandVetTshirtContest Try and Vet T-shirt Contest - if you have the correct answer, you’ll get additional points for your CTF team. #hacklu

(Originally on Twitter: Mon Sep 19 15:00:51 +0000 2011)

@FredRaynal Next time you DoS the power grid in the European capital, we should make it live in the IRC channel ;-) #hacklu

(Originally on Twitter: Mon Sep 19 15:03:13 +0000 2011)

RT @fluxfingers: there are some new challenges online =) #ctf #hacklu

(Originally on Twitter: Mon Sep 19 22:10:42 +0000 2011)

http://2011.hack.lu/index.php/LightningTalk Still some slots available on Tuesday and Wednesday for the lightning talks, don’t be shy. #hacklu @hack_lu

(Originally on Twitter: Mon Sep 19 23:06:17 +0000 2011)

RT @fluxfingers: #hacklu #CTF will finish Wednesday on 11am CEST (~27hrs from now) - Click here to see current local time in Luxembourg …

(Originally on Twitter: Tue Sep 20 07:11:11 +0000 2011)

RT @zobiotte: Sûreté informatique: hack.lu, les informaticiens partagent leur connaissances http://tinyurl.com/6b4t86r #luxembourg @hack_lu

(Originally on Twitter: Tue Sep 20 07:34:09 +0000 2011)

RT @pmbureau: Just finished my keynote at #hack_lu, heading to the DBI workshop!

(Originally on Twitter: Tue Sep 20 07:47:34 +0000 2011)

an example from @jaysonstreet “They secured the docking station in a bank but not the laptop.” #infosec #security #hacklu

(Originally on Twitter: Tue Sep 20 07:49:52 +0000 2011)

@jaysonstreet at #hacklu - don’t forget my watch is a video camera…

(Originally on Twitter: Tue Sep 20 08:14:37 +0000 2011)

@gnkshot it was @jaysonstreet during his presentation at #hacklu where he showed his “camera watch” used in physical pen-testing. #infosec

(Originally on Twitter: Tue Sep 20 09:38:09 +0000 2011)

PGP key signing party during #barcamp at #hacklu - (today) Tuesday 15:00 (room 2 workshop) @hack_lu

(Originally on Twitter: Tue Sep 20 09:39:47 +0000 2011)

RT @tricaud: just finished my slides for #hacklu ! Had a great workshop with @adulau this afternoon where people have seen the beast :)

(Originally on Twitter: Wed Sep 21 06:56:37 +0000 2011)

RT @zed_0xff: #hacklu #ctf smashing buffers on SPARC under NetBSD was really hard for me… it took ~15 HOURS to solve. was my first buf …

(Originally on Twitter: Wed Sep 21 06:57:09 +0000 2011)

RT @xme: Saumil Shah presenting it’s hacking world tour, funny! #hacklu

(Originally on Twitter: Wed Sep 21 07:19:22 +0000 2011)

RT @hack_lu: To the #hacklu speakers: don’t forget to send your presentation or a link to it -> info(AT)hack.lu thank you for your gr …

(Originally on Twitter: Wed Sep 21 09:03:58 +0000 2011)

RT @xme: “Protocols have good intentions, that’s their implementation which is weak” #hacklu #OAuth #OpenID

(Originally on Twitter: Wed Sep 21 12:44:25 +0000 2011)

RT @cudeso: I’m starting to worry if #GPG returns “Unusable public key” on my own keys

(Originally on Twitter: Wed Sep 21 12:44:59 +0000 2011)

RT @xme: Lightning talks are really a must. So many interesting projects/ideas! #brucon #hacklu

(Originally on Twitter: Wed Sep 21 12:45:19 +0000 2011)

RT @daveaitel: MI5 recruiting digital intelligence specialists, but £27k? http://dlvr.it/mQ47P

(Originally on Twitter: Wed Sep 21 12:45:29 +0000 2011)

RT @xme: [/dev/random]: Hack.lu 2011 (Quick) Wrap Up http://blog.rootshell.be/2011/09/21/hack-lu-2011-quick-wrap-up/

(Originally on Twitter: Wed Sep 21 20:14:25 +0000 2011)

RT @stalkr_: #hacklu 2011 CTF top 15 graph http://stalkr.net/hack.lu/graph.htm

(Originally on Twitter: Wed Sep 21 20:16:13 +0000 2011)

Strange my TODO list before #hacklu contained 78 items and now it’s more than 92 items. The world is plenty of interesting hack… #infosec

(Originally on Twitter: Wed Sep 21 20:27:11 +0000 2011)

@eromang It was great to meet you too. For the next year edition, you should propose a talk and also a lightning talk “breaking glasses!”

(Originally on Twitter: Wed Sep 21 20:36:48 +0000 2011)

“TrackMeNot: Enhancing the privacy of Web Search” http://arxiv.org/abs/1109.4677 #privacy infosec #TMN

(Originally on Twitter: Fri Sep 23 09:11:41 +0000 2011)

@efiliol The topic looks very interesting. Did you already talk to @ioerror about the countermeasure to implement? #tor

(Originally on Twitter: Fri Sep 23 09:29:51 +0000 2011)

I smell a potential measurement issue today but not for information security…

(Originally on Twitter: Fri Sep 23 13:06:10 +0000 2011)

@SteveClement You should have a look “Unicode Security Considerations” at http://unicode.org/reports/tr36/ you’ll love unicode even more… #infosec

(Originally on Twitter: Fri Sep 23 15:03:54 +0000 2011)

RT @moxie__: Hype’s law: The amount one hypes a vulnerability before releasing details is inversely proportional to the actual severity …

(Originally on Twitter: Fri Sep 23 15:52:10 +0000 2011)

http://blog.ivanristic.com/2011/09/ssl-survey-protocol-support.html and yes TLS v1.1 is not used too much… another good reason to use GnuTLS instead of OpenSSL. #gnu #infosec

(Originally on Twitter: Fri Sep 23 17:13:13 +0000 2011)

The return of the wolf in Belgium that’s just like the panther in Arlon last year. Hunters spreading rumors to justify their game. #belgium

(Originally on Twitter: Sat Sep 24 05:52:18 +0000 2011)

https://blog.torproject.org/blog/tor-and-beast-ssl-attack “Tor and the BEAST SSL attack” a good and exhaustive summary of the CBC bad IV issue in pre-1.1 TLS #infosec #crypto

(Originally on Twitter: Sat Sep 24 06:02:48 +0000 2011)

For crypto implementation vulnerabilities, it’s always the same pattern. At first the attack looks not practical… http://www.openssl.org/~bodo/tls-cbc.txt

(Originally on Twitter: Sat Sep 24 06:44:42 +0000 2011)

RT @i0n1c: @jduck1337 Anyway a crypto-attack sounds cooler :P

(Originally on Twitter: Sat Sep 24 07:19:56 +0000 2011)

RT @Ivanlef0u: Hack.lu CTF 2011 Write-up : FluxScience http://bit.ly/nxqZgb

(Originally on Twitter: Mon Sep 26 12:38:36 +0000 2011)

https://github.com/inquisb/icmpsh “icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C, Perl or Python” #infosec

(Originally on Twitter: Tue Sep 27 05:20:01 +0000 2011)

@AVOS_com @Delicious It seems that the password reset link is currently broken… thank you.

(Originally on Twitter: Tue Sep 27 19:01:25 +0000 2011)

@AVOS_com Thank you for the fix. When do you plan to bring back the network/social aspect of delicious? ./network/<username>

(Originally on Twitter: Wed Sep 28 15:55:15 +0000 2011)

got some answers from some vulnerability disclosure and I just saw again a proof of the existence of the Putt’s Law. #infosec

(Originally on Twitter: Wed Sep 28 20:44:14 +0000 2011)

http://www.ecrypt.eu.org/documents/D.SPA.13.pdf (PDF) “ECRYPT II Yearly Report on Algorithms and Keysizes” Key size is important but check your PRNG too.

(Originally on Twitter: Thu Sep 29 05:04:57 +0000 2011)

RT @joshu: i am gonna start a CS journal where to get published you have to include your code. because i don’t believe this shit works h …

(Originally on Twitter: Thu Sep 29 05:48:46 +0000 2011)

Don’t forget that the new version of Bitcoin 0.4.0 is finally supporting encrypted wallet. http://bitcoin.org/ #bitcoin #infosec

(Originally on Twitter: Thu Sep 29 05:53:45 +0000 2011)

@AcidRampage something like “your wallet need to be unlocked to accept this bitcoin transfer” #bitcoinphishingmightbecool

(Originally on Twitter: Thu Sep 29 09:12:17 +0000 2011)

RT @circl_lu: http://cpansearch.perl.org/src/FLORA/perl-5.14.2/pod/perldelta.pod “Perl - decode_xs n-byte heap-overflow and memory error with GLOB_ALTDIRFUNC” -> patched in Perl 5 …

(Originally on Twitter: Thu Sep 29 09:22:35 +0000 2011)

@andibaritchi @verizonbusiness in your PCI doc on footnote 5 “…no known atypical characteristics…” could you give an example? thank you.

(Originally on Twitter: Thu Sep 29 10:02:37 +0000 2011)

Note to my past delicious network, as @delicious killed the network feature, I officially moved to @pinboard https://pinboard.in/u:adulau/

(Originally on Twitter: Thu Sep 29 18:50:57 +0000 2011)

RT @FredRaynal: Some people are laughing at rootkit in SMS (#sarcasm)… but it comes with QR code: http://goo.gl/NEdZQ

(Originally on Twitter: Fri Sep 30 16:37:59 +0000 2011)

I don’t why but it’s always for me that people ask me “I lost my keys, could you help me?” do I have something written on my front?

(Originally on Twitter: Fri Sep 30 16:45:34 +0000 2011)

@xme Very nice network analysis. I’m surprised that so many people use direct access to facebook or google while being in an infosec conf.

(Originally on Twitter: Fri Sep 30 16:47:00 +0000 2011)

RT @jepoirrier: @adulau I also switched to @pinboard: http://pinboard.in/u:jepoirrier @delicious killed the mostly text-only “popular” page like ht …

(Originally on Twitter: Sun Oct 02 06:47:08 +0000 2011)

just published the solution to the cryptographic t-shirt challenge during hack.lu 2011 #ctf #hacklu http://www.foo.be/cgi-bin/wiki.pl/2011-10-02_Try_and_Vet_Tshirt_Crypto_Challenge_Hack.lu2011_The_Solution

(Originally on Twitter: Sun Oct 02 11:52:06 +0000 2011)

http://www.androidpolice.com/2011/10/01/massive-security-vulnerability-in-htc-android-devices-evo-3d-4g-thunderbolt-others-exposes-phone-numbers-gps-sms-emails-addresses-much-more/ By using only the Internet permission, any app gets access to many system logs or state. #infosec #android

(Originally on Twitter: Sun Oct 02 12:54:01 +0000 2011)

http://arxiv.org/PS_cache/arxiv/pdf/1109/1109.5542v1.pdf (PDF) “Gaming security by obscurity” … actively learning attacker’s methods from their tentatives… viable? #infosec

(Originally on Twitter: Sun Oct 02 16:56:48 +0000 2011)

RT @henet: The most recent DDoS attack seems to be contained; senior network admins are on standy to resolve any remaining issues (via n …

(Originally on Twitter: Tue Oct 04 07:54:12 +0000 2011)

@jberggren If you need some good “skeleton” CollabREate is a good start and idapython is very handy - let me know http://www.idabook.com/collabreate/

(Originally on Twitter: Wed Oct 05 12:43:19 +0000 2011)

RT @pello: Like @adulau, it seems @delicious killed my account. Moving to @pinboard: http://pinboard.in/u:pello/

(Originally on Twitter: Wed Oct 05 20:15:15 +0000 2011)

RT @textfiles: Mark Pilgrim is alive/annoyed we called the police. Please stand down and give the man privacy and space, and thanks ever …

(Originally on Twitter: Wed Oct 05 20:31:31 +0000 2011)

Today, I looked at my old NeXT station in a different way. A master piece of engineering that triggered everyone to innovate.

(Originally on Twitter: Thu Oct 06 05:06:17 +0000 2011)

RT @vinch01: The Pirate Bay took a special .be domain name to avoid censorship from Telenet and Belgacom! http://depiraatbaai.be :-)

(Originally on Twitter: Thu Oct 06 11:50:46 +0000 2011)

http://www.cymru.com/jtk/blog/2011/03/04/#juno “Have you ever wondered what all the unsolicited TCP SYN/ACK or RST packets to destination ports 1024 and 3072 are?”

(Originally on Twitter: Thu Oct 06 16:53:10 +0000 2011)

RT @xme: Tx to @k4l4m4r1s for the small gift ;-) http://t.co/EZnQh4kQ

(Originally on Twitter: Thu Oct 06 20:59:12 +0000 2011)

If you are a Hetzner hosting customer, change your password… and check your systems. http://hetzner-status.de/ #infosec

(Originally on Twitter: Thu Oct 06 21:24:15 +0000 2011)

RT @OWASPLux: Block your agenda for #owaspbnl11, December 1-2, 2011 in Luxembourg, www.owaspbenelux.eu

(Originally on Twitter: Fri Oct 07 13:32:55 +0000 2011)

@Chaos_Be La légalisation via la taxation n’est pas la pire solution. Tu proposes quoi sinon? le lance flamme dans les rues le soir?

(Originally on Twitter: Fri Oct 07 14:23:14 +0000 2011)

I remembered discussion about “air gap” being much better than firewalls and properly configured software http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/ I’m laughing

(Originally on Twitter: Fri Oct 07 19:25:29 +0000 2011)

maidsafe-dht - Kademlia DHT with NAT traversal and crypto http://code.google.com/p/maidsafe-dht/ looks quite nice even if it’s c++… #p2p #dht

(Originally on Twitter: Fri Oct 07 20:44:17 +0000 2011)

RT @Viss: “@michaelossmann: The ToorCon 13 badge is released. http://greatscottgadgets.com/tc13badge/ #tc13badge”

(Originally on Twitter: Sat Oct 08 06:20:40 +0000 2011)

http://www.moodys.com/research/Moodys-places-Belgiums-Aa1-ratings-on-review-for-possible-downgrade–PR_227904 Moody’s is abusing countries like #belgium to support the broken bank system. Rating agency showed their real supporter

(Originally on Twitter: Sat Oct 08 06:27:03 +0000 2011)

@LuxNoSQL To monitor Redis, there is also the excellent Munin plugin http://exchange.munin-monitoring.org/plugins/redis/details - easy to customize to your needs.

(Originally on Twitter: Sat Oct 08 14:59:00 +0000 2011)

RT @chl: the one thing more annoying than the @delicious relaunch may be the darn ben & jerry’s ads displayed when searching for “@delic …

(Originally on Twitter: Sat Oct 08 14:59:58 +0000 2011)

“public key <DEADBEEF> is 27888 seconds newer than the signature” I like those warning messages. Everything is a clock issue. #pgp

(Originally on Twitter: Sat Oct 08 15:21:04 +0000 2011)

@oxabad1dea right and next protip would be: don’t run IDA on an already infected system. If they have drones infected, what about the rest?

(Originally on Twitter: Sat Oct 08 15:23:19 +0000 2011)

@BookCourt usually I hate: lack of book shelf in a house, traffic jam, endless meeting…

(Originally on Twitter: Sat Oct 08 16:18:08 +0000 2011)

RT @Rogunix: An Efficient VM–Based Software Protection http://www.cs.tau.ac.il/~kiperber/truly.pdf

(Originally on Twitter: Sun Oct 09 08:39:30 +0000 2011)

RT @MartineAubry: Sur #Hadopi, la position de Martine Aubry est claire: elle s’engage à abroger la loi http://www.martineaubry.fr/mes-convictions/internet #aubry2012

(Originally on Twitter: Sun Oct 09 10:52:26 +0000 2011)

After the excellent JSLinux from Fabrice Bellard, JSModem adds Serial/PPP connectivity to JSLinux… https://github.com/ewiger/jsmodem

(Originally on Twitter: Sun Oct 09 11:37:05 +0000 2011)

RT @ochsff: The #CCC analysis of the TKUE Trojan is awful. Too bad media just copied that stuff as is.

(Originally on Twitter: Sun Oct 09 15:35:58 +0000 2011)

RT @alexander_band: Debate on giving #IPv4 and #IPv6 holders #geolocation control in RIPE Database: http://bit.ly/p0SeKK Will be interes …

(Originally on Twitter: Mon Oct 10 08:37:20 +0000 2011)

I like when AV vendors claim that they don’t whitelist malware… Yes, right. Skype is not a malware… just uses some malware techniques.

(Originally on Twitter: Mon Oct 10 16:14:04 +0000 2011)

http://code.google.com/p/weevely/ “Weevely create and manage PHP trojan designed to be hardly detectable” #infosec #malware

(Originally on Twitter: Mon Oct 10 16:49:15 +0000 2011)

It’s the first time I see a real use of public tender information - http://ted.europa.eu/udl?uri=TED:NOTICE:26158-2009:TEXT:DE:HTML #0zapftis #malware

(Originally on Twitter: Tue Oct 11 06:06:53 +0000 2011)

@mikko “http://ted.europa.eu/udl?uri=TED:NOTICE:26158-2009:TEXT:DE:HTML” to update your blog post about the official public tender

(Originally on Twitter: Tue Oct 11 13:55:08 +0000 2011)

RT @corelanc0d3r: RT @fancy__04: MonaSploit - awesome: https://community.rapid7.com/community/metasploit/blog/2011/10/11/monasploit

(Originally on Twitter: Tue Oct 11 14:05:25 +0000 2011)

RT @tqbf: HN is now using bcrypt to store password hashes.

(Originally on Twitter: Tue Oct 11 21:13:51 +0000 2011)

RT @eromang: New blog post: Weevely Stealth Tiny PHP Backdoor Analysis http://bit.ly/qtMtuL #zataz #infosec #malware

(Originally on Twitter: Tue Oct 11 21:23:05 +0000 2011)

A compromised system -> ugly inotify script on /tmp to “git commit” everything around -> capture great and ugly malware samples #infosec

(Originally on Twitter: Tue Oct 11 21:29:45 +0000 2011)

RT @esizkur: Wait, what? The iPhone4S baseband has Glonass support? I totally missed that announcement.

(Originally on Twitter: Wed Oct 12 20:42:37 +0000 2011)

http://exploitshop.wordpress.com/2011/10/12/ms11-077-vulnerabilities-in-windows-kernel-mode-drivers-could-allow-remote-code-execution-2567053/ “MS11-077: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053)” #infosec

(Originally on Twitter: Thu Oct 13 08:27:12 +0000 2011)

Update your bogon/martian network access-list on your routers, 128.0.0.0/16 is now allocated from RIPE to ISP - https://apps.db.ripe.net/whois/lookup/ripe/inetnum/128.0.0.0-128.0.7.255.html

(Originally on Twitter: Thu Oct 13 09:06:44 +0000 2011)

If you are a #quora user, you might want to have a look at the latest changes in their privacy policy http://www.goodiff.org/changeset/637/quora/www.quora.com/about/privacy #goodiff

(Originally on Twitter: Thu Oct 13 09:49:36 +0000 2011)

RT @jedisct1: Google killing Google Code Search really sucks.

(Originally on Twitter: Fri Oct 14 19:53:52 +0000 2011)

http://www.evilmadscientist.com/article.php/visdiff visual diff for PCB layouts… interesting post regarding the visualization of differences in hardware. #gEDA

(Originally on Twitter: Fri Oct 14 19:56:58 +0000 2011)

http://www.icofcs.org/2011/papers-published-016.html “Blind Automatic Malicious Activity Detection in Honeypot Data” Based on correlation between network flows.

(Originally on Twitter: Sat Oct 15 06:55:50 +0000 2011)

some notes regarding my move from @Delicious to @pinboard - https://plus.google.com/112095729959662313642/posts/5iPqiLoMb38 #machinetag #tags #folksonomy #bookmarks

(Originally on Twitter: Sun Oct 16 09:17:43 +0000 2011)

@eromang Yep. It’s a proprietary web scanner from http://www.mavitunasecurity.com/ #infosec

(Originally on Twitter: Sun Oct 16 09:19:09 +0000 2011)

@eromang A guess… there is a dump of a scanner result for zataz somewhere. The bot crawls the urls but removed from the indexer (dup)

(Originally on Twitter: Sun Oct 16 16:29:31 +0000 2011)

RT @xme: I scheduled online my electricity meter index review. Then, made my ID +1, got the 1 of my neighbor’s and was able to schedule! …

(Originally on Twitter: Sun Oct 16 19:35:56 +0000 2011)

Looking for a good reference of the NTLM authentication protocol? here is a good/independent reference http://davenport.sourceforge.net/ntlm.html #infosec #ntlm

(Originally on Twitter: Mon Oct 17 20:15:33 +0000 2011)

@SteveClement For me, a first flush OP assam or darjeeling will be fine ;-)

(Originally on Twitter: Tue Oct 18 07:16:18 +0000 2011)

http://www.aisee.com/graph_of_the_month/http.htm “An activity diagram to describe the resolution of HTTP response status codes” very nifty. #debugging #http

(Originally on Twitter: Tue Oct 18 13:31:46 +0000 2011)

@antirez Could we imagine to have a redis with a low memory overhead for small binary-expressed (e.g. IPv4 addresses) keys? #redisiscool

(Originally on Twitter: Tue Oct 18 21:49:26 +0000 2011)

@antirez thank you very much for the feedback. I’ll post some code in the ML for sharing the approaches tested. #redisiscool

(Originally on Twitter: Tue Oct 18 21:57:06 +0000 2011)

@antirez I think our mistake was to test only with sets and not the hashes. It would be great to add in the doc the efficiency per type. thx

(Originally on Twitter: Tue Oct 18 21:59:41 +0000 2011)

A small reminder when doing reversing, “you might discover the “how” it’s working but not really the “why” it’s done like that”. #duqu

(Originally on Twitter: Wed Oct 19 12:19:08 +0000 2011)

Sometime the career site of large corporation becomes their incident disclosure interface when “senior forensic analyst” ads popping up…

(Originally on Twitter: Thu Oct 20 05:24:35 +0000 2011)

@FredRaynal a good search is “senior forensic analyst” or “senior forensic investigator” in Google ;-)

(Originally on Twitter: Thu Oct 20 08:08:46 +0000 2011)

http://www.ccssforum.org/malware-certificates.php “Digital Certificates Used by Malware” it will be more and more useful… #infosec

(Originally on Twitter: Thu Oct 20 16:46:08 +0000 2011)

https://github.com/linux-wizard/timegrep “Perform a binary search through a log file to find a range of times and print the corresponding lines” #python

(Originally on Twitter: Thu Oct 20 21:36:19 +0000 2011)

ISO ratifies ISO/IEC 27035:2011 used the term of ISIRT instead of CSIRT. Is there a good reason beside adding more confusion? #infosec

(Originally on Twitter: Fri Oct 21 05:34:17 +0000 2011)

@bortzmeyer Indeed. But sometimes, ISO standards are (mis)used in some reference technical document. The worst part -> ISO docs are not free

(Originally on Twitter: Fri Oct 21 07:22:05 +0000 2011)

RT @circl_lu: http://pastebin.com/U7fPMxet quick analysis of the JBoss server worm #infosec

(Originally on Twitter: Fri Oct 21 07:52:45 +0000 2011)

is wondering with UEFI secure boot until when a pre-Boot malware is discovered with a signed and valid and trusted certificate… #infosec

(Originally on Twitter: Sat Oct 22 16:07:52 +0000 2011)

@SteveClement It looks like that you are looking for a multi-functional printer with additional services ;-)

(Originally on Twitter: Sun Oct 23 14:27:31 +0000 2011)

@SteveClement the fancyvrb class is quite nifty for verbatim content or code sample.

(Originally on Twitter: Sun Oct 23 14:39:30 +0000 2011)

@xme http://bgpranking.circl.lu/ is also very handy for correlation rules. If you need a specific format, let me know. #bgpranking

(Originally on Twitter: Sun Oct 23 14:41:14 +0000 2011)

@xme you can also query it via whois “whois -h http://pdns.circl.lu 3” (3 is the ASN) if you want to script it for your #siem.

(Originally on Twitter: Sun Oct 23 14:42:54 +0000 2011)

What’s going on with @CogentCo peering with IP-Plus (Swisscom) in London? I cannot reach Cogent ASNs from @belgacom skynet? #peering

(Originally on Twitter: Mon Oct 24 19:59:35 +0000 2011)

RT @torproject: For the growing storm about tor compromise. See this thread, http://ur1.ca/5hkwu

(Originally on Twitter: Tue Oct 25 05:44:19 +0000 2011)

@julienvds the issue started yesterday PM for us. @belgacom users cannot reach any @cogentco net blocks (it stops in London).

(Originally on Twitter: Tue Oct 25 08:28:54 +0000 2011)

RT @circl_lu: http://www.auscert.org.au/render.html?it=15005 PAM multiple vulnerabilities this is affecting the majority of operating system integrating PAM #infosec

(Originally on Twitter: Tue Oct 25 10:07:24 +0000 2011)

@briankrebs Could you share the IP addresses from the ASN lookup you showed on your last blog post? #infosec

(Originally on Twitter: Wed Oct 26 14:29:12 +0000 2011)

@Rick_Deckard Are you still alive? or did you discover that you are a replicant at the end… you find it to boring to tweet on a machine.

(Originally on Twitter: Wed Oct 26 15:51:59 +0000 2011)

A gentle reminder for the attackers building rootkits for Linux system, don’t forget to add “ss” in your trojaned command…

(Originally on Twitter: Wed Oct 26 16:46:05 +0000 2011)

Sometime looking for bats or looking for side channel attacks can use the same technique… https://plus.google.com/u/0/112095729959662313642/posts/Jq92g2rx5Ua #crypto #ultrasonic

(Originally on Twitter: Wed Oct 26 20:31:13 +0000 2011)

@AcidRampage ;-) We were playing with an ultrasonic microphone some months ago for finding bats and now I saw a use for crypto attacks…

(Originally on Twitter: Wed Oct 26 20:40:49 +0000 2011)

RT @patrickpeiffer: tonight, 18h30, bruno racine, president french national library, speaking on “défis numériques” @ philharmonie.lu, h …

(Originally on Twitter: Thu Oct 27 09:23:46 +0000 2011)

@wimremes For Windows events, it’s also random gibberish just like Syslog but with the additional feature of a brain damaged binary storage.

(Originally on Twitter: Thu Oct 27 14:18:57 +0000 2011)

@wimremes yep, it’s still a brain damaged binary storage ;-) I should release my ugly Python scripts for handling those broken EVT files.

(Originally on Twitter: Thu Oct 27 14:43:41 +0000 2011)

https://github.com/moxie0/Convergence/wiki/TACK A clever key pinning scheme to advertise additional requirements to validate subsequent SSL connections #x509 #infosec

(Originally on Twitter: Thu Oct 27 22:05:39 +0000 2011)

RT @tricaud: Boucle infinie de mon expert comptable : être facturé pour le traitement des factures :) #infiniteloop #accountancy

(Originally on Twitter: Fri Oct 28 13:06:10 +0000 2011)

RT @circl_lu: https://blog.torproject.org/blog/tor-02234-released-security-patches “Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker can deanonymize Tor users.” …

(Originally on Twitter: Fri Oct 28 15:11:52 +0000 2011)

http://www.goodiff.org/changeset/639/apple/www.apple.com/legal/itunes/us/terms.html Changes in iTunes EULA especially regarding the use of “unlawfully acquired” content used in iTunes Match #copyright

(Originally on Twitter: Sat Oct 29 08:46:59 +0000 2011)

I fill with typographical errors in my first name to distinguish companies selling your personal data. Today is the BE bookstore “Agora”

(Originally on Twitter: Mon Oct 31 17:16:17 +0000 2011)

RT @internetplumber: “The current address allocation system is a hierarchy” is not a reason to make routing system trust a hierarchy. #R …

(Originally on Twitter: Mon Oct 31 17:20:36 +0000 2011)

@superlol it’s quite logical if you see this as a zero-sum game (the stock market). The indexes increased due to the gamers’ risk lowered.

(Originally on Twitter: Tue Nov 01 12:56:39 +0000 2011)

@superlol the media misunderstood as “it’s great” because the index increased. But that was just “play with other countries then win”.

(Originally on Twitter: Tue Nov 01 13:00:16 +0000 2011)

@inaturalist It seems that the handy flickr tagger is broken http://www.inaturalist.org/taxa/flickr_tagger (giving a HTTP 500 until now).

(Originally on Twitter: Tue Nov 01 13:40:20 +0000 2011)

RT @ProjectHoneynet: Forensic Challenge 10 - “Attack Visualization”: I am pleased to announce the next forensic challenge: Forensic C… …

(Originally on Twitter: Tue Nov 01 14:53:51 +0000 2011)

I like those HTTP redirects especially when it’s from an SSL site via a non-SSL side to another SSL site with the same cookies… #infosec

(Originally on Twitter: Tue Nov 01 21:09:35 +0000 2011)

RT @circl_lu: http://support.citrix.com/article/CTX131198 “Vulnerability in Citrix XenDesktop 4.0 could result in Client Drive Mapping policy bypass” #infosec …

(Originally on Twitter: Thu Nov 03 10:58:33 +0000 2011)

@bortzmeyer What are the differences between Knot http://labs.nic.cz/page/767/knot-dns/ and NSD http://www.nlnetlabs.nl/projects/nsd/? any pointers? #DNS #RIPE63

(Originally on Twitter: Thu Nov 03 13:36:06 +0000 2011)

RT @bortzmeyer: @adulau Knot is faster, according to the benchmarks made by its authors. But NSD is production-ready and Knot is alpha ( …

(Originally on Twitter: Thu Nov 03 13:42:31 +0000 2011)

Interesting to see that malware evade more and more DMZ filtering by using CIFS protocol. Another good reason to not use CIFS between DMZ.

(Originally on Twitter: Thu Nov 03 16:44:45 +0000 2011)

RT @FIRSTdotOrg: Want to be a part of #FIRST2012 #Malta? CFS is open at http://conference.first.org/cfs. #infosec #cybersec

(Originally on Twitter: Thu Nov 03 21:10:44 +0000 2011)

@oreillymedia it would be great to add a way to send automatically to your Kindle email the ebooks purchased from the O’Reilly account…

(Originally on Twitter: Thu Nov 03 21:18:09 +0000 2011)

Back to the eighties, street art is back, retro house and new beat are on radio and remote code execution abusing the TCP/IP stack. #infosec

(Originally on Twitter: Tue Nov 08 22:42:20 +0000 2011)

http://www.digitalbond.com/2011/11/08/advantech-webaccess-first-on-insecure-products-list/comment-page-1/ “Advantech WebAccess First on Insecure Products List” #infosec #scada #ics

(Originally on Twitter: Wed Nov 09 06:58:51 +0000 2011)

@fcouchet Maybe we should read “Intellectual Property is the driving force to shut down a knowledge based economy”…

(Originally on Twitter: Wed Nov 09 13:37:59 +0000 2011)

RT @circl_lu: http://www.crysys.hu/duqudetector.html “CrySyS Duqu Detector Toolkit” #malware #duqu

(Originally on Twitter: Thu Nov 10 12:52:24 +0000 2011)

http://www.ietf.org/mail-archive/web/mile/current/msg00177.html last call for RFC6045 and RFC6046 about Real-time Inter-network Defense (RED) - IODEF extension for incident handling

(Originally on Twitter: Thu Nov 10 13:49:36 +0000 2011)

RT @rstevens: Anyone who tells you that you can’t do your best work in your underwear is probably in the pocket of the pants industry.

(Originally on Twitter: Thu Nov 10 15:48:21 +0000 2011)

RT @mruef: Another step backwards: After #Google killing RSS in their Reader, #Facebook is going to kill RSS imports for notes :( #fail

(Originally on Twitter: Thu Nov 10 19:15:31 +0000 2011)

RT @i0n1c: guys it is no news or secret that i am/was lorian of TESO.Sorry to ruin your attempts to blackmail me.

(Originally on Twitter: Fri Nov 11 14:43:18 +0000 2011)

RT @thegrugq: @i0n1c watch out nan, I heard that lorian knows about you taking credit for his bugs and his work. Heard he has access to …

(Originally on Twitter: Fri Nov 11 14:55:05 +0000 2011)

tcprstart is very handy especially to discover potential (malware) p2p protocols by looking at req/resp times http://www.percona.com/docs/wiki/tcprstat:start

(Originally on Twitter: Sat Nov 12 08:48:38 +0000 2011)

An open idea to Belgian politicians instead of “closing down libraries” improve and reinvent them like in Fayetteville http://boingboing.net/2011/11/12/library-to-get-a-hackerspace.html

(Originally on Twitter: Sat Nov 12 16:49:01 +0000 2011)

http://arxiv.org/abs/1111.2744 “Cryptanalysis of Song’s advanced smart card based password authentication protocol” #smartcard #infosec

(Originally on Twitter: Mon Nov 14 10:28:54 +0000 2011)

http://dragonresearchgroup.org/reads/ a weekly short list of good reads to enjoy your weekend with from @DragonResearch #infosec

(Originally on Twitter: Mon Nov 14 10:31:11 +0000 2011)

@rop_g congrats for your talk during #govcertnl #freedom

(Originally on Twitter: Thu Nov 17 09:50:44 +0000 2011)

What’s the difference .bit domain http://dot-bit.orgproject and .42 https://www.42registry.org/? just the bitcoin namecoin trading?

(Originally on Twitter: Thu Nov 17 15:24:59 +0000 2011)

RT @bortzmeyer: Je prêviens: compte-tenu de la gravité des attaques menées au nom de la propriété intellectuelle, je voterai en 2012 sur …

(Originally on Twitter: Thu Nov 17 17:22:28 +0000 2011)

@edarchis If the svn word is pronounced in conjunction with the DVCS word, there might be something wrong.

(Originally on Twitter: Thu Nov 17 17:28:34 +0000 2011)

@wimremes the main issue with any certification (like ISO 27K) is that companies look for a certificate and not usually improved security

(Originally on Twitter: Fri Nov 18 13:26:31 +0000 2011)

RT @xme: @adulau Certificate as a Checkmark on a Check list? “Completed, next one”

(Originally on Twitter: Fri Nov 18 13:55:04 +0000 2011)

#worstpassword hash tag is cool. You can grab it, parse it and build a nifty list for your next worm. #infosec #malware

(Originally on Twitter: Fri Nov 18 17:03:43 +0000 2011)

Reading the news about the people library’s being thrown out by the police reminded me of this scene in Fahrenheit 451 http://www.youtube.com/watch?v=lW7sWqG1j_0

(Originally on Twitter: Fri Nov 18 23:00:30 +0000 2011)

@NeelieKroesEU get rid of “collecting society’s” and promote a direct financing between users and authors. #copyright #forumavignon

(Originally on Twitter: Sat Nov 19 10:15:08 +0000 2011)

RT @fluxfingers: hacklu2011 CTF access.log published http://www.fluxfingers.net/public/access.log.masked.bz2 #fluxfingers #ctf #hacklu

(Originally on Twitter: Sat Nov 19 10:18:54 +0000 2011)

RT @NURPAbe: [EN] In order to avoid that the Web in Belgium looks like http://ur1.ca/5xr11 , help us by confirming these cases http://t …

(Originally on Twitter: Sat Nov 19 12:28:39 +0000 2011)

http://eprint.iacr.org/2011/616 “the impossible differential attack on TEA in this paper is the best single-key attack to date” #cryptography

(Originally on Twitter: Sat Nov 19 12:31:26 +0000 2011)

http://news.ycombinator.com/item?id=3256317 reading this discussion about the “weak” typesetting in current ebooks showed again the bright future for TeX.

(Originally on Twitter: Sun Nov 20 19:49:10 +0000 2011)

http://nakedsecurity.sophos.com/2011/09/14/windows-8-anti-virus-good-bad-news/ “Windows 8 to have built-in anti-virus” it’s not the first time microsoft talked about it… #malware

(Originally on Twitter: Mon Nov 21 07:20:24 +0000 2011)

@lhausermann Until now it’s an ugly script to enumerate ports used in pcap and calculate/rank on the latency median per port. I’ll blog post

(Originally on Twitter: Mon Nov 21 09:50:30 +0000 2011)

@SteveClement Do you know the famous “t” option in tar? it’s very handy before doing an extract ;-)

(Originally on Twitter: Tue Nov 22 13:39:28 +0000 2011)

RT @Snort: Snort and ClamAV plugins for Wireshark! http://www.honeynet.org/node/790

(Originally on Twitter: Thu Nov 24 13:42:13 +0000 2011)

A small reminder for users of tor announcing hidden services, don’t forget to secure your web application. #tor #infosec

(Originally on Twitter: Thu Nov 24 14:24:13 +0000 2011)

Parsing a huge JSON file (3GB) with Python and I ended up using sed and awk with GNU parallel. Old unix tools are not so old.

(Originally on Twitter: Thu Nov 24 22:31:57 +0000 2011)

WTF, I received a copy of a magazine promoting patent using my CC pictures “Patents are only for the old machine” http://www.flickr.com/photos/adulau/379303639/

(Originally on Twitter: Fri Nov 25 22:10:22 +0000 2011)

@etychon The funny part is they put in bold below the picture “Patents are only for the old machine” as large as the title of the article…

(Originally on Twitter: Sun Nov 27 12:33:08 +0000 2011)

http://tools.ietf.org/html/rfc6441 “Time to Remove Filters for Previously Unallocated IPv4 /8s” but continue to filter RFC5735 IP spaces. #infosec

(Originally on Twitter: Tue Nov 29 17:12:42 +0000 2011)

I like security vendors promoting the replacement of hard token for soft token running on a mobile phone where the token psk is stored too.

(Originally on Twitter: Tue Nov 29 20:49:24 +0000 2011)

Does the decision from Consilium to ban “export of software intended for monitoring Internet” to Syria includes free software (eg tcpdump)?

(Originally on Twitter: Thu Dec 01 22:45:03 +0000 2011)

RT @InfosecIsland: Duqu Servers Included Hacked Linux Systems - Be it brute force password hacking or another Stuxnet 0-Day, Duqu shows. …

(Originally on Twitter: Fri Dec 02 06:48:10 +0000 2011)

Enjoy your day at #owaspbnl11 with the @rommelfs talk, I’m currently travelling to the 4GH conference. Too many #infosec conferences ;-)

(Originally on Twitter: Fri Dec 02 08:47:49 +0000 2011)

back from the first edition of the #4gh conference very nice concept where everyone can contribute as a speaker #infosec #collaboration

(Originally on Twitter: Sun Dec 04 22:55:16 +0000 2011)

http://gchqchallenge.blogspot.com/2011/12/gchq-stage-1-commented-assembly-code-dr.html “How to solve the GCHQ challenge” @snazmeister

(Originally on Twitter: Mon Dec 05 13:48:14 +0000 2011)

@snazmeister I can’t do all the challenges at once… I still have plenty of other challenges to solve. #infosec

(Originally on Twitter: Mon Dec 05 14:13:22 +0000 2011)

RT @Kleissner: The Art of Bootkit Development Paper: http://bit.ly/w0vaEQ Presentation: http://bit.ly/rSZ2KN Live Demo: http://bit.ly/sMUpqU

(Originally on Twitter: Tue Dec 06 19:37:38 +0000 2011)

Sometime I’m just wondering if the best way to break the 0days black market, it’s to promote/pay for full disclosure without delay. #infosec

(Originally on Twitter: Wed Dec 07 21:09:06 +0000 2011)

RT @mikko: We’ve published a white paper on industrial automation security together with Vacon and Nixu: http://www.vacon.com/Vacon-White-Paper-On-Industrial-Automation-Security-In-Fieldbus-And-Field-Device-Level.pdf [pdf]

(Originally on Twitter: Fri Dec 09 21:23:49 +0000 2011)

pinpoint looks very nifty to create presentations but I’ll continue to use LaTeX beamer for the next weeks… http://git.gnome.org/browse/pinpoint

(Originally on Twitter: Sat Dec 10 21:33:56 +0000 2011)

http://insecure.org/news/download-com-fiasco.html “Download.com Caught Adding Malware to Nmap & Other Software” #infosec #malware

(Originally on Twitter: Sun Dec 11 21:54:37 +0000 2011)

http://www.goodiff.org/changeset/642/google/code.google.com/speed/public-dns/privacy.html “and improve the Google Public DNS prefetching feature.” has been removed from the Google public DNS ToS. #goodiff

(Originally on Twitter: Tue Dec 13 12:45:28 +0000 2011)

“Using Proximity to Predict Activity in Social Networks” http://arxiv.org/abs/1112.2755 quite interesting even if they didn’t check the temporal part.

(Originally on Twitter: Thu Dec 15 17:00:53 +0000 2011)

https://labs.ripe.net/Members/gih/the-curious-case-of-the-crooked-tcp-handshake “TCP_DEFER_ACCEPT” is an interesting socket option but with a small bug in the Linux version?

(Originally on Twitter: Thu Dec 15 18:02:31 +0000 2011)

http://blog.snort.org/2011/12/snort-292-has-been-released.html Snort 2.9.2 released including GTP decoding, DNP3 and Modbus support and finally the HTTP js decoding. #infosec #snort

(Originally on Twitter: Sat Dec 17 08:26:59 +0000 2011)

RT @mikko: General: “So, how do we get Stuxnet 2 in Iran? USB sticks won’t do it any more”

Sergeant: “What if we crash land an infecte …

(Originally on Twitter: Sat Dec 17 08:31:09 +0000 2011)

made some statistics about the certificate revocation reasons seen in the CRLs - open for discussions http://www.foo.be/cgi-bin/wiki.pl/2011-12-17_Certificate_Revocation_Reasons_2011

(Originally on Twitter: Sat Dec 17 11:43:17 +0000 2011)

@K_rho Désolé mais c’est le cas ;-) Surtout concernant le #NoFoP qui est une grosse bêtise… pour des lieux et œuvres publics.

(Originally on Twitter: Sat Dec 17 12:39:46 +0000 2011)

@K_rho Je sais mais le #NoFoP en mode strict pourrait enlever 75% des photos réalisées dans les villes récentes… #wikipedia

(Originally on Twitter: Sat Dec 17 12:48:44 +0000 2011)

http://www.foo.be/cgi-bin/wiki.pl/2011-12-17_Certificate_Revocation_Reasons_2011 If you are curious about the 230 entries with a revoke reason of “CA Compromise” in all the public CRLs. #infosec #pki

(Originally on Twitter: Sat Dec 17 14:44:03 +0000 2011)

@alcyonsecurity Another interesting point in the DigiNotar CRL is the previously revoked certificates (before the breach). Where are they?

(Originally on Twitter: Sun Dec 18 09:59:37 +0000 2011)

RT @alcyonsecurity: @adulau Good point. #diginotar revocation date should be set to date of suspected compromise, not to date of discove …

(Originally on Twitter: Sun Dec 18 10:07:55 +0000 2011)

@btabaka Ce que rms veut dire c’est que la censure n’est pas solution.

(Originally on Twitter: Sun Dec 18 13:37:49 +0000 2011)

http://www.foo.be/crl/crl-synonyms.txt I generated a list of X.509 CRL list including an MD5 hash of their output to detect the CRL synonyms. #infosec #pki

(Originally on Twitter: Sun Dec 18 17:14:24 +0000 2011)

RT @matthew_d_green: You should submit something to Usenix Security! The PC even reads the crypto papers these days ;) http://www.usenix.org/events/sec12/cfp/

(Originally on Twitter: Sun Dec 18 19:09:16 +0000 2011)

@verisign Is there a reason why I can’t find the revoked certificate (..7FC529BB) for JMicron Technology Corp in Verisign CRLs? #duqu

(Originally on Twitter: Wed Dec 21 08:10:42 +0000 2011)

” SHARCS 2012: Special-Purpose Hardware for Attacking Cryptographic Systems http://www.iacr.org/S=Rd “ Maybe 2012 will be a good year? #crypto

(Originally on Twitter: Fri Dec 23 07:18:56 +0000 2011)

RT @SteveClement: #NSFW but very close to work. Our legal advisor got busted and he even is a Dr.

(Originally on Twitter: Fri Dec 23 16:10:20 +0000 2011)

RT @Code_Analysis: John Carmack. Static Code Analysis. http://altdevblogaday.com/2011/12/24/static-code-analysis/

(Originally on Twitter: Sat Dec 24 08:49:57 +0000 2011)

RT @ddurvaux: Nice reading: overview of revoked certificates: http://bit.ly/ulL3Wu. Thanks @adulau

(Originally on Twitter: Sat Dec 24 14:48:09 +0000 2011)

RT @lferette: John Carmack on static code analysis (tx @adulau). The guy has not lost his touch! http://altdevblogaday.com/2011/12/24/static-code-analysis/

(Originally on Twitter: Sat Dec 24 14:48:13 +0000 2011)

https://lkml.org/lkml/2011/12/22/270 “possible privilege escalation via SG_IO ioctl” SCSI commands back to the host OS does this work with VMware iSCSI?

(Originally on Twitter: Sat Dec 24 16:38:38 +0000 2011)

http://wrttn.in/04af1a “Institutional memory and reverse smuggling” the reality behind document management in the enterprise. #archiving

(Originally on Twitter: Sun Dec 25 08:59:11 +0000 2011)

RT @cperciva: Just did some archaeology: The telnetd remote-root buffer overflow dates back to at least BSD4.4 (March 1991), but probabl …

(Originally on Twitter: Sun Dec 25 09:08:48 +0000 2011)

http://www.foo.be/cgi-bin/wiki.pl/2011-12-25_Against_SOPA_or_How_To_Do_Soap My contribution against SOAP, a free recipe on how to make soap. #freedom #sopa #soap

(Originally on Twitter: Sun Dec 25 15:19:04 +0000 2011)

RT @bortzmeyer: Les destructionnistes de Wikipédia toujours aussi tarés. Voilà qu’ils ont détruit l’article #Namecoin du Wikipédia anglo …

(Originally on Twitter: Sun Dec 25 20:46:11 +0000 2011)

@bortzmeyer Je n’hésite jamais pour faire une donation à Wikipedia mais depuis les « suppressionnistes »… j’hésite. #wikipedia

(Originally on Twitter: Sun Dec 25 21:00:46 +0000 2011)

@rafi0t For short ID, it’s not the first one. It’s even part of the OpenPGP standard that software should know that. http://tools.ietf.org/html/rfc4880#section-3.3

(Originally on Twitter: Tue Dec 27 13:51:24 +0000 2011)

@antirez https://cryptanalysis.eu/blog/2011/12/28/effective-dos-attacks-against-web-application-plattforms-hashdos/ What’s your feeling about such attacks against Redis? #hashDoS

(Originally on Twitter: Wed Dec 28 22:05:51 +0000 2011)

http://be-geek.com/linux/2011/11/15/steinar-h-gunderson-ebury-a-new-ssh-trojan “Ebury, a new SSH trojan” an interesting blog post about an often underestimated Linux Trojan… #infosec

(Originally on Twitter: Thu Dec 29 16:31:20 +0000 2011)

Usually when I said that I use Perl for solving problems… people laugh at me but who introduced hash randomization in 2003? #infosec

(Originally on Twitter: Fri Dec 30 22:01:50 +0000 2011)

http://etbe.coker.com.au/2011/12/31/server-cracked/ “SE Linux doesn’t protect against a compromised client system” #infosec #unix

(Originally on Twitter: Sat Dec 31 08:36:21 +0000 2011)

RT @DidierStevens: Just released a little Cisco IOS security tool to start the new year: http://bit.ly/vng1ZZ

(Originally on Twitter: Mon Jan 02 09:44:33 +0000 2012)

https://github.com/CIRCL/pe32-cert-dump Very handy when you have large set of Windows signed PE executable and you want to extract the certificate on Unix.

(Originally on Twitter: Tue Jan 03 09:23:58 +0000 2012)

A small reminder for the attackers doing bruteforce, on some BSD variants the “toor” account is also interesting. #infosec #unix

(Originally on Twitter: Wed Jan 04 09:25:51 +0000 2012)

http://www.jmeds.eu/index.php/jmeds/article/view/Hiding-Malicious-Content-in-PDF-Documents “This paper is a proof-of-concept demonstration for a specific digital signatures vulnerability in PDF” #infosec

(Originally on Twitter: Wed Jan 04 09:29:40 +0000 2012)

RT @fpietrosanti: Python Default SSL Cipher ticket implemented. Will be in Python 2.7 & 3.3 http://bugs.python.org/issue13636

(Originally on Twitter: Wed Jan 04 09:56:34 +0000 2012)

RT @circl_lu: http://openssl.org/news/secadv_20120104.txt “Six security flaws have been fixed in OpenSSL 1.0.0f and 0.9.8s.” #infosec #ssl #tls

(Originally on Twitter: Thu Jan 05 14:23:04 +0000 2012)

RT @xme: Good post by @chriseng: Vulnerability Response Done Right: http://www.veracode.com/blog/2012/01/vulnerability-response-done-right/

(Originally on Twitter: Thu Jan 05 16:50:37 +0000 2012)

http://technet.microsoft.com/en-us/library/cc162838.aspx Malware response seen in the eyes of Microsoft. Some boxes can be research topics..

(Originally on Twitter: Fri Jan 06 09:15:31 +0000 2012)

@cudeso I’m curious what you are doing in the kitchen at work… #infosec #kitchen

(Originally on Twitter: Fri Jan 06 09:23:15 +0000 2012)

RT @ProjectHoneynet: Here’s an interesting project : http://urlquery.net/about.php “urlQuery.net is a service for detecting and analyzing web-bas …

(Originally on Twitter: Fri Jan 06 09:46:48 +0000 2012)

http://code.google.com/p/patator/ “Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.” #pentest

(Originally on Twitter: Fri Jan 06 10:01:08 +0000 2012)

http://www.csc.ncsu.edu/faculty/jiang/pubs/NDSS12_WOODPECKER.pdf “Systematic Detection of Capability Leaks in Stock Android Smartphones” #android

(Originally on Twitter: Fri Jan 06 14:16:42 +0000 2012)

RT @hack_lu: hack.lu 2012 will take place the 23,24 and 25 October 2012. Update your agenda. We hope to see you there. #infosec #conference

(Originally on Twitter: Fri Jan 06 14:42:34 +0000 2012)

For the curious, I will be at least at the #FOSDEM http://www.fosdem.org/ and #HES http://2012.hackitoergosum.org/ and also in the underground library.

(Originally on Twitter: Mon Jan 09 21:19:08 +0000 2012)

https://grepular.com/Punching_through_The_Great_Firewall_of_TMobile So T-Mobile uses the TCP RST techniques used by China to filter the traffic. Drop RST packets and you’re fine #infosec

(Originally on Twitter: Tue Jan 10 07:27:30 +0000 2012)

http://msdn.microsoft.com/en-us/library/bb204084%28v=exchg.140%29.aspx Autodiscover XML Elements (POX) in Microsoft Exchange is full of (un)secure potential. #infosec

(Originally on Twitter: Tue Jan 10 17:07:01 +0000 2012)

@xme it’s great song and band. One of my favorite is “Headhunter”. The lyrics even match for malware hunting ;-) #infosec #front242

(Originally on Twitter: Wed Jan 11 10:38:53 +0000 2012)

http://www.accuvant.com/node/5552 “Old Meets New: Microsoft Windows SafeSEH Incompatibility” interesting post on the safe structured exception handling

(Originally on Twitter: Wed Jan 11 13:30:11 +0000 2012)

@xme an rsync module for http://code.google.com/p/patator/ could be added quite easily.

(Originally on Twitter: Wed Jan 11 14:16:50 +0000 2012)

http://hal.inria.fr/index.php?halsid=aqjc5a1sh5vot2krcs5mcf1hm2&view_this_doc=tel-00627981&version=1 “Self-Adaptive Honeypots Coercing and Assessing Attacker Behaviour” disclaimer: I was the technical supervisor.

(Originally on Twitter: Wed Jan 11 20:36:43 +0000 2012)

@searchio http://netglub.org’s guy did a lightning talk during #hack.lu 2010 but everyone is still waiting for a download link… #infosec

(Originally on Twitter: Thu Jan 12 13:51:33 +0000 2012)

@searchio Great, they finally released it. That’s a good news. I’ll give it a try too. thx

(Originally on Twitter: Thu Jan 12 14:22:02 +0000 2012)

A software vendor replied to me about a vulnerability in the random generator: “…but our session keys don’t need to be random”. #wtf

(Originally on Twitter: Thu Jan 12 22:20:01 +0000 2012)

@fboule another story but did they finally fix the DLL hijacking vulnerability? #infosec

(Originally on Twitter: Thu Jan 12 22:31:33 +0000 2012)

http://www.netzob.org/ Netzob is a free software tool to support reverse engineering, evaluation and simulation of communication protocols.

(Originally on Twitter: Sat Jan 14 19:16:46 +0000 2012)

RT @Kleissner: I love UEFI. Makes it easier to write bootkits / OS independent malware.

(Originally on Twitter: Sat Jan 14 19:25:21 +0000 2012)

http://labs.alienvault.com/labs/index.php/2012/when-the-apt-owns-your-smart-cards-and-certs/ Another smart card proxy malware… #Sykipot #infosec

(Originally on Twitter: Sun Jan 15 10:58:55 +0000 2012)

http://www.goodiff.org/changeset/648/opera/www.opera.com/security/policy/index.html Opera changed a bit their security vulnerability disclosure policy. #infosec #goodiff

(Originally on Twitter: Sun Jan 15 11:18:30 +0000 2012)

It’s clever. Using a BPF filter/state machine to evaluate system call to filter them. #kernel #linux #infosec https://lkml.org/lkml/2012/1/11/260

(Originally on Twitter: Mon Jan 16 20:29:26 +0000 2012)

http://arxiv.org/abs/0909.3688 “Harvesting SSL Certificate Data to Identify Web-Fraud” interesting. Classifiers are really better than brute-force?

(Originally on Twitter: Tue Jan 17 09:14:01 +0000 2012)

RT @mattblaze: I was just invited to the ACM CCS pgm committee, which I declined because of ACM’s copyright policies and paywall. Consid …

(Originally on Twitter: Tue Jan 17 17:53:59 +0000 2012)

“The current code generator emits no code for an assert statement” I should read more often the Python documentation instead of debugging.

(Originally on Twitter: Wed Jan 18 21:43:21 +0000 2012)

RT @mylifeasageek: MS11-087 Duqu .docx embedding .ttf virustotal results 0/43. what’s going on? http://www.virustotal.com/file/ad139787adab6a2f14c3bccc07b7f4401c58c4b4a2c8353cc5b5c4ca88da35d6/analysis/1326937069/ @NTarakanov

(Originally on Twitter: Thu Jan 19 16:34:11 +0000 2012)

RT @circl_lu: http://tools.ietf.org/html/draft-christey-wysopal-vuln-disclosure-00 “Responsible Vulnerability Disclosure Process” was a good Internet-Draft. A pity that is not an RFC. …

(Originally on Twitter: Thu Jan 19 17:26:58 +0000 2012)

@ForumNucleaire Alors on compare les apiculteurs et les abeilles? à la fission nucléaire? Cela n’est pas très scientifique… #belgium

(Originally on Twitter: Thu Jan 19 20:22:08 +0000 2012)

@ForumNucleaire Merci. Pourriez-vous publier le rapport technique détaillé sur l’incident de Doel du 18 mars 2011? #belgium

(Originally on Twitter: Fri Jan 20 20:11:48 +0000 2012)

A Web Application Firewall module for Nginx https://code.google.com/p/naxsi/ looks interesting but I need to check the code #infosec #waf

(Originally on Twitter: Fri Jan 20 20:19:29 +0000 2012)

RT @teamcymru: Fake sshd to log attack brute force attempts http://bit.ly/yUjGcp

(Originally on Twitter: Fri Jan 20 21:01:03 +0000 2012)

Spending 8.8 million euro in Belgium for a new electronic voting system? The old paper-based was cheaper and secure an http://www.zoegenot.be/8-8-millions-pour-un-nouveau.html

(Originally on Twitter: Sun Jan 22 15:12:16 +0000 2012)

RT @mruef: Was talking with my doctor about sensitivity of patient data. He underestimates the risk. Insurance companies & blackmailers …

(Originally on Twitter: Sun Jan 22 16:33:38 +0000 2012)

released Forban 0.0.30 (mainly bug fixes and updated CherryPy) https://github.com/adulau/Forban http://www.foo.be/forban/ opportunistic #p2p #forban

(Originally on Twitter: Sun Jan 22 16:39:30 +0000 2012)

RT @k4l4m4r1s: This is common in the IT industry, trainers know about the products they are training in but have never used them in real …

(Originally on Twitter: Sun Jan 22 19:27:00 +0000 2012)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=198214a7ee50375fa71a65e518341980cfd4b2f0 I love git especially when we have good commit messages like “no longer a security hazard”. #infosec #kernel

(Originally on Twitter: Mon Jan 23 07:36:29 +0000 2012)

If it takes 10 months in a free software with a git repoto find a documented vulnerability. How long for a proprietary software? #infosec

(Originally on Twitter: Mon Jan 23 07:39:07 +0000 2012)

I’m tempted to say “ad infinitum”. #infosec

(Originally on Twitter: Mon Jan 23 07:42:25 +0000 2012)

@ForumNucleaire merci mais l’AFCN n’a publié qu’un communiqué et le rapport sur cet incident n’est pas disponible au public. @greenpeace_be

(Originally on Twitter: Mon Jan 23 19:42:31 +0000 2012)

RT @jeffbulljr: According to futuristic movies the GUI is dead and everything is executed via command line? Is everyone just gonna be sm …

(Originally on Twitter: Tue Jan 24 13:10:52 +0000 2012)

+2 for the serial converter from Digitus, they even include a small paper version of the GNU General Public License version 3 #gnu

(Originally on Twitter: Tue Jan 24 15:18:53 +0000 2012)

https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/241305 If canonical is listening, could you resolve the bug #241305 that I reported in 2008? thank you #ipv6 #infosec

(Originally on Twitter: Tue Jan 24 17:05:33 +0000 2012)

released a simple Internet domain extractor (alpha) library and classifier from any raw text. https://github.com/adulau/DomainClassifier #datamining

(Originally on Twitter: Tue Jan 24 22:04:21 +0000 2012)

Everyone is looking for a definition of “cloud computing” maybe the only definition “the cloud is where no one is responsible for security”

(Originally on Twitter: Wed Jan 25 21:12:22 +0000 2012)

RT @tricaud: Analysis of the 54 Gb Syrian bluecoat log files part 1 http://bit.ly/yE1xDP #picviz #secviz #bigdata #infoviz

(Originally on Twitter: Thu Jan 26 16:29:28 +0000 2012)

http://www.mofa.go.jp/policy/economy/i_property/acta1201.html “Signing Ceremony of the EU for the Anti-Counterfeiting Trade Agreement” signing is voting in Today’s dictionary #wtf

(Originally on Twitter: Thu Jan 26 19:01:15 +0000 2012)

Standard updated today: Common Vulnerability Scoring System (CVSS) got a new range of value from 9.9 up to 10. #infosec

(Originally on Twitter: Thu Jan 26 22:04:05 +0000 2012)

“Statistical analysis of emotions and opinions at Digg website” http://arxiv.org/abs/1201.5484 I would like to get the program used for the experiment

(Originally on Twitter: Fri Jan 27 06:01:08 +0000 2012)

RT @circl_lu: http://www.openssh.com/txt/legacy-cert.adv Legacy certificates generated by OpenSSH might contain data from the stack thus leaking confidential …

(Originally on Twitter: Fri Jan 27 16:48:59 +0000 2012)

listens in loop the album from Austra @austratalks “Feel It Break”. A masterpiece of simple and efficient electro with a great dark voice.

(Originally on Twitter: Sat Jan 28 16:28:10 +0000 2012)

http://marc-stevens.nl/research/ Single-block collision attack on MD5 after the short chosen-prefix MD5 collisions (same author). #crypto #md5 #infosec

(Originally on Twitter: Sun Jan 29 22:22:32 +0000 2012)

http://arxiv.org/abs/1201.5728 “Functional Programming and Security” #programming #infosec

(Originally on Twitter: Mon Jan 30 12:20:27 +0000 2012)

RT @ChrisJohnRiley: #ShmooConEpilogue Technology | Products are not going to save your ass! Stop buying them…

(Originally on Twitter: Mon Jan 30 15:36:16 +0000 2012)

RT @ProjectHoneynet: This looks very interesting. http://ironwasp.org/

(Originally on Twitter: Mon Jan 30 22:09:41 +0000 2012)

A small note the for http://cryptome.org operator, http://cryptome.org/2012/01/0074.htm the file format of the backup is “Microsoft Tape Format” #comodo

(Originally on Twitter: Tue Jan 31 08:25:07 +0000 2012)

Thanks to @HoffmannMich for pointing me to http://www.exploit-db.com/exploits/18417/ so a “locate /wp-admin/setup-config.php | xargs chmod 000” could be useful.

(Originally on Twitter: Tue Jan 31 15:06:50 +0000 2012)

@eromang @HoffmanMich for the ones I saw it’s an older vulnerability. This one even applies with the current release version of WordPress.

(Originally on Twitter: Tue Jan 31 18:34:45 +0000 2012)

Any Redis proxy available to limit the commands to be used? I’m close to write one to only allow read commands for security reason @antirez

(Originally on Twitter: Tue Jan 31 21:34:37 +0000 2012)

@antirez Great, I really missed the rename option in the config for the past months ;-) Very nifty and a clean way to secure it. #redis

(Originally on Twitter: Tue Jan 31 21:40:16 +0000 2012)

The Today’s fluffy statement: “not too low, not too high but keep it high” or how to define an oscillating function in business terms.

(Originally on Twitter: Thu Feb 02 07:45:51 +0000 2012)

@rommelfs That’s the useful part of such business statement. They can describe many functions without giving insight about the real meaning.

(Originally on Twitter: Thu Feb 02 07:57:19 +0000 2012)

http://www.sec.gov/Archives/edgar/data/1014473/000119312511285850/d219781d10q.htm “We experienced security breaches in the corporate network in 2010 which were not sufficiently reported to Management.”

(Originally on Twitter: Thu Feb 02 17:07:21 +0000 2012)

RT @circl_lu: http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-61-Rev.%202 “SP 800-61 Rev. 2 DRAFT Computer Security Incident Handling Guide” in current review. comments welcom …

(Originally on Twitter: Thu Feb 02 17:39:16 +0000 2012)

RT @tricaud: @adulau and I talk about passive dns analysis with Picviz was accepted for CanSecWest.

(Originally on Twitter: Sat Feb 04 16:24:24 +0000 2012)

@ioerror will do a “Research Seminar: Tor network” at the University of Luxembourg Friday PM http://wwwen.uni.lu/snt/news_events/research_seminar_tor_network #infosec #tor

(Originally on Twitter: Mon Feb 06 12:14:51 +0000 2012)

So Google drops CRL and OCSP in Chrome and became intermediate “CRL” maintainer… http://www.imperialviolet.org/2012/02/05/crlsets.html

(Originally on Twitter: Tue Feb 07 08:25:51 +0000 2012)

“srand((unsigned int)time(NULL)); srand((unsigned int)rand());” seen in a recent source leaked on Internet. #random #infosec

(Originally on Twitter: Tue Feb 07 13:51:18 +0000 2012)

@SteveClement So you leaked the login name, password, the exact location even the hostname… what’s next a reverse shell? ;-)

(Originally on Twitter: Tue Feb 07 14:59:51 +0000 2012)

RT @xme: When you need to leave online old content or based on outdated/unsupported software, convert it to static HTML!

(Originally on Twitter: Wed Feb 08 14:31:33 +0000 2012)

@bortzmeyer If this is not an issue, why a homograph of paypal in Cyrillic is blocked at the registar level? security or trademark reason?

(Originally on Twitter: Wed Feb 08 15:43:00 +0000 2012)

is tempted to start a new list of snake-oil security software. After this conf-call where I heard “yes, the keys are hard coded” #wtf.

(Originally on Twitter: Wed Feb 08 20:48:58 +0000 2012)

Just submitted a proposal for #Haxogreen hope to see you there…. http://www.hackerspace.lu/2012/02/03/haxogreen-2012-call-for-proposals/

(Originally on Twitter: Wed Feb 08 21:52:55 +0000 2012)

Being in the mood tonight, I submitted a second proposal for #haxogreen. A bit more chemical than the previous one… http://www.hackerspace.lu/2012/02/03/haxogreen-2012-call-for-proposals/

(Originally on Twitter: Wed Feb 08 22:12:56 +0000 2012)

RT @maradydd: .@eqe I decided a while back I’m only going to publish in open-access venues anymore. So basically, USENIX, PLoS, and past …

(Originally on Twitter: Thu Feb 09 20:43:26 +0000 2012)

If you are using the #PirateBox and you need updates/features for Forban, let me know. http://www.foo.be/forban/ #p2p #sharing

(Originally on Twitter: Sat Feb 11 16:34:36 +0000 2012)

RT @teamcymru: New targeted ActiveX attack with infected .doc in the wild, patch to MS11-073 of 9/13/11 for protection http://bit.ly/zubSX5

(Originally on Twitter: Sun Feb 12 09:19:38 +0000 2012)

Don’t forget in enterprise security that any simple malware can be used as a dropper for your next or current persistent infection. #infosec

(Originally on Twitter: Sun Feb 12 09:29:01 +0000 2012)

https://bugzilla.mozilla.org/show_bug.cgi?id=724929#c15 Trustwave is issuing interception X.509 certificate… what’s the next CA? The CA keyring might become smaller…

(Originally on Twitter: Sun Feb 12 09:33:21 +0000 2012)

RT @circl_lu: Video of @ioerror’s #Tor talk at uni.lu now online at http://youtu.be/RmGeEGsfpO8 #anonymity #censorship

(Originally on Twitter: Tue Feb 14 12:18:32 +0000 2012)

Just heard a phone conversation of @rommelfs with some telemarketers “Correct, we have no marketing or sales dept here. We just work here.”

(Originally on Twitter: Tue Feb 14 12:30:05 +0000 2012)

http://11011110.livejournal.com/241173.html “Needles in haystacks: shared factors among many large composite numbers” #crypto #infosec

(Originally on Twitter: Wed Feb 15 13:46:10 +0000 2012)

RT @mthorbruegge: Kraftwerk performing 3D-enhanced retrospective concerts over 8 nights at MoMA http://j.mp/wOxSd7

(Originally on Twitter: Fri Feb 17 09:20:49 +0000 2012)

#github is not feeling well today.

(Originally on Twitter: Fri Feb 17 16:12:02 +0000 2012)

https://cloudsecurityalliance.org/star/ “..allows them to submit self assessment reports that document compliance to CSA..” Just compliance not security.

(Originally on Twitter: Fri Feb 17 17:01:05 +0000 2012)

Tomorrow I’m giving another courses about network forensic using Redis. Less sexy than Redis powering Youporn… http://groups.google.com/group/redis-db/browse_thread/thread/77841c595d29f983

(Originally on Twitter: Fri Feb 17 20:10:12 +0000 2012)

http://blog.mozilla.com/security/2012/02/17/message-to-certificate-authorities-about-subordinate-cas/ Message to Certificate Authorities from Firefox to revoke all subordinate CA cert used for MiTM before April 27, 2012.

(Originally on Twitter: Sat Feb 18 16:45:20 +0000 2012)

@laurentchemla Hé oui, c’est dans ces moments là que tu voudrais être Theodore Kaczynski…

(Originally on Twitter: Sat Feb 18 17:25:05 +0000 2012)

http://webpolicy.org/2012/02/17/safari-trackers/ A technical analysis of Safari’s cookie blocking feature and how it’s circumvented by advertisers… #infosec

(Originally on Twitter: Sat Feb 18 17:36:44 +0000 2012)

RT @mruef: Dear developer, please don’t overwrite config files during an update. Otherwise I have to chop your head off. Sincerely

(Originally on Twitter: Sat Feb 18 17:48:33 +0000 2012)

If you are a politician and you are about to shutdown a local library, read this HN post and the @tqbf comment http://news.ycombinator.com/item?id=3607217

(Originally on Twitter: Sun Feb 19 16:32:43 +0000 2012)

committed a basic “malicious’ domain ranking in the DomainClassifier based on @bgpranking values https://github.com/adulau/DomainClassifier @rafi0t

(Originally on Twitter: Sun Feb 19 18:00:25 +0000 2012)

@rfc1149 I used GNU screen (-x) for sharing terminal sessions with the students. Quick and functional.

(Originally on Twitter: Mon Feb 20 07:19:42 +0000 2012)

http://blog.si6networks.com/2012/02/ipv6-nids-evasion-and-improvements-in.html “IPv6 NIDS evasion and improvements in IPv6 fragmentation/reassembly” #infosec #ipv6 #nids

(Originally on Twitter: Tue Feb 21 07:54:06 +0000 2012)

HyperDex looks really interesting but lacking the wonderful sorted set from Redis… http://hyperdex.org/

(Originally on Twitter: Wed Feb 22 22:19:58 +0000 2012)

@rescrv How would you create a space for ZRANGEBYSCORE or ZREVRANGEBYSCORE operations in HyperDex with the same time complexity of Redis?

(Originally on Twitter: Thu Feb 23 11:20:32 +0000 2012)

RT @hgascon: Dalvik Opcodes Table http://code.google.com/p/corkami/wiki/OpcodesTables?show=content

(Originally on Twitter: Thu Feb 23 11:24:11 +0000 2012)

Hooking at IRP_MJ_INTERNAL_CONTROL level is clever for a malware but some AVs are doing it too. But who is hooking first? #infosec

(Originally on Twitter: Thu Feb 23 13:18:22 +0000 2012)

Malware analysis or how to use advanced techniques to always stay a bit less behind. #infosec #reversing

(Originally on Twitter: Mon Feb 27 15:15:45 +0000 2012)

@el33th4xor Yes, sorting on the client side might an option. In my case, (re)caching large returned dataset might waste too much memory.

(Originally on Twitter: Mon Feb 27 21:56:08 +0000 2012)

RT @raffaelmarty: Lots of talk about ‘security intelligence’, but honestly, I don’t see many new ideas compared to 5 years ago. #AGC2012

(Originally on Twitter: Mon Feb 27 21:58:28 +0000 2012)

@fredraynal feel free to knock at the door…

(Originally on Twitter: Wed Feb 29 11:11:28 +0000 2012)

@tricaud great view. Mine is less nice ;-) but also coding some sample to be released at #csw12 #infosec

(Originally on Twitter: Fri Mar 02 19:52:03 +0000 2012)

At least @GitHub is now fixed… I’m just wondering about all the remaining Rails application around. #infosec http://news.ycombinator.com/item?id=3663313

(Originally on Twitter: Sun Mar 04 18:12:41 +0000 2012)

@SteveClement Good to know but to ensure the quality of tea in a bag, don’t forget to perform a mass spectrometry. #tea

(Originally on Twitter: Mon Mar 05 12:41:49 +0000 2012)

I don’t like compiling a new Python interpreter just to have the debugging symbols. and ending up to debug an ASN parser via ctypes…

(Originally on Twitter: Mon Mar 05 21:51:05 +0000 2012)

Penetration testing is just like intellectual property. There are no meaning in those terms. Maybe /dev/null is more meaningful.

(Originally on Twitter: Wed Mar 07 21:34:10 +0000 2012)

We just prepared some “funky” slides for the lightning talks at #csw12. @tricaud

(Originally on Twitter: Thu Mar 08 18:33:48 +0000 2012)

RT @circl_lu: A good reminder to use anti-spoofing - http://home.regit.org/netfilter-en/secure-use-of-helpers/ Attacks will be presented at #csw12

(Originally on Twitter: Thu Mar 08 19:48:16 +0000 2012)

@rbidule it will be. It’s a mix between APT, Stuxnet and some obscure secret sauce ;-)

(Originally on Twitter: Thu Mar 08 20:04:54 +0000 2012)

http://code.google.com/p/lola-linux/ “Linux kernel module to provide low level (hardware) access” seems very nifty #csw12

(Originally on Twitter: Thu Mar 08 23:50:07 +0000 2012)

RT @Regiteric: One clever thing would be to double the reward if someone finds a zero-day and comes with a fix. #Pwnium #csw12

(Originally on Twitter: Thu Mar 08 23:52:24 +0000 2012)

RT @tricaud: @rbidule @adulau yeah! And pedobear is featured! #csw12

(Originally on Twitter: Fri Mar 09 02:02:49 +0000 2012)

We learn new stuff everyday. We don’t say any more “scanning an IP range” but “probing the cloud”. #csw12

(Originally on Twitter: Fri Mar 09 17:18:43 +0000 2012)

RT @Regiteric: “Anything free could bite you back”. Yeah, Let’s remove Linux from all operators equipment. #QOTD #csw12

(Originally on Twitter: Fri Mar 09 18:05:29 +0000 2012)

@Regiteric If we follow a logic, Junos was based on BSD kernel? So they should remove themself from the operator networks. #csw12

(Originally on Twitter: Fri Mar 09 18:08:47 +0000 2012)

RT @tricaud: Jun Xie downloading his presentation from http://google.com/ root dir :-) #csw12

(Originally on Twitter: Fri Mar 09 21:36:14 +0000 2012)

Currently a presentation about a p2p protocol called Thunder http://en.wikipedia.org/wiki/Xunlei that can be abused. Seems largely used in China. #csw12

(Originally on Twitter: Fri Mar 09 21:42:31 +0000 2012)

@vessial interesting topic. Do you plan to release your tools for the analysis of the Thunder network protocol (Xunlei)? #csw12

(Originally on Twitter: Fri Mar 09 23:55:27 +0000 2012)

RT @Regiteric: Christien Wojner making an interesting talk about WOW (http://en.wikipedia.org/wiki/WoW64) side effects at #cansecwest. #csw12

(Originally on Twitter: Sat Mar 10 00:07:26 +0000 2012)

RT @quarkslab: #SSTIC 2012 Paper on Windows Runtime accepted. A trip inside the new security model for applications in Windows 8

(Originally on Twitter: Sat Mar 10 12:30:12 +0000 2012)

The 0day market clearly summarized http://news.ycombinator.com/item?id=3681229 #csw12 #pwnium #pwn2own sometime being a market is not the best option…

(Originally on Twitter: Sat Mar 10 14:40:41 +0000 2012)

@HackitoErgoSum congrats for the program. Very impressive. #hes2012

(Originally on Twitter: Sat Mar 10 23:03:44 +0000 2012)

http://commoncrawl.org/mapreduce-for-the-masses/ @commoncrawl I like your initiative but could you forget Java? #mapreduce

(Originally on Twitter: Sun Mar 11 20:44:44 +0000 2012)

RT @i0n1c: Of course the security check had nothing todo with me… Maybe one of the other guys coming with me from #CanSecWest

(Originally on Twitter: Mon Mar 12 09:57:53 +0000 2012)

@i0n1c Interesting. My passport was reviewed manually and re-encoded from NL to Vancouver at boarding. Might be a software 0day^H^H^Hbug.

(Originally on Twitter: Mon Mar 12 10:15:32 +0000 2012)

RT @circl_lu: http://blogs.technet.com/b/srd/archive/2012/03/13/cve-2012-0002-a-closer-look-at-ms12-020-s-critical-issue.aspx “A closer look at MS12-020’s critical issue” remote code execution in RDP #infosec

(Originally on Twitter: Tue Mar 13 17:54:58 +0000 2012)

http://thenextweb.com/media/2012/03/13/belgian-rightsholders-group-wants-to-charge-libraries-for-reading-books-to-kids/ We should charge SABAM in Belgium for all the stupid stuff they do and say. A large budget increase for the State.

(Originally on Twitter: Tue Mar 13 17:57:21 +0000 2012)

http://exploitshop.wordpress.com/2012/03/13/ms12-020-vulnerabilities-in-remote-desktop-could-allow-remote-code-execution/ - http://blog.binaryninjas.org/?p=58 More potential fun with MS12-020…

(Originally on Twitter: Wed Mar 14 08:47:52 +0000 2012)

RT @tricaud: Our #CanSecWest slides of our talk with @adulau are available http://bit.ly/yuXkTy #csw12

(Originally on Twitter: Wed Mar 14 12:22:14 +0000 2012)

http://www-users.cs.umn.edu/~foo/research/docs/fookune_ndss_gsm.pdf “Location Leaks on the GSM Air Interface” Using the weak distribution of TMSI #privacy #gsm #mobile

(Originally on Twitter: Wed Mar 14 12:48:22 +0000 2012)

@imrim “We need good code” sure on shared secure operating system, libraries, hardware and firmware. We are nowhere… #infosec

(Originally on Twitter: Wed Mar 14 16:48:15 +0000 2012)

RT @pretorienx: Writing a bFLT loader for IDA Pro: http://www.devttys0.com/2012/03/writing-a-bflt-loader-for-ida/ @devttyS0

(Originally on Twitter: Wed Mar 14 16:53:59 +0000 2012)

RT @xme: XCat is available here: https://GitHub.com/orf/xcat #BlackhatEU

(Originally on Twitter: Wed Mar 14 16:59:32 +0000 2012)

OpenSSL 1.0.1 just released including DTLS heartbeat and also RFC 5705 (reuse key materials for other soft) and SCTP support. Fun is ahead

(Originally on Twitter: Thu Mar 15 06:53:36 +0000 2012)

@laquadrature Have you more information about this vote at JURI? http://news.ycombinator.com/item?id=3707342 about orphaned works?

(Originally on Twitter: Thu Mar 15 08:00:59 +0000 2012)

RT @luigi_auriemma: ms12-020 mistery: the packet stored in the “chinese” rdpclient.exe PoC is the EXACT ONE I gave to ZDI!!! @thezdi? @m …

(Originally on Twitter: Fri Mar 16 14:26:55 +0000 2012)

Wonderful, we have a proof that the zero day market is playing a double game. I’m guessing the answer: “No, it was an APT”. #infosec

(Originally on Twitter: Fri Mar 16 14:34:20 +0000 2012)

RT @DragonResearch: The latest version of DRG Weekend Reads is out, find it here: https://dragonresearchgroup.org/reads/ Enjoy and send us your tips!

(Originally on Twitter: Fri Mar 16 15:01:00 +0000 2012)

http://www.flickr.com/photos/adulau/6841271128/ Experimenting graphs and MCL cluster to see outliers in network flows… worked well. #infovis #infosec

(Originally on Twitter: Fri Mar 16 15:33:54 +0000 2012)

@security4all http://news.ycombinator.com/item?id=3707342 I’m still wondering where the numbers are coming from. Not from an EU website until now.

(Originally on Twitter: Fri Mar 16 15:41:52 +0000 2012)

@thegrugq agree. sys.stdout.write is really behaving like an old Perl print… and print becomes a function in Py 3. But wrappers die in 3.

(Originally on Twitter: Sat Mar 17 10:43:21 +0000 2012)

@Pir_Box Si vous avez Python sur la #PiratePox, vous pouvez faire tourner #forban http://www.foo.be/forban/ https://github.com/adulau/Forban

(Originally on Twitter: Mon Mar 19 06:09:58 +0000 2012)

http://arxiv.org/abs/1203.3866 “Computational Security Analysis of the UMTS and LTE Authentication and Key Agreement Protocols”

(Originally on Twitter: Tue Mar 20 08:30:03 +0000 2012)

“segfault at 5120fc20 ip 00000000004017cc sp 000000005120fc20 error 6” Usual but not for DJB code….

(Originally on Twitter: Tue Mar 20 13:42:13 +0000 2012)

http://www.rfc-editor.org/rfc/rfc6561.txt “Recommendations for the Remediation of Bots in ISP Networks” #infosec #ietf

(Originally on Twitter: Tue Mar 20 15:46:58 +0000 2012)

I should reuse this email signature “quit whining you haven’t done anything wrong because frankly you haven’t done much of anything”

(Originally on Twitter: Tue Mar 20 18:33:32 +0000 2012)

It seems that #TEDxLuxembourgCity is far away from the original #TED talks. Where is Clifford Stoll or those crazy innovators? @tedxluxcity

(Originally on Twitter: Tue Mar 20 22:16:31 +0000 2012)

@kwisArts The initial TED talks were about disruptive ideas, now it’s more networking and marketing… it’s time to do something else.

(Originally on Twitter: Tue Mar 20 22:32:15 +0000 2012)

@kwisArts If you go there, let us know if you find some interesting “doers” between the champagne and the cocktails.

(Originally on Twitter: Tue Mar 20 22:35:04 +0000 2012)

@cbuchler at least, they reach one goal. “to stimulate dialogue” #TEDx

(Originally on Twitter: Tue Mar 20 22:37:26 +0000 2012)

@cbuchler On the positive side, networking is good when it’s there to help creators and doers to experiment their ideas to improve society.

(Originally on Twitter: Tue Mar 20 22:41:27 +0000 2012)

http://blogs.msdn.com/b/ie/archive/2012/03/12/enhanced-memory-protections-in-ie10.aspx “Enhanced Memory Protections in IE10” Curious if HEASLR has really an impact… #infosec

(Originally on Twitter: Tue Mar 20 22:44:27 +0000 2012)

@cbuchler I’m always positive. You can find “doers” in a set of persons. You just need to shuffle the set regularly.

(Originally on Twitter: Tue Mar 20 22:46:59 +0000 2012)

I suppose this a parody of the RSA conference? http://www.youtube.com/watch?v=I7iM5CbBLBY If this was the true one, I will stop tweeting for one day. #circus

(Originally on Twitter: Wed Mar 21 14:57:23 +0000 2012)

@wimremes Right for marketing. But would you sell your 0days via the same registered company?

(Originally on Twitter: Wed Mar 21 15:11:22 +0000 2012)

RT @thegrugq: People spreading FUD about 0day sales won’t tell the truth: when you inform the vendor, they will give the 0day to China …

(Originally on Twitter: Wed Mar 21 15:23:36 +0000 2012)

@fredraynal I’m still thinking this is a parody. Not something real. It can’t be possible that the audience was so calm. #infoseccircus

(Originally on Twitter: Wed Mar 21 15:32:40 +0000 2012)

Watching the stream of @TEDxLuxCity Luxembourg really needs a local initiative like @ycombinator

(Originally on Twitter: Wed Mar 21 15:47:36 +0000 2012)

@DidierStevens Would be great if you put your PDF tools into git(hub)… especially for tracking their changes or for contributing. Thx.

(Originally on Twitter: Thu Mar 22 14:22:36 +0000 2012)

@DidierStevens Even a HTTP git repository on your personal website is fine. Like that, we clone, merge and test in one shot ;-)

(Originally on Twitter: Thu Mar 22 14:37:01 +0000 2012)

@DidierStevens and especially an official git upstream from the author from his own website. Not the unofficial ;-) https://github.com/thomcarver/pdf-tools

(Originally on Twitter: Thu Mar 22 14:39:15 +0000 2012)

@DidierStevens Thank you, you are the king… A pity that we cannot vote for the king in Belgium. #infosec

(Originally on Twitter: Thu Mar 22 14:47:40 +0000 2012)

RT @Deploy360: Dan Massey and Joe Gersch have a proposal for “Route Origin Verification”. A testbed is available -> http://t.co/TKvzF …

(Originally on Twitter: Thu Mar 22 14:58:54 +0000 2012)

“How to Estimate Change from Samples” http://arxiv.org/abs/1203.4903 a common issue with sampled Netflow records but the paper lacks a software

(Originally on Twitter: Fri Mar 23 08:08:00 +0000 2012)

If someone is going to ICDDFS 2011 next week, I’m interested to get the slides… #infosec https://www.eventsforce.net/mps/frontend/reg/thome.csp?pageID=1246&eventID=6&eventID=6

(Originally on Twitter: Fri Mar 23 08:52:59 +0000 2012)

http://waleedassar.blogspot.com/2012/03/anti-dumping-part-2.html Anti dumping memory with modified SectionAlignment in the PE file…

(Originally on Twitter: Sat Mar 24 06:27:22 +0000 2012)

Usually we said,it’s always a permission issue but looking at the TSC clock source mess, I tend to say, it’s always a clocking issue.

(Originally on Twitter: Sun Mar 25 12:09:28 +0000 2012)

Under Linux kernel if you want to know available_clocksource or the current_clocksource under /sys/devices/system/clocksource/clocksource0/

(Originally on Twitter: Sun Mar 25 12:11:13 +0000 2012)

http://blogs.technet.com/b/sysinternals/archive/2012/03/26/updates-accesschk-v-5-03-autoruns-amp-autorunsc-v-11-22-procmon-v-3-0-pslist-v-1-3.aspx If you are using systinternals/Autoruns update to the latest version, there is a buffer overflow on very long paths.

(Originally on Twitter: Tue Mar 27 09:42:33 +0000 2012)

I’m sure in a train you can find more samples of malware per square meter than in a cybercafe… after seeing the screen next to me #infosec

(Originally on Twitter: Tue Mar 27 18:12:06 +0000 2012)

released Forban 0.0.31 - some bug fixes. Some users of the #PirateBox using this latest version. https://github.com/adulau/Forban http://foo.be/forban/

(Originally on Twitter: Tue Mar 27 19:50:23 +0000 2012)

RT @sempersecurus: The most important component of an info-sec working group is Trust. Once that’s lost, the setback to effective collab …

(Originally on Twitter: Thu Mar 29 07:24:39 +0000 2012)

@mthorbruegge Do you know if the Cyber Crime Centre of Europol is equal to the ECC previously mentioned in various reports? #infosec

(Originally on Twitter: Thu Mar 29 09:24:34 +0000 2012)

https://github.com/habbie/ip6-arpa-scan/ http://7bits.nl/blog/2012/03/26/finding-v6-hosts-by-efficiently-mapping-ip6-arpa “Finding v6 hosts by efficiently mapping ip6.arpa” #infosec #ipv6

(Originally on Twitter: Thu Mar 29 13:49:16 +0000 2012)

@fredraynal Congrats. If you are missing your fly, don’t hesitate to call us… to find a replacement ;-) #HITB2012KUL

(Originally on Twitter: Thu Mar 29 14:02:16 +0000 2012)

RT @ochsff: My hardcore forensic challenge with sexy shellcode is available from http://honeynet.org/node/828 now! Have fun! :)

(Originally on Twitter: Fri Mar 30 09:19:22 +0000 2012)

What a beautiful day? “Piping Python Through Pipes” http://code.google.com/p/pyp/ a nice and clean replacement to “perl -e” #mapreducein1line

(Originally on Twitter: Sat Mar 31 12:44:49 +0000 2012)

@karlpro I’m still in love with the Unix piping/streaming approach and its future is bright with map/reduce processing… #unix

(Originally on Twitter: Sat Mar 31 12:54:57 +0000 2012)

France ARCEP regulation about peering will just the move the IX peering in NL, DE, LU and BE. http://www.zdnet.fr/blogs/infra-net/l-arcep-s-attaque-au-peering-internet-39770250.htm

(Originally on Twitter: Sun Apr 01 06:56:55 +0000 2012)

RT @_saadk: Et si la sécurité baissait les bras ? http://www.zdnet.fr/blogs/cybervigilance/et-si-la-securite-baissait-les-bras-39769951.htm Excellent article de Pierre Caron d’Orange Labs #DFIR #CERT. Un m …

(Originally on Twitter: Sun Apr 01 07:27:13 +0000 2012)

RT @BMairlot: @adulau If the real reason behind collecting this information is to collect more taxes it could simply void the peering pr …

(Originally on Twitter: Sun Apr 01 17:40:29 +0000 2012)

RT @kryptera: The #Hackito 2012 #Crypto #Challenge is available here: http://2012.hackitoergosum.org/blog/crypto-challenge via @HackitoErgoSum

(Originally on Twitter: Mon Apr 02 19:04:15 +0000 2012)

@esizkur http://taskwarrior.org/ is quite nifty for task management especially if you like the tty too…

(Originally on Twitter: Mon Apr 02 19:05:18 +0000 2012)

http://cvo-lab.blogspot.fr/2012/04/saving-private-herm1t.html Vx Heavens is closed… any mirrors or copy somewhere? the history of virology is now gone… #infosec

(Originally on Twitter: Mon Apr 02 20:02:36 +0000 2012)

@DrWhax Thx. Would you share it somewhere? I’m asking @vxheavens if I could send hard-drives by post… for getting a copy.

(Originally on Twitter: Mon Apr 02 20:12:20 +0000 2012)

is listening to http://soundcloud.com/cthulhu/cthulhu-the-outside-world while trying to fix bugs in #Forban… maybe I should get some sleep. TB-303 bassline and iterators…

(Originally on Twitter: Mon Apr 02 21:08:32 +0000 2012)

I generated a Graphiz dot file (41MB) with all the BGP ASN paths of the day. You can use @gephi to visualize it http://www.foo.be/internet-dot/

(Originally on Twitter: Tue Apr 03 15:18:28 +0000 2012)

RT @jjarmoc: It seems the most recent build of Chrome is more aggressive about handling of certificate chains with weak signatures. http …

(Originally on Twitter: Tue Apr 03 15:53:15 +0000 2012)

@raffaelmarty @tricaud Thank you, I posted it on @secviz http://secviz.org/content/visualization-internet-bgp-paths-visualization-using-gephi-dataset-available BGP Paths visualization using @gephi + dataset available

(Originally on Twitter: Tue Apr 03 21:11:22 +0000 2012)

@daviddarts FYI, Matthias Strubel is working on https://github.com/MaStr/mkPirateBox-Forban an OpenWRT package for Forban - https://github.com/adulau/Forban

(Originally on Twitter: Wed Apr 04 11:12:07 +0000 2012)

When reversing some Flash exploits/malware, the archive of older Flash players is very handy… http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html

(Originally on Twitter: Wed Apr 04 18:42:14 +0000 2012)

http://commandcenter.blogspot.com.ar/2012/04/byte-order-fallacy.html An excellent overview from Rob Pike why you don’t have to take care of byte order except if there is a bug somewhere…

(Originally on Twitter: Wed Apr 04 20:47:46 +0000 2012)

@DidierStevens right because they care about ambiguity in program execution or bugs in interpretation of byte orders ;-)

(Originally on Twitter: Thu Apr 05 14:15:53 +0000 2012)

Some malware are bundled with components detected as “not-a-virus” to escape A/V detection… mixing white/black-lists wtf… #infosec

(Originally on Twitter: Thu Apr 05 15:07:07 +0000 2012)

RT @pretorienx: http://bit.ly/HjaEvs (Calling IDA APIs from IDAPython with ctypes) @PhysicalDrive0

(Originally on Twitter: Thu Apr 05 19:09:10 +0000 2012)

@eff https://www.eff.org/deeplinks/2012/03/zero-day-exploit-sales-should-be-key-point-cybersecurity-debate so what’s your recommendation for ethical/responsible disclosure? full and public anonymous disclosure? #infosec

(Originally on Twitter: Fri Apr 06 06:50:10 +0000 2012)

RT @bortzmeyer: @btabaka De toute façon, ce genre de consortium de gros requins nationaux incompétents ne pouvait qu’échouer (cf. Quaero).

(Originally on Twitter: Fri Apr 06 06:53:00 +0000 2012)

https://github.com/clearspring/stream-lib “… finding membership and top-k in streams for which it is infeasible to store all events” #infosec #datamining

(Originally on Twitter: Fri Apr 06 12:11:07 +0000 2012)

http://geer.tinho.net/geer.owasp.4iv12.txt Application Security Matters by Daniel E. Geer. The must read of the weekend. #infosec

(Originally on Twitter: Fri Apr 06 14:00:43 +0000 2012)

@quota_atypique It’s the case, they are in an operator for some part. Look at http://www.goodiff.org/changeset/563 and check for SMS. #cispa

(Originally on Twitter: Fri Apr 06 14:19:22 +0000 2012)

RT @0xabad1dea: #0x10c dev channel quote: “We’ll sell software as a service… call it nebula computing”

(Originally on Twitter: Fri Apr 06 19:38:32 +0000 2012)

BOFH meets SystemTap like a keylogger using SystemTap… http://stapbofh.krunch.be/ #infosec #linux #systemtap

(Originally on Twitter: Sat Apr 07 07:00:23 +0000 2012)

@Piratebox_Lille @daviddarts commited 2 fixes to improve Forban on the PirateBox The symlink and a rebuild factor. https://github.com/adulau/Forban/commits/master

(Originally on Twitter: Sat Apr 07 09:28:58 +0000 2012)

@aaronportnoy some “basic” component like MindshaRE: IDAception or ida2sql but no real software beside the BinCrowd service.

(Originally on Twitter: Sat Apr 07 18:55:33 +0000 2012)

@aaronportnoy I’m curious to see your presentation at Hackito. As we are also looking for technical possibilities to add sharing in IDA.

(Originally on Twitter: Sat Apr 07 18:57:29 +0000 2012)

@novytweety it’s on layer 3 in the OSI model. It’s at network layer (2) for the TCP/IP model.

(Originally on Twitter: Sun Apr 08 12:32:47 +0000 2012)

The leaked password dataset market… http://dazzlepod.com/uniqpass/ if some years ago, you told me about this, I wouldn’t believe you. #infosec

(Originally on Twitter: Sun Apr 08 17:48:37 +0000 2012)

RT @runasand: ChatSecure is an OTR-enabled XMPP client for iOS: https://github.com/chrisballinger/Off-the-Record-iOS (can also be found in the App Store).

(Originally on Twitter: Mon Apr 09 07:57:06 +0000 2012)

http://www.wired.com/threatlevel/2012/04/hacking-tools/ So I should stop to use tools to modify the execution path of malware. It’s an offence against malware. #wtf #legal

(Originally on Twitter: Mon Apr 09 15:32:18 +0000 2012)

@mjbrender That’s fucking crazy. Tools are just tools. Banning tools, EU just supports the attackers and kicks out the security researchers.

(Originally on Twitter: Mon Apr 09 15:46:23 +0000 2012)

RT @mjbrender: @adulau totally agreed. I can imagine the confusing political/nontechnical conversation, but it’s like outlawing knives b …

(Originally on Twitter: Mon Apr 09 15:53:20 +0000 2012)

just released Forban 0.0.32 - https://plus.google.com/u/0/112095729959662313642/posts/AN5wz8tzLsU #p2p #forban

(Originally on Twitter: Mon Apr 09 18:43:27 +0000 2012)

@BMairlot Yes but I was surprised to see people selling such dataset. By the way, if you are interested in such dataset, I might share one.

(Originally on Twitter: Mon Apr 09 18:45:18 +0000 2012)

http://zhodiac.hispahack.com/ “ Flash CVE-2012-0769: the case of the perfect info leak “ ASLR bypass mmm… #infosec

(Originally on Twitter: Mon Apr 09 19:00:53 +0000 2012)

https://www.samba.org/samba/security/CVE-2012-1182 “root” credential remote code execution in Samba. #infosec

(Originally on Twitter: Tue Apr 10 19:05:28 +0000 2012)

I’m curious if anyone try to compute collision with an infected payload with the zero-length test vector of the MD5 hashing function…

(Originally on Twitter: Wed Apr 11 14:57:58 +0000 2012)

Another good reason to check all the flashcard that you get from vendors or suppliers: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03249176 #infosec

(Originally on Twitter: Wed Apr 11 16:47:09 +0000 2012)

@philpraxis @hackitoergosum #hes2012 was really a superb edition in an incredible place. Except the “black/white-hat” discussion ;-) #hes

(Originally on Twitter: Mon Apr 16 07:29:17 +0000 2012)

Wow64RevertWow64FsRedirection “Failure to re-enable redirection should be considered a criticial failure and execution aborted.” You do?

(Originally on Twitter: Mon Apr 16 08:28:16 +0000 2012)

@HoffmannMich You are more than welcome to the talk… but I think the audience is a bit different than the traditional security conference.

(Originally on Twitter: Mon Apr 16 08:58:48 +0000 2012)

RT @cudeso: Interesting write up from @foxit on “nu.nl” hack http://bit.ly/zoQ9C5

(Originally on Twitter: Mon Apr 16 12:27:11 +0000 2012)

http://arxiv.org/abs/1204.3543 “Functional Magnetic Resonance Imaging and the Challenge of Balancing Human Security with State Security” Aie aie…

(Originally on Twitter: Tue Apr 17 08:15:23 +0000 2012)

RT @rommelfs: @julioauto @thomas_coseinc @thegrugq At @hack_lu we’ve had a brilliant beer tasting workshop in 2010 http://t.co/5gwFZdos :)

(Originally on Twitter: Tue Apr 17 15:04:01 +0000 2012)

A kind reminder to people still using Word processor for collaboration, the new and efficient technology is a text editor and git diff.

(Originally on Twitter: Tue Apr 17 19:50:50 +0000 2012)

@edarchis Sharepoint is like using a wiki while doing a heart transplantation on a moving zombie with a single finger.

(Originally on Twitter: Tue Apr 17 20:20:08 +0000 2012)

@xme “tc qdisc add dev eth0 root netem delay 200ms” and “tc qdisc change dev eth0 root netem loss 0.3%”

(Originally on Twitter: Wed Apr 18 15:56:37 +0000 2012)

@xme Sure. Linux Netem is designed to be used on routing or bridging interfaces. Have fun.

(Originally on Twitter: Thu Apr 19 06:35:02 +0000 2012)

RT @circl_lu: http://www.openssl.org/news/secadv_20120419.txt “Any application which uses BIO or FILE based functions to read untrusted DER format data is vulnerab …

(Originally on Twitter: Thu Apr 19 15:34:47 +0000 2012)

If you are curious about the OpenSSL vulnerability in OpenSSH, you should have a look at : http://news.ycombinator.com/item?id=3862796 #infosec

(Originally on Twitter: Thu Apr 19 18:44:34 +0000 2012)

Future looks bright IEC 61850-8-1 uses ASN.1 as encoding scheme. Not worries is usually just used for power plant and alike. #infosec

(Originally on Twitter: Fri Apr 20 09:41:12 +0000 2012)

RT @y0m: Last day to apply for #gsoc 2012 - http://bit.ly/HmmW2g - HoneyProxy, Wireshark, Androguard, Cuckoo, IPv6, etc.

(Originally on Twitter: Fri Apr 20 12:20:58 +0000 2012)

http://conferenze.dei.polimi.it/FDTC12/ “The 9th Workshop on Fault Diagnosis and Tolerance in Cryptography will be held in Leuven, on September 9, 2012.”

(Originally on Twitter: Fri Apr 20 13:41:13 +0000 2012)

@cbuchler Yep, it’s free software/opensource. It’s released under a BSD 3 clause license - http://opensource.org/licenses/BSD-3-Clause.

(Originally on Twitter: Sun Apr 22 08:57:03 +0000 2012)

https://raw.github.com/gleeda/misc-scripts/master/misc_python/mbr_parser.py works well but just need to decode the instruction in 16 bits (distorm3.Decode16Bits) @DidierStevens @gleeda

(Originally on Twitter: Sun Apr 22 09:59:39 +0000 2012)

@DidierStevens @gleeda works well but just need to decode the instruction in 16 bits (distorm3.Decode16Bits) (line 128). #infosec

(Originally on Twitter: Sun Apr 22 10:11:09 +0000 2012)

My summary photo shooting for the Today’s weather: http://www.flickr.com/photos/adulau/6956655022/in/photostream

(Originally on Twitter: Sun Apr 22 17:03:26 +0000 2012)

RT @jurajsomorovsky: Good news, our paper ‘On Breaking SAML’ has been accepted at USENIX: Prepare for a bunch of signature wrapping atta …

(Originally on Twitter: Sun Apr 22 17:12:49 +0000 2012)

Sometime the headhunters are not afraid to ask strange question, “Would you work for securing CVS?” Sorry? That’s a joke I suppose. #infosec

(Originally on Twitter: Mon Apr 23 19:23:59 +0000 2012)

@r00tbsd thank you for your support during the workshop ;-)

(Originally on Twitter: Tue Apr 24 14:41:38 +0000 2012)

RT @dakami: @crypt0ad yeah, I get my weakest speaker ratings from RSA. It’s an alternate universe there.

(Originally on Twitter: Tue Apr 24 19:29:16 +0000 2012)

I did a quick test with the Simtec Entropy Key http://www.foo.be/cgi-bin/wiki.pl/TestingSimtecEntropyKey a good improvement compared to entropy gathering from OS state #crypto

(Originally on Twitter: Wed Apr 25 20:13:57 +0000 2012)

@xme I suppose the infosec survey didn’t list the AssCERT or LAMN http://www.asscert.com/ in the possible certification… ;-)

(Originally on Twitter: Thu Apr 26 08:26:13 +0000 2012)

@xme Thx for the link. At least, the survey ask clearly “Are certifications useful?” I would replace the word “useful” by “dangerous”…

(Originally on Twitter: Thu Apr 26 08:38:43 +0000 2012)

Repeat after me “HTTP prefetching is evil” and don’t tell me you need it for speed. It’s a lie, you just want its abuse. #infosec

(Originally on Twitter: Fri Apr 27 12:37:36 +0000 2012)

If you still believe TCP injection is not practical, you should read this paper: http://arxiv.org/abs/1204.6623 “Off-Path Attacking the Web” #infosec

(Originally on Twitter: Tue May 01 08:31:18 +0000 2012)

RT @aionescu: Got held by US authorities for 8 hours on my way back from #syscan2012. Asked me all sorts of questions. @thomas_coseinc w …

(Originally on Twitter: Wed May 02 20:04:42 +0000 2012)

Another nice example of http://armoredcode.com/blog/open-the-code-or-review-it/ why the “certification” path for proprietary software vendor is a bloody mess for security…

(Originally on Twitter: Fri May 04 09:42:35 +0000 2012)

Listening to the album “Ten hymns for sorbetière” of Axiome (@Cdrk_Syrphe), I especially enjoy “Brise-Glace” nice stuff. #electro

(Originally on Twitter: Sun May 06 17:12:29 +0000 2012)

https://community.rapid7.com/community/metasploit/blog/2012/05/08/eternal-sunshine-of-the-spotless-ram starting process in suspended state in memory and replacing it with another process. #metasploit #infosec

(Originally on Twitter: Tue May 08 16:29:57 +0000 2012)

http://2012.hack.lu/ will be HAL style this year. CFP will be released in the next hours… #infosec #hacklu #conference #luxembourg

(Originally on Twitter: Tue May 08 16:44:44 +0000 2012)

@ddurvaux indeed memory analysis is the way to go. Checking the PEB table and inconsistency might be a good start.

(Originally on Twitter: Tue May 08 16:49:11 +0000 2012)

@thegrugq Exactly, when I saw it, it reminded me of your ul_exec code. Security is just how to recycle stuff ;-) #infosec

(Originally on Twitter: Tue May 08 19:05:31 +0000 2012)

@gal_diskin Yop. The nice thing in Metasploit is to make it a bit more accessible for quick-and-dirty works ;-) See you soon.

(Originally on Twitter: Tue May 08 21:06:08 +0000 2012)

RT @hack_lu: hack.lu 2012 call for papers is now open http://2012.hack.lu/cfp/ - http://2012.hack.lu/hacklu2012-cfp.txt don’t be shy to submit your security r …

(Originally on Twitter: Wed May 09 07:04:35 +0000 2012)

RT @bortzmeyer: The ISO dinosaur rubber-stamped the DOI technique (ISO 26324, of course not online). Irrelevant organization for an irre …

(Originally on Twitter: Fri May 11 08:09:00 +0000 2012)

At #tfcsirt a presentation of a #CTF used as CSIRT training. Interesting but they should participate to public CTF like http://2012.hack.lu/index.php/CaptureTheFlag

(Originally on Twitter: Fri May 11 08:36:23 +0000 2012)

@DrWhax That’s a good idea. For #hacklu 2012, we could submit some additional “CERT” challenges to the @fluxfingers CTF.

(Originally on Twitter: Fri May 11 08:52:01 +0000 2012)

@okoeroo The interesting part if the CTF is done by other people not in your direct field, you can be really challenged with new stuff. #fun

(Originally on Twitter: Fri May 11 08:55:17 +0000 2012)

RT @circl_lu: http://www.openssl.org/news/secadv_20120510.txt Invalid TLS/DTLS record attack (CVE-2012-2333) in OpenSSL. patch to OpenSSL 1.0.1c, 1.0.0j or 0.9.8x. …

(Originally on Twitter: Fri May 11 09:59:56 +0000 2012)

RT @Kaplan_CERTat: amnesty international was serving RAT tool (drive by download): http://www.zdnet.com/blog/security/amnesty-international-uk-compromised-serving-exploits-and-malware/9861

(Originally on Twitter: Fri May 11 10:32:11 +0000 2012)

@Kaplan_CERTat it’s indeed an old news but Sophos published an updated analysis http://community.websense.com/blogs/securitylabs/archive/2012/05/11/amnesty-international-uk-compromised.aspx with more details. (sample welcome)

(Originally on Twitter: Fri May 11 10:36:09 +0000 2012)

RT @malwarelu: Malware.lu opens its doors today. It is a repository of #malware and technical analysis hosted in #LU. See you on http:// …

(Originally on Twitter: Fri May 11 21:10:55 +0000 2012)

I was wondering if someone already did a simple sound recording/analysis from a server in a datacenter to discover access to its own rack.

(Originally on Twitter: Sat May 12 21:16:19 +0000 2012)

@kabel I was looking for previous experiments in the security field to detect motion with audio only. Not sure if this is regularly used.

(Originally on Twitter: Sat May 12 21:34:33 +0000 2012)

https://github.com/droe/sslsplit “SSLsplit - transparent and scalable SSL/TLS interception” and it supports SNI. To be tested. #infosec

(Originally on Twitter: Sun May 13 06:41:58 +0000 2012)

Random strike of the train drivers at the #SNCB #NMBS, I’ll do a random payment of my train subscription. #wtf #belgium

(Originally on Twitter: Mon May 14 05:17:17 +0000 2012)

RT @hack_lu: Usually during #hacklu, we have a Powerpoint-Karaoke, if you have good/ugly materials for the session. DM us. #infosec #fun …

(Originally on Twitter: Mon May 14 14:57:22 +0000 2012)

I really like when a malware operator recommends to install a specific rootkit detector like GMER. Can you smell something? #infosec

(Originally on Twitter: Mon May 14 18:33:06 +0000 2012)

@mikko Aren’t you mixing up Austria and Australia? ;-) #auscert

(Originally on Twitter: Tue May 15 12:15:03 +0000 2012)

http://code.google.com/p/truecrack/ “TrueCrack is a brute-force password cracker for TrueCrypt” Works with dictionary attack or “pre-charsets” selected.

(Originally on Twitter: Tue May 15 12:40:33 +0000 2012)

If you are looking for some statistics of the brand/model Android phone distribution for your next malware: http://opensignalmaps.com/reports/fragmentation.php?

(Originally on Twitter: Wed May 16 10:51:48 +0000 2012)

RT @luigi_auriemma: the continuos up&down of my website are caused by the usual automatic script of my hoster. don’t worry there is …

(Originally on Twitter: Wed May 16 11:19:44 +0000 2012)

@certbe Do you have any sample or MD5 values for the ransomware using the SABAM name that you could share? #malware

(Originally on Twitter: Wed May 16 11:47:46 +0000 2012)

@antirez Do you know if anyone already implemented patricia tree lookup for CIDR blocks in Redis? thank you #redis

(Originally on Twitter: Wed May 16 14:55:08 +0000 2012)

“Versions 3.2.0 and earlier of the pidgin-otr plugin contain a format string security flaw.” Arrggghhh, you know what you can update today.

(Originally on Twitter: Thu May 17 06:25:08 +0000 2012)

A reminder to the guy trying to kill my feet while jumping on Nitzer Ebb. Douglas McCarthy is also the vocalist with T. Fixmer. #ebm

(Originally on Twitter: Thu May 17 20:38:29 +0000 2012)

@r00bsd Maybe a sample analysis of Mebromi especially the part testing if the BIOS has been patched and doing the POST boot. #malware

(Originally on Twitter: Fri May 18 16:35:40 +0000 2012)

http://www.flickr.com/photos/adulau/7222556284/in/photostream In Amsterdam, I saw this swan with her nest. Another good reason to reduce your waste… #sooc #ecology

(Originally on Twitter: Fri May 18 18:22:54 +0000 2012)

http://www.chillingeffects.org/notice.cgi?sID=200613 “Notice Unavailable DMCA (Copyright) Complaint to Google Sent by: Microsoft To: Google” for a search about TCP ISN…

(Originally on Twitter: Sat May 19 06:12:04 +0000 2012)

http://rce.co/why-usermode-hooking-sucks-bypassing-comodo-internet-security/ Another concrete example bypassing hooks using SysWOW64 or why cross-compatibility is wonderful for abuse. #infosec

(Originally on Twitter: Sun May 20 16:05:53 +0000 2012)

@novytweety Sure, many people and organizations. @imrim @r00tbsd

(Originally on Twitter: Tue May 22 12:17:42 +0000 2012)

http://windowsontheory.org/2012/05/17/factoring-rsa-moduli-part-ii/ Another good reason why you need an additional external random source for your PRNG.

(Originally on Twitter: Tue May 22 13:44:58 +0000 2012)

@HoffmannMich Yep, there are some tshirts left. (it depends of your size ;-) of #hacklu 2011. I can arrange something.

(Originally on Twitter: Wed May 23 08:22:50 +0000 2012)

RT @kwisArts: Now #ebrc selling their services… Would much rather like to see the #picviz talk by @tricaud before I need to leave :(

(Originally on Twitter: Thu May 24 19:36:37 +0000 2012)

@sam280 For the #picviz regexp is used as a bootstrap to find the ones not matching the regexp but sharing the same geospace. AFAIK.

(Originally on Twitter: Fri May 25 07:39:57 +0000 2012)

http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1%5Breport_no%5D=121467 “100% protection against against 0-day malware attacks Samples used: 104” hmmm, I’m curious about the samples used

(Originally on Twitter: Fri May 25 12:50:33 +0000 2012)

@sm0k_ @r00tbsd I’m pretty sure with other random malware samples, the 100% will drop significantly… but can’t reproduce the experiment.

(Originally on Twitter: Fri May 25 14:27:15 +0000 2012)

@sm0k_ I’m curious. do you have technical details to reproduce the test from http://av-test.org? cc: @r00tbsd

(Originally on Twitter: Fri May 25 14:33:34 +0000 2012)

@avtestorg What’s the process to redo your test? especially the “against 0-day malware attacks” which samples were used. thank you.

(Originally on Twitter: Fri May 25 14:59:09 +0000 2012)

@sam280 yep, another DGA was found for a new Zeus variant based on the profile seen. But as you know, this requires some work in any case.

(Originally on Twitter: Fri May 25 19:19:47 +0000 2012)

RT @tqbf: s/CBC/CTR, sorry. CTR is more malleable than CBC. (You’re doomed w/o a MAC in both cases0.

(Originally on Twitter: Fri May 25 19:22:39 +0000 2012)

http://code.google.com/p/ouspg/wiki/Radamsa Radamsa is another fuzzer but quite simple to use for rapid testing/evaluation. #infosec

(Originally on Twitter: Fri May 25 19:30:18 +0000 2012)

RT @syn2cat: Registration for #haxogreen: http://www.haxogreen.lu/2012/Registration Early-bird till June 22nd.

(Originally on Twitter: Fri May 25 19:43:19 +0000 2012)

As discussed in Amsterdam @Kaplan_CERTat I commited version of gitlog2timesheet https://github.com/adulau/gitlog2timesheet without the Markov chain until now.

(Originally on Twitter: Sat May 26 10:17:15 +0000 2012)

@Kaplan_CERTat https://github.com/adulau/gitlog2timesheet added an “-t” option to display the total hours spent per repository/project nifty for EU projects rep.

(Originally on Twitter: Sat May 26 10:41:51 +0000 2012)

will be at #haxogreen to talk about “Forban Saving the Libraries by Sharing” http://www.foo.be/forban/ #archiving #books http://www.haxogreen.lu/2012/News#May_26th.2C_2012

(Originally on Twitter: Sat May 26 17:20:29 +0000 2012)

RT @adesnos: interesting to contribute to an open source seucurity project ? Join us ! http://code.google.com/p/androguard/

(Originally on Twitter: Mon May 28 00:05:40 +0000 2012)

The substitution of the day A**/M** P*** (P**) is “Actel Microsemi ProASIC3 (PA3)” #crypto

(Originally on Twitter: Mon May 28 08:03:32 +0000 2012)

http://code.google.com/p/malware-lu/wiki/en_ripper_metasm A nifty ASM ripper relying on #metasm made by @r00tbsd

(Originally on Twitter: Tue May 29 10:10:41 +0000 2012)

RT @mgroeninger: Draft paper of FPGA-silicon backdoor https://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf

(Originally on Twitter: Tue May 29 13:06:46 +0000 2012)

@cryptopathe “Le dépouillement s’effectue en mémoire sans journalisation.” Je suppose que c’est le 1er avril ;-) #crypto #paperisstillbetter

(Originally on Twitter: Tue May 29 13:20:27 +0000 2012)

There will be very soon a first challenge to win @hack_lu tickets but this time not for breaking stuff but building stuff. #infosec

(Originally on Twitter: Tue May 29 15:14:21 +0000 2012)

Today I’m in the mood of leaking private keys material within the TCP ISN. I’m wondering why… #malware

(Originally on Twitter: Tue May 29 19:03:02 +0000 2012)

RT @hack_lu: First challenge to win #hacklu 2012 tickets in partnership with @DragonResearch https://dragonresearchgroup.org/challenges/HOTCRP/ improving the securit …

(Originally on Twitter: Wed May 30 19:44:53 +0000 2012)

RT @sergeybratus: NYT #Stuxnet article makes no mention of the Siemens’ equipment audit by INL, which NYT in http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?_r=1&pagewanted=all allege …

(Originally on Twitter: Sat Jun 02 09:18:54 +0000 2012)

RT @SteveClement: “@syn2cat: New entry at planet syn2cat - Installing Forban on Arch#linux with dedicated user - http://bit.ly/JXNMDr”

(Originally on Twitter: Sat Jun 02 19:00:08 +0000 2012)

@koenvervloesem rdiff-backup over ssh works like a charm even for pretty large file-system.

(Originally on Twitter: Sun Jun 03 18:46:37 +0000 2012)

http://www.symantec.com/connect/blogs/trojantatanargb-careful An interesting trojan installing an SSL proxy via the browser. Simple and efficient. #malware

(Originally on Twitter: Sun Jun 03 20:00:09 +0000 2012)

Today’s in LinkedIn premises. “Nice! that the IPv6 addresses of the customer using IPv6… no, it’s just their hashes”. #ipv6day #infosec

(Originally on Twitter: Wed Jun 06 13:11:06 +0000 2012)

If you want some stickers for @hack_lu, just ping me. I should receive them tomorrow. #infosec #hacklu

(Originally on Twitter: Wed Jun 06 14:29:03 +0000 2012)

RT @ddurvaux: @adulau @hack_lu take some with you at #FIRSTCON

(Originally on Twitter: Wed Jun 06 14:57:11 +0000 2012)

RT @fredraynal: Il reste 6 “places” pour le challenge Ruff #sstic. Hop hop on s active ! RT svp

(Originally on Twitter: Wed Jun 06 15:00:41 +0000 2012)

http://code.google.com/p/ics-openvpn/ a port of OpenVPN for Android API level 14+, so you don’t need to be root. It seems interesting, code review needed.

(Originally on Twitter: Thu Jun 07 08:48:26 +0000 2012)

RT @rommelfs: I guess non-proportional typefaces in MS training presentations are against corporate identity. But I request exceptions f …

(Originally on Twitter: Thu Jun 07 09:22:34 +0000 2012)

just heard that a @hack_lu sponsor @conostix will offer some IDA licenses for the winners of the @fluxfingers CTF. #infosec

(Originally on Twitter: Thu Jun 07 13:21:59 +0000 2012)

RT @Guillaume_Lopes: Et si on lancait un challenge pour retrouver l’identite de celui qui a pirate @zythom ? #sstic

(Originally on Twitter: Thu Jun 07 13:47:24 +0000 2012)

http://www.bbc.com/news/technology-18351995 “UN urges co-operation to prevent global cyberwar” Cooperating avoids to have 2 different malware on the same target

(Originally on Twitter: Fri Jun 08 09:27:10 +0000 2012)

@rbidule A timeshare model for malware installation, maintenance and operation could be nice. But how the clean-up is done after each owner?

(Originally on Twitter: Fri Jun 08 14:28:47 +0000 2012)

http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-666.pdf “A pact with the Devil” Another way to propagate malware -> incentiveware (forget the scareware) #infosec

(Originally on Twitter: Sat Jun 09 06:17:15 +0000 2012)

If you want to save the libraries, you can join me at #haxogreen https://haxogreen.lu/schedule/2012/events/1.en.html #p2p

(Originally on Twitter: Sat Jun 09 12:11:29 +0000 2012)

RT @xme: Stickers! Thanks to #hack_lu /Cc @adulau

(Originally on Twitter: Mon Jun 11 20:55:14 +0000 2012)

@jaysonstreet this was fast, you already received them ;-) Happy that you liked it. #hacklu

(Originally on Twitter: Tue Jun 12 18:08:17 +0000 2012)

I’ll be at #FIRSTCON next week. If you want to discuss, sign a PGP key or have a sticker for #hacklu. Let me know.

(Originally on Twitter: Tue Jun 12 18:26:44 +0000 2012)

@Pinboard What’s the ‘iotop’ output when you have the sudden peak load? and a ‘vmstat 2’ output? By the way, I love @pinboard.

(Originally on Twitter: Tue Jun 12 20:06:17 +0000 2012)

@Pinboard As you are using a SAS9211-8 card, you might want to check if you got the integrated or external firmware. Are you using md RAID?

(Originally on Twitter: Tue Jun 12 20:17:50 +0000 2012)

RT @alcyonsecurity: Dear vendor, not keeping promises yourself and threatening a vuln reporter with taking legal actions is not nice #re …

(Originally on Twitter: Wed Jun 13 12:10:49 +0000 2012)

http://code.google.com/p/ghost-usb-honeypot/ Ghost is a honeypot for malware that spreads via USB storage devices. #infosec #honeypot

(Originally on Twitter: Fri Jun 15 06:02:35 +0000 2012)

RT @courts: I have to take away my colleague’s geek badges. They didn’t recognize HAL 9000 on hack.lu’s stickers #hacklu #spaceodyseey

(Originally on Twitter: Fri Jun 15 10:38:59 +0000 2012)

RT @DragonResearch: Win a free pass to hack.lu, take the DRG administered HotCRP challenge http://dragonresearchgroup.org/challenges/HOTCRP/

(Originally on Twitter: Fri Jun 15 13:49:24 +0000 2012)

#PSES I do not agree on the fact that Internet should have laws because it’s part of our life. Without law is sometime better @bortzmeyer

(Originally on Twitter: Sat Jun 16 16:35:41 +0000 2012)

#PSES But I do agree with the “don’t” mentioned by @bortzmeyer

(Originally on Twitter: Sat Jun 16 16:41:02 +0000 2012)

#PSES @bortzmeyer to have a law effective for Internet, you need to attach it to a State. So it’s better to forget about the laws.

(Originally on Twitter: Sat Jun 16 16:47:43 +0000 2012)

At @terena #tfcsirt listening a presentation about the implementation of an ISMS in an university. I should be outside enjoying the sun…

(Originally on Twitter: Sun Jun 17 12:35:16 +0000 2012)

@JanetCSIRT Very often the money spent on an ISMS is moved from operational security towards certifications… that’s a pity. #infosec

(Originally on Twitter: Sun Jun 17 12:53:13 +0000 2012)

At #FIRSTCON , don’t forget to join the @DragonResearch booth and register for the challenges https://dragonresearchgroup.org/challenges/FIRST2012/

(Originally on Twitter: Mon Jun 18 10:09:09 +0000 2012)

@ChrisJohnRiley Don’t over estimate those lists. It’s a good way to get the right contacts… it’s just a starting point. #infosec #FIRSTCON

(Originally on Twitter: Mon Jun 18 12:09:12 +0000 2012)

@DidierStevens @ChrisJohnRiley we can meet at the DRG lounge. I’m there the whole Wednesday and Friday morning. #FIRSTCON

(Originally on Twitter: Mon Jun 18 12:20:47 +0000 2012)

RT @forensikblog: Volatility plugin to detect Poison Ivy in memory and dump run-time config: http://r.forens.is/volpi #dfir #FIRSTCON

(Originally on Twitter: Mon Jun 18 15:31:40 +0000 2012)

At 16:30 in Portomaso I+II, don’t forget to join our panel talk about “passive DNS implementation, mining and visualization” #firstcon

(Originally on Twitter: Tue Jun 19 13:09:01 +0000 2012)

@tricaud presented furl https://github.com/stricaud/furl #firstcon - a nifty tool/library to parse ugly URLs

(Originally on Twitter: Wed Jun 20 14:11:06 +0000 2012)

@rrrayfoo Good point. Maybe we should do an infosec conference with just lightning talks… then people select the 1 hour talk from those.

(Originally on Twitter: Wed Jun 20 14:28:15 +0000 2012)

Tinba malware presented as a lightning talk (makes sense 20KB versus 5 minutes) at #firstcon #malware #tinba

(Originally on Twitter: Wed Jun 20 14:33:59 +0000 2012)

@rrrayfoo I vote for it ;-) a FIRST lightning talk edition in a Nordic country (to avoid the air conditioning…). #firstcon

(Originally on Twitter: Wed Jun 20 14:41:19 +0000 2012)

@DrWhax it seems to be the main component. So it’s still quite small compared to the other bankers web inject malware.

(Originally on Twitter: Wed Jun 20 14:43:30 +0000 2012)

I don’t mind Alaska as long we have at least 100 lightning talks ;-) @droopydog500 #FIRSTcon

(Originally on Twitter: Wed Jun 20 14:48:59 +0000 2012)

@blackswanburst presents a report about ICS - SCADA exposure at #FIRSTCON done via shodan - showing that ICS exposure is real. #infosec

(Originally on Twitter: Wed Jun 20 15:00:26 +0000 2012)

@DrWhax Don’t know the policy at FIRST for the slides publication, I suppose the lightning talks will be available. #FIRSTcon

(Originally on Twitter: Wed Jun 20 15:06:28 +0000 2012)

Even for designing presentations slides, there are cultural differences. #FIRSTcon

(Originally on Twitter: Wed Jun 20 15:13:35 +0000 2012)

Masato is ON STAGE ! at #FIRSTcon

(Originally on Twitter: Wed Jun 20 15:33:10 +0000 2012)

RT @mckeay: You can tell its day 4 of the conference and that people had a lot of fun last night. Too much fun, possibly #FIRSTCON http: …

(Originally on Twitter: Thu Jun 21 07:52:18 +0000 2012)

A second bonus challenge https://www.dragonresearchgroup.org/challenges/FIRST2012/213d7f26db51e9ef7390161c87c3a70b24e9dbac/ where you’ll win a special prize for limited supply! #firstcon @DragonResearch

(Originally on Twitter: Thu Jun 21 12:10:06 +0000 2012)

I’ll get a virtual prize from @ksv for @rommelfs and @clausoverbeck who solved one challenge remotely for #firstcon @DragonResearch

(Originally on Twitter: Fri Jun 22 08:05:13 +0000 2012)

Don’t forget the call for papers for hack.lu 2012 will close in 23 days. https://2012.hack.lu/cfp/ #hacklu #cfp #infosec

(Originally on Twitter: Fri Jun 22 10:07:13 +0000 2012)

@DidierStevens Sure. We will glad to have you at the conference. #hacklu Thank you !

(Originally on Twitter: Fri Jun 22 10:14:49 +0000 2012)

Listening to the operation b71 presentation from Microsoft and NACHA about Zeus disruption. I’m close to ask a question… #firstcon

(Originally on Twitter: Fri Jun 22 12:48:54 +0000 2012)

@rbidule I did but they didn’t comment about it. It will be off-list ;-) #firstcon

(Originally on Twitter: Fri Jun 22 12:56:53 +0000 2012)

http://www.president.ee/en/official-duties/speeches/7589-the-president-of-estonia-at-the-international-conference-of-cyber-conflict-8-june-2012/ Usually I don’t like political declaration but this one is great. President of Estonia about cyberspace. #infosec

(Originally on Twitter: Sat Jun 23 16:03:16 +0000 2012)

@erpscan Did you contact the CERTs about the vulnerable ERP found on Internet? #infosec #sap

(Originally on Twitter: Mon Jun 25 14:21:27 +0000 2012)

https://www.rommelfangen.de/nucleus/item/34 @rommelfs did a small write-up of the small bonus challenge with the virtual prize by @ksv - @DragonResearch

(Originally on Twitter: Mon Jun 25 15:11:43 +0000 2012)

http://users.isc.org/~edmonds/presentations/rsfcode.html#(1) ISC released as open source their whole Passive DNS replication. #infosec #dns http://rsfcode.isc.org/

(Originally on Twitter: Tue Jun 26 06:01:07 +0000 2012)

The example of the security circus: the car alarm. That costs money and annoy everyone (except the robber).

(Originally on Twitter: Thu Jun 28 07:18:49 +0000 2012)

http://hal.inria.fr/docs/00/70/47/90/PDF/RR-7944.pdf Efficient Padding Oracle Attacks on Cryptographic Hardware #crypto

(Originally on Twitter: Thu Jun 28 13:22:14 +0000 2012)

RT @Regiteric: Attack on application layer gateway is now available in #nmap scripting engine thanks to @kroosec : http://seclists.org/nmap-dev/2012/q2/629 …

(Originally on Twitter: Fri Jun 29 07:37:12 +0000 2012)

@bortzmeyer Je ne comprends pas. Il y a vraiment des gens qui n’utilisent pas de sac à dos pour aller travailler?

(Originally on Twitter: Fri Jun 29 13:52:03 +0000 2012)

@dzidorius The email is correct… but I’m not sure that I got that one.

(Originally on Twitter: Fri Jun 29 14:54:34 +0000 2012)

You touch time_t and then a whole class of software from kernel to user-space is going crazy. It’s just 1 second. Now imagine the overflow.

(Originally on Twitter: Sun Jul 01 07:40:24 +0000 2012)

Thanks for the FF @rrrayfoo and @blackswanburst Hope to see you during @hack_lu 2012 #hacklu

(Originally on Twitter: Sun Jul 01 07:45:54 +0000 2012)

Listening to Cthulhu - Malevolent attitude by Cthulhu via #soundcloud http://soundcloud.com/cthulhu/cthulhu-malevolent-attitude?utm_source=soundcloud&utm_campaign=share&utm_medium=twitter&utm_content=http://soundcloud.com/cthulhu/cthulhu-malevolent-attitude while compiling crappy code… seems appropriate.

(Originally on Twitter: Sun Jul 01 10:01:58 +0000 2012)

A new standard for #infosec information sharing but the standard is not publicly available ISO/IEC 27010:2012 pfff, this will help sharing

(Originally on Twitter: Mon Jul 02 12:13:50 +0000 2012)

Teaching software engineering and you want to give a real security exercise to fix an existing software -> https://dragonresearchgroup.org/challenges/HOTCRP/ #infosec

(Originally on Twitter: Tue Jul 03 08:53:07 +0000 2012)

RT @spiwit: Last hour to have your say no #ACTA before the EP plenary vote !!! http://piphone.lqdn.fr @laquadrature

(Originally on Twitter: Wed Jul 04 09:39:42 +0000 2012)

https://github.com/fln/addrwatch arpwatch on steroid for ipv6/ipv4 -> a nice way to monitor the layer-2 activities. #infosec

(Originally on Twitter: Thu Jul 05 07:28:51 +0000 2012)

RT @hack_lu: 10 days left until the call for paper closing for hack.lu 2012 #cfp don’t forget to submit your talk/paper. #hacklu http:// …

(Originally on Twitter: Thu Jul 05 11:54:48 +0000 2012)

@jpflorent #loremipsum is usually to fill the space of someone who promised to write something and never did so. like #inusuminus

(Originally on Twitter: Thu Jul 05 13:54:44 +0000 2012)

Yes I’m still a user of UUCP (over SSH) and I have no shame. UUCP is the delay tolerant networking for the mortals. #unix

(Originally on Twitter: Fri Jul 06 19:19:46 +0000 2012)

RT @hackerschoice: thc-ipv6 v1.9 is now available! New tools, bugfixes … get it at http://www.thc.org/thc-ipv6 #ipv6

(Originally on Twitter: Fri Jul 06 19:53:00 +0000 2012)

The call for paper for hack.lu 2012 will be closed in 5 days…time to submit your crazy #infosec stuff ;-) #hacklu http://2012.hack.lu/cfp/

(Originally on Twitter: Tue Jul 10 20:22:34 +0000 2012)

@xme it’s an inject script for the DOM. It’s not Zbot but maybe another similar malware.

(Originally on Twitter: Tue Jul 10 20:34:30 +0000 2012)

https://github.com/yasm/yasm “The Yasm Modular Assembler Project” Seems not too bad as a companion to nasm. to be tested.

(Originally on Twitter: Tue Jul 10 20:36:49 +0000 2012)

If you are a regular user of @Gephi, it might be worth to consider a donation to them. http://pledgie.com/campaigns/13977 #infovis #infosec

(Originally on Twitter: Wed Jul 11 14:26:01 +0000 2012)

So Orange said it was a software upgrade issue that broke the mobile network… Again difficult for #infosec people to ask for upgrade.

(Originally on Twitter: Wed Jul 11 19:52:42 +0000 2012)

RT @AdamWintle: Well done @github for raising a $100m investment. This also means Linus Torvalds has created two billion-dollar industri …

(Originally on Twitter: Wed Jul 11 20:07:42 +0000 2012)

RT @therealsaumil: My 14th year in a row at #Blackhat and 7th year teaching #Exploitlab - http://blog.exploitlab.net/2012/07/countdown-to-blackhat-usa-2012.html - Can’t wait for the awes …

(Originally on Twitter: Wed Jul 11 20:27:11 +0000 2012)

RT @circl_lu: Important security upgrade for SPIP Users, upgrade to 3.0.3, 2.1.16 and 2.0.21 ASAP. It’s exploited and abused. http://t.c …

(Originally on Twitter: Thu Jul 12 12:13:11 +0000 2012)

Trying to bring Do-Ocracy to the local election in Belgium - Probability value is 0.12 it’s low but it’s still 0.12 http://www.communitywiki.org/DoOcracy

(Originally on Twitter: Thu Jul 12 16:44:37 +0000 2012)

RT @SteveClement: Non-Newtonian Fluid Pool Party

http://www.youtube.com/watch?v=qFMwqGucfvw&feature=related

#Scientists #Rockstars

(Originally on Twitter: Thu Jul 12 16:51:23 +0000 2012)

RT @syssecproject: Details on the 1st #SysSec summer school announced. Its main topic will be reverse-engineering of #malware. http://t. …

(Originally on Twitter: Fri Jul 13 12:30:20 +0000 2012)

Merci pour le #FF @Giribot Viens-tu à #haxogreen 2012 (fin juillet) ou @hack_lu 2012 (fin octobre)? http://haxogreen.lu/schedule/2012/events/1.en.html

(Originally on Twitter: Fri Jul 13 12:42:03 +0000 2012)

http://freehaven.net/anonbib/papers/pets2012/paper_57.pdf Spying in the Dark: TCP and Tor Traffic Analysis from Yossi Gilad and Amir Herzberg

(Originally on Twitter: Fri Jul 13 12:54:32 +0000 2012)

@JackHerrick without the craziness of the deletionists it would be already above 4 millions ;-) #wikipedia #wikimania

(Originally on Twitter: Fri Jul 13 14:05:19 +0000 2012)

+1 http://news.ycombinator.com/item?id=4243442 “it’s too easy to flag something for deletion and too difficult to counter the deletionist argument” #wikipedia

(Originally on Twitter: Sat Jul 14 09:08:05 +0000 2012)

RT @tolmasky: When software you use and rely on suddenly becomes discontinued, you begin to understand what all those GPL guys are reall …

(Originally on Twitter: Sun Jul 22 19:51:53 +0000 2012)

Back to real, after 1 week without connectivity, my UUCP over SSH will now run for the whole night to process fully its queue.

(Originally on Twitter: Sun Jul 22 19:52:31 +0000 2012)

http://webstersprodigy.net/2012/07/22/metasploit-generic-ntlm-relay-module/ “Metasploit Generic NTLM Relay Module” #infosec

(Originally on Twitter: Sun Jul 22 20:35:08 +0000 2012)

@pinboard Do you plan to add the for: tag and its sending functionality in your wonderful web service? That would be very nice.

(Originally on Twitter: Mon Jul 23 07:27:12 +0000 2012)

RT @hack_lu: one topic in the nominee of the http://pwnies.com/nominations/ @PwnieAwards 2012 will have a slot at @hack_lu 2012… infosec can be …

(Originally on Twitter: Mon Jul 23 09:45:58 +0000 2012)

@r00tbsd Nope, I’ll be at #haxogreen in the next days.

(Originally on Twitter: Mon Jul 23 12:36:02 +0000 2012)

RT @mattblaze: Security excuse protip: you can’t claim “the attack doesn’t work” and “this is too dangerous to reveal” at the same time.

(Originally on Twitter: Mon Jul 23 16:39:37 +0000 2012)

http://arxiv.org/abs/1206.6389 “Poisoning Attacks against Support Vector Machines” #infosec If you use SVM for your data analysis, be aware…

(Originally on Twitter: Mon Jul 23 20:10:44 +0000 2012)

Don’t read this paper http://arxiv.org/abs/1207.5627 you’ll be scared by the mix RFID-Biometric System and the protocol design.

(Originally on Twitter: Wed Jul 25 09:31:52 +0000 2012)

@AndreasVn The best if you are interested in doing infosec, practise is key. Take a security topic and dig into it as deep as you can do.

(Originally on Twitter: Wed Jul 25 15:05:10 +0000 2012)

http://www.flickr.com/photos/adulau/sets/72157630750870918/show/ I took some pictures of a friendly group doing skate boarding in Vannes… #photography

(Originally on Twitter: Wed Jul 25 21:32:22 +0000 2012)

http://www.wired.com/threatlevel/2012/07/adsb-spoofing/ “These risks are security sensitive and are not publicly available.” about ADS-B… oh it’s just air traffic control.

(Originally on Twitter: Thu Jul 26 06:39:20 +0000 2012)

Currently reviewing some papers for @hack_lu 2012 really nice stuff were submitted… I hope we have enough space for all of them. #hacklu

(Originally on Twitter: Thu Jul 26 08:48:31 +0000 2012)

@yerden Sure slides are usually available in the archive. But the best experience is to come over at @hack_lu hope to see u there.

(Originally on Twitter: Thu Jul 26 17:37:10 +0000 2012)

“NIST Guide to Malware Incident Prevention and Handling for Desktops and Laptops (Draft)” http://csrc.nist.gov/publications/drafts/800-83-rev1/draft_sp800-83-rev1.pdf

(Originally on Twitter: Thu Jul 26 21:23:41 +0000 2012)

@Pinboard is so incredible that I found a research dataset with 10.000 cat faces http://137.189.35.203/WebUI/CatDatabase/catData.html #fun

(Originally on Twitter: Thu Jul 26 21:32:36 +0000 2012)

http://www.mariofrank.net/touchalytics/ “Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication”

(Originally on Twitter: Fri Jul 27 08:30:38 +0000 2012)

If you are @ #haxogreen, I just started a Forban node f1 on the network… http://10.42.44.83:12555/ enjoy and don’t hesitate to start your.

(Originally on Twitter: Fri Jul 27 14:04:24 +0000 2012)

@ForumNucleaire it’s not because a nuclear plant builder is joining a legacy nuclear operator association that they talk about security…

(Originally on Twitter: Fri Jul 27 14:37:24 +0000 2012)

An impressive stormy weather at #haxogreen but everyone is going well. A fallen tree blocks a small entry. See you tomorrow.

(Originally on Twitter: Fri Jul 27 22:23:01 +0000 2012)

RT @fluxfingers: wolkenbruch bei #haxogreen. die #fluxfingers #partycrew hat überlebt. Ein Baum umgefallen, mehrere Zelte verschoben/zus …

(Originally on Twitter: Fri Jul 27 22:23:54 +0000 2012)

RT @push_pnx: Just blogged about the WinAPI browsing feature that I have integrated into IDAscope: http://pnx-tf.blogspot.de/2012/07/idascope-update-winapi-browsing.html #idascope

(Originally on Twitter: Fri Jul 27 22:26:37 +0000 2012)

RT @Pinboard: It tickles me when brand new startups have a hiring page called ‘careers’. Let’s just call it ‘jobs’ for a while, son…

(Originally on Twitter: Sat Jul 28 08:02:33 +0000 2012)

My SOAP workshop is moved at 13:00 just after the lightning talks in the same room of the lightning talks. #haxogreen

(Originally on Twitter: Sat Jul 28 10:19:58 +0000 2012)

An interesting lightning talks at #haxogreen about OpenPilot, a complete ecosystem for flying or driving anything http://www.openpilot.org/

(Originally on Twitter: Sat Jul 28 10:35:42 +0000 2012)

RT @cbuchler: So we’ve collected +300euro to donate a present to camp orga in less than 30minutes this is awesome #haxogreen

(Originally on Twitter: Sat Jul 28 10:43:21 +0000 2012)

camera http://10.42.44.155/index1.htm username is haxogreen without password #haxogreen have fun and enjoy the table ;-)

(Originally on Twitter: Sat Jul 28 15:42:04 +0000 2012)

https://bugzilla.mozilla.org/show_bug.cgi?id=778686 “ Blocklist npuplaypc.dll (uplaypc/Ubisoft Uplay) plugin” run executables at arbitrary paths?

(Originally on Twitter: Mon Jul 30 14:29:17 +0000 2012)

https://github.com/tarcieri/cryptosphere “A global decentralized encrypted datastore with anonymous publishing” interesting #infosec

(Originally on Twitter: Tue Jul 31 11:21:01 +0000 2012)

http://attrition.org/errata/plagiarism/rahul_tyagi/emails.html Very often infosec can be painful but here we have a nice example of infosec plagiarism entertainment…

(Originally on Twitter: Tue Jul 31 13:37:41 +0000 2012)

http://www.ctftime.org/event/38/ Hack.lu CTF 2012 on http://ctftime.org #hacklu @fluxfingers

(Originally on Twitter: Tue Jul 31 14:26:11 +0000 2012)

@mruef Yep, I would be curious to see how many Schopenhauer Stratagems he is using http://ebooks.adelaide.edu.au/s/schopenhauer/arthur/controversy/ @attritionorg

(Originally on Twitter: Tue Jul 31 14:29:57 +0000 2012)

Sometime if you bet with @rommelfs regarding some advanced MacOS malware, you got 2 kilograms of dark chocolate. Thanks a zillion.

(Originally on Twitter: Wed Aug 01 19:23:57 +0000 2012)

And then CVE-2012-2665 is there…

(Originally on Twitter: Thu Aug 02 20:36:42 +0000 2012)

is looking for that sample MD5:d166a59e71535a42267e9fa993ca8e7e #malware

(Originally on Twitter: Fri Aug 03 07:29:45 +0000 2012)

RT @angelodellaera: Honeynet Project Forensic Challenge 12 – “Hiding in Plain Sight“ starting today! Have fun! https://www.honeynet.org/node/906

(Originally on Twitter: Fri Aug 03 08:43:13 +0000 2012)

For the curious, my slides about Forban and how to do SOAP given at #haxogreen are available http://www.foo.be/haxogreen2012/

(Originally on Twitter: Fri Aug 03 08:47:40 +0000 2012)

https://github.com/bitly/dablooms A Scalable, Counting, Bloom Filter library in C with Python wrappers…

(Originally on Twitter: Sat Aug 04 06:44:03 +0000 2012)

http://seclists.org/fulldisclosure/2012/Aug/4 “nvidia linux binary driver priv escalation exploit” If someone is telling me that binary blobs is not risky, I’ll hit.

(Originally on Twitter: Sat Aug 04 14:22:43 +0000 2012)

When shooting this picture http://www.flickr.com/photos/adulau/7712545428/ I immediately thought of the security circus…

(Originally on Twitter: Sat Aug 04 20:48:36 +0000 2012)

What’s next? We are lacking oxygen (O2) in the office, http://wikipedia.org is down and then what? the magma is getting crazy.

(Originally on Twitter: Mon Aug 06 14:00:19 +0000 2012)

RT @adesnos: try our native decompiler DAD of android app: http://androguard.blogspot.fr/2012/08/androguard-15.html #android #decompiler #python

(Originally on Twitter: Tue Aug 07 07:47:23 +0000 2012)

Interesting the next generation packet-o-matic is now on @github https://github.com/gmsoft-tuxicoman/pom-ng looks promising…

(Originally on Twitter: Wed Aug 08 13:39:32 +0000 2012)

@novytweety @fvilers “Whiz Kids” that’s the only one ;-)

(Originally on Twitter: Sun Aug 12 17:16:04 +0000 2012)

A small reminder for the people regularly using PGP, if you BCC someone, I will see the PGP key_id of the BCCs in the OpenPGP message…

(Originally on Twitter: Mon Aug 13 13:04:37 +0000 2012)

@jaceksz @wimres You’re welcome. It seems that not all MUA/PGP interface warns the user when doing BCCs and PGP at the same time. #infosec

(Originally on Twitter: Mon Aug 13 13:15:04 +0000 2012)

http://arxiv.org/abs/1208.2169 “Securing Speech in GSM Networks using DES with Random Permutation and Inversion Algorithm” Can this be implemented?

(Originally on Twitter: Mon Aug 13 13:53:30 +0000 2012)

http://www-01.ibm.com/support/docview.wss?uid=swg21607482 “IBM WebSphere MQ File Transfer Edition Web Gateway vulnerable “ @r00tbsd

(Originally on Twitter: Mon Aug 13 14:12:36 +0000 2012)

Some interesting examples of the ineffectiveness of surveillance cameras http://www.notbored.org/cameras-not-effective.html #privacy #securitycircus

(Originally on Twitter: Mon Aug 13 19:38:50 +0000 2012)

http://arxiv.org/abs/1208.2357 “TCP Injections for Fun and Clogging” Another good reason why SACK (selective Ack) TCP option must be enabled…

(Originally on Twitter: Tue Aug 14 08:26:15 +0000 2012)

I just found back an old paper in my cellar http://www.foo.be/torinj/ “Torinj : Automated Exploitation Malware Targeting Tor Users” Yep, 2009 ;-)

(Originally on Twitter: Tue Aug 14 14:44:38 +0000 2012)

http://news.ycombinator.com/item?id=4381165 If Kaspersky wants to solve the “Gauss” encrypted payload, looking into malware dropzone of .IR infected sys

(Originally on Twitter: Tue Aug 14 19:48:50 +0000 2012)

to build a dataset of the most probable environment path of machine in IR/LB might an approach to reduce the exhaustive search.

(Originally on Twitter: Tue Aug 14 19:51:03 +0000 2012)

@remi_laurent @william_robinet Compromised machine in those countries to gather a set of installed applications and build a probable set.

(Originally on Twitter: Wed Aug 15 05:47:09 +0000 2012)

http://www.debian.org/News/weekly/2011/15/#javarm When security is weakened due to licensing…. #java #infosec

(Originally on Twitter: Thu Aug 16 17:15:14 +0000 2012)

RT @SteveClement: No Mr. Officer this does not look like a dump(er) #ChipPolice

(Originally on Twitter: Thu Aug 16 17:16:53 +0000 2012)

I like those statements “This attack is not new” and then? It’s not new and it’s widely used. So move your ass to fix the issue? #infosec

(Originally on Twitter: Fri Aug 17 13:20:06 +0000 2012)

Some people are swimming in #chassepierre http://www.flickr.com/photos/adulau/7815260190/in/photostream and some are playing cup and ball http://www.flickr.com/photos/adulau/7815330644/in/photostream/

(Originally on Twitter: Sun Aug 19 14:45:20 +0000 2012)

A note to small provider like @facebook if you provide SSL access to your website, maybe should do it for all traffic including static pages

(Originally on Twitter: Mon Aug 20 12:07:14 +0000 2012)

#hacklu @hack_lu some invited talks and workshops are now announced http://2012.hack.lu/index.php/List - the accepted talks will follow in the next days..

(Originally on Twitter: Mon Aug 20 14:01:45 +0000 2012)

http://chiny-florenville.ecolo.be/?q=piquenique_compost “Un pique nique pour tout savoir sur le compost” Si vous êtes en Gaume, c’est une bonne occasion. @Ecolo

(Originally on Twitter: Tue Aug 21 09:22:42 +0000 2012)

If you are operating recent Ubuntu server or desktop, you might want to disable /etc/default/whoopsie -> report_crashes=true #infosec

(Originally on Twitter: Tue Aug 21 12:19:36 +0000 2012)

RT @Dinosn: Making IDA ::1 Part One – YARA Signature Creation http://blog.accuvantlabs.com/blog/case-b/making-ida-1-part-one-%E2%80%93-yara-signature-creation-1

(Originally on Twitter: Tue Aug 21 21:11:56 +0000 2012)

http://blog.ptsecurity.com/2012/08/not-so-random-numbers-take-two.html “How can we get mt_rand seed via PHPSESSID?” The easiest fix would be moving from MD5 to HMAC. no?

(Originally on Twitter: Wed Aug 22 14:01:54 +0000 2012)

http://www.flickr.com/photos/adulau/7839566864/in/photostream I was impressed by the live performance and I took some pictures in the late evening. #chassepierre

(Originally on Twitter: Wed Aug 22 20:59:06 +0000 2012)

http://code.google.com/p/libfvde/ “Library and tools for reading FileVault Drive Encryption (FVDE) encrypted volumes.” using EncryptedRoot.plist.wipekey

(Originally on Twitter: Thu Aug 23 05:27:14 +0000 2012)

@lemondefr http://www.lemonde.fr/technologies/article/2012/08/25/la-victoire-d-apple-une-percee-strategique-pas-une-offensive-thermonucleaire_1751408_651865.html Could you avoid to use a patent lobbyist as a single source for an article? #patents

(Originally on Twitter: Sun Aug 26 07:17:35 +0000 2012)

https://blog.mandiant.com/archives/3189 “malware proceeds to use “certmgr.exe” to install the certificate to the local store as a root CA” back to the roots

(Originally on Twitter: Sun Aug 26 15:23:07 +0000 2012)

http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html At a rhythm of one zero-day per week for Oracle/Sun Java… how do you feel? #infosec

(Originally on Twitter: Mon Aug 27 05:18:26 +0000 2012)

During hack.lu 2012, A critical analysis of Dropbox software security will be presented http://2012.hack.lu/index.php/List#Nicolas_Ruff_and_Florian_Ledoux:_A_critical_analysis_of_Dropbox_software_security

(Originally on Twitter: Mon Aug 27 09:15:24 +0000 2012)

RT @Fr333k: .@adulau @newsoft I’d be curious to see if they read our paper from last year, and what other issues they found (PDF): http: …

(Originally on Twitter: Mon Aug 27 11:22:08 +0000 2012)

RT @thegrugq: Let me sum up all future posts about Java, forever: “it is my recommendation to disable Java, preferably via ‘DoD 7 passes …

(Originally on Twitter: Mon Aug 27 11:39:43 +0000 2012)

RT @newsoft: @Fr333k @adulau Our research is different: we focus on software analysis & code protection - but expect some surprises …

(Originally on Twitter: Mon Aug 27 20:18:21 +0000 2012)

RT @newsoft: @Fr333k @adulau @Myst3rie We have the source :) As for the conference materials, it will be made available on http://t.co/C …

(Originally on Twitter: Tue Aug 28 09:43:37 +0000 2012)

http://2012.hack.lu/index.php/List#Igor_Skochinsky:_Sony_Reader_Hacking_Story Sony Reader Hacking Story will be presented at hack.lu 2012 by Igor Skochinsky (from Hex-Rays) @hack_lu

(Originally on Twitter: Tue Aug 28 14:33:27 +0000 2012)

RT @PhysicalDrive0: MD5 0cbc25ade65bcd7a28dd8ac62ea20186 Pre.jar - Blackhole Exploit Kit + (CVE-2012-4681)

(Originally on Twitter: Tue Aug 28 17:27:01 +0000 2012)

http://cseweb.ucsd.edu/~voelker/pubs/eaas-ccs12.pdf “Manufacturing Compromise: The Emergence of Exploit-as-a-Service” #infosec #exploitkit

(Originally on Twitter: Tue Aug 28 20:12:55 +0000 2012)

I have the bad feelings that Oracle didn’t keep the security staff working on Java security… http://www.kb.cert.org/vuls/id/MORO-8XKL37

(Originally on Twitter: Wed Aug 29 09:08:48 +0000 2012)

http://2012.hack.lu/index.php/List#Mathieu_RENARD_-GOTO:Hack_iOS_applications-Does_your_company_data_are_safe_when_stored_on_iDevices.3F “iOS applications - Does your company data are safe when stored on iDevices ?” will be at hack.lu 2012 @GotoHack

(Originally on Twitter: Wed Aug 29 11:52:51 +0000 2012)

@eromang Three months old is a good estimation especially if you look a bit at that “funky” market… it won’t be the last.

(Originally on Twitter: Wed Aug 29 12:01:32 +0000 2012)

RT @citizenlab: Our latest report https://citizenlab.org/2012/08/the-smartphone-who-loved-me-finfisher-goes-mobile/ and Bloomberg coverage http://www.bloomberg.com/news/2012-08-29/spyware-matching-finfisher-can-take-over-iphone-and-blackberry.html @headhntr @billmarczak

(Originally on Twitter: Thu Aug 30 05:25:23 +0000 2012)

http://2012.hack.lu/index.php/List#S.C3.A9bastien_Dudek_and_Guillaume_Delugr.C3.A9_-_MobiDeke:_Fuzzing_the_GSM_Protocol_Stack Interested in Fuzzing the GSM protocol stack -> this talk will be at hack.lu 2012 @hack_lu #gsm #infosec

(Originally on Twitter: Thu Aug 30 07:34:58 +0000 2012)

http://msdn.microsoft.com/en-us/library/exchange/hh352638%28v=exchg.140%29.aspx Check if your MUA is properly finding and calling the Autodiscover (Exchange ActiveSync) service… #infosec

(Originally on Twitter: Thu Aug 30 09:33:29 +0000 2012)

If you are curious of the origin for the Java 1.7 Expression() bug, here is the 3 years old patch introducing the bug http://hg.openjdk.java.net/jdk7/jdk7/jdk/rev/e02f2d591cd5

(Originally on Twitter: Thu Aug 30 12:13:36 +0000 2012)

@mozsec and what about CVE-2012-1723? Does the June 2012 patch really solved this vulnerability valid from 1.4 until 1.7?

(Originally on Twitter: Thu Aug 30 14:30:23 +0000 2012)

RT @6e726d: Working on the presentation “One Firmware To Monitor ‘em All”. Hoping we impress with the demos. @tutterr #hacklu

(Originally on Twitter: Fri Aug 31 05:16:42 +0000 2012)

You send an exploit to a software vendor then they send you back that is not applicable. You start to understand why there is a 0d market.

(Originally on Twitter: Fri Aug 31 18:12:04 +0000 2012)

If you want to relax after your daily dose of software vulnerabilities, there is a nice dark electronic mix at http://www.analogueflex.co.uk …

(Originally on Twitter: Fri Aug 31 18:37:56 +0000 2012)

RT @0xcharlie: So java is back to how it usually is, known to be vulnerable but no public POCs. I know I feel better.

(Originally on Twitter: Fri Aug 31 18:42:34 +0000 2012)

@sam280 Indeed. That’s why I usually use a throw away email account when submitting to the commonly unfriendly ones. #infosecsucks

(Originally on Twitter: Fri Aug 31 19:26:57 +0000 2012)

http://www.goodiff.org/changeset/659/google/froogle.google.com/froogle/intl/en_us/about.html Google Product Search moved from a free service to paid product listing… at least in their ToS #goodiff

(Originally on Twitter: Sat Sep 01 06:36:02 +0000 2012)

http://cs.ucsb.edu/~chris/research/doc/dimva12_memwrite.pdf “Tracking Memory Writes for Malware Classification and Code Reuse Identification” nice idea any implementation?

(Originally on Twitter: Sun Sep 02 13:37:21 +0000 2012)

http://2012.hack.lu/index.php/List#Philippe_Langlois_-_Remotely_crashing_HLR_or_why_it_took_telecom_industry_20_years_to_recognize_the_problems_with_SS7 “Remotely crashing HLR or why it took telecom industry 20 years to recognize the problems with SS7” at hack.lu 2012

(Originally on Twitter: Mon Sep 03 11:53:29 +0000 2012)

Listening to a stupid talk “this is a cyber-security weapon” hmmm it’s more like a software bug that needs to be fixed.. #infosecisnull

(Originally on Twitter: Mon Sep 03 18:05:46 +0000 2012)

@r00tbsd This could fall into the general category “software to be fixed” but here it’s about something called “security assessment module”

(Originally on Twitter: Mon Sep 03 18:10:17 +0000 2012)

@r00tbsd “the assessment module” is just crashing while giving a random file instead of an XML. I just suppose they forgot to assess it ;-)

(Originally on Twitter: Mon Sep 03 18:11:42 +0000 2012)

@rbidule To remain diplomatically correct: It’s a very interesting interactive session with a vendor of an incredible security product.

(Originally on Twitter: Mon Sep 03 18:25:11 +0000 2012)

@ochsff You don’t need to mow all the grass with a tractor. A scythe can do the job but to use it well, the learning curve is like GDB…

(Originally on Twitter: Tue Sep 04 06:12:34 +0000 2012)

@ochsff I followed a Scythe training this summer http://www.foo.be/scythe/ but to master it takes some time/square meters… @sergeybratus

(Originally on Twitter: Tue Sep 04 06:23:53 +0000 2012)

RT @subm3rge: Sometimes #CERT work is like trying to be a firefighter in nasty hoods: You have to do it even while the inhabitants throw …

(Originally on Twitter: Tue Sep 04 14:31:23 +0000 2012)

If you want to know more about the @malwarelu project, there will be a talk at hack.lu 2012 http://2012.hack.lu/index.php/List#Paul_Rascagn.C3.A8res_-_Hugo_Caron_Malware.lu_overview #malware #conference

(Originally on Twitter: Wed Sep 05 07:31:04 +0000 2012)

RT @gal_diskin: Listening to Hovav Shacham trying to explain ROP to a lecture hall full of people clueless about security. pretty amusing

(Originally on Twitter: Wed Sep 05 11:45:02 +0000 2012)

http://2012.hack.lu/index.php/List#Wil_Allsopp_-My_Life_as_an_International_Arms_Dealer-_Social_Engineering_and_the_Psychology_of_Anonymity “My Life as an International Arms Dealer - Social Engineering and the Psychology of Anonymity “ will be at hack.lu 2012

(Originally on Twitter: Wed Sep 05 12:45:34 +0000 2012)

Another presentation and developer workshop at hack.lu 2012 about Tor http://2012.hack.lu/index.php/List#Arturo_Filast.C3.B2_-_Cypherpunks_write_code:_Hacking_on_Tor Cypherpunks write code: Hacking on Tor @hack_lu

(Originally on Twitter: Wed Sep 05 13:42:31 +0000 2012)

@flxflx The list of the hack.lu 2012 CTF prizes are now available http://2012.hack.lu/index.php/CaptureTheFlag usually you do the CTF the fun or an IDA license ;-)

(Originally on Twitter: Wed Sep 05 14:30:10 +0000 2012)

I will add in the glossary of a research document the following acronym: UTFW, Use The Fucking Wiki. I don’t know if people will see it.

(Originally on Twitter: Thu Sep 06 09:13:52 +0000 2012)

http://arxiv.org/abs/1209.0875 “Applying recent secure element relay attack scenarios to the real world: Google Wallet Relay Attack” #rfid

(Originally on Twitter: Thu Sep 06 13:15:09 +0000 2012)

http://www.flavorwire.com/325194/a-brief-photo-survey-of-abandoned-video-stores “A Brief Photo Survey of Abandoned Video Stores” I hope libraries will not go in that direction…

(Originally on Twitter: Fri Sep 07 08:16:17 +0000 2012)

RT @antisnatchor: The new @beefproject SocialEngineering extension is now in our repo! give it a try, it’s awesome. slides: http://t.co/ …

(Originally on Twitter: Sat Sep 08 06:05:07 +0000 2012)

RT @hack_lu: https://www.dragonresearchgroup.org/challenges/HOTCRP/ If you want to win 2 free entrances for hack.lu 2012, there is the Dragon Research Group (DRG) HotCRP …

(Originally on Twitter: Sun Sep 09 06:53:23 +0000 2012)

RT @Sebdraven: registered for #hacklu \o/

(Originally on Twitter: Mon Sep 10 13:43:44 +0000 2012)

RT @Regiteric: @Sebdraven It seems we will meet at: #OSSIR #bretagne and #hacklu. Are you at #RAID ?

(Originally on Twitter: Mon Sep 10 13:43:49 +0000 2012)

RT @circl_lu: http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt FreeRADIUS vulnerability (pre-auth) CVE-2012-3547 fixed in latest release FreeRadius 2.2.0 #infosec

(Originally on Twitter: Mon Sep 10 14:23:32 +0000 2012)

http://2012.hack.lu/index.php/List#Eric_Vyncke_-The_Layer-2_Insecurities_of_IPv6_and_the_Mitigation_Techniques Eric Vyncke will talk about The Layer-2 Insecurities of IPv6 and the Mitigation Techniques at hack.lu 2012

(Originally on Twitter: Mon Sep 10 14:52:11 +0000 2012)

RT @blackswanburst: Looking for easy talk ideas and an chilled out workshop? Come see me at #hacklu http://goo.gl/8YSjg @IOActive @adul …

(Originally on Twitter: Tue Sep 11 06:35:49 +0000 2012)

https://github.com/blasty/ssh_rape Injecting an authorized key in a running sshd process… #infosec #ssh_rape

(Originally on Twitter: Tue Sep 11 12:52:42 +0000 2012)

@mvyonline Not a vulnerability, It’s a standard way of many operating systems to treat memory as a trusted input… #infosec

(Originally on Twitter: Tue Sep 11 13:31:22 +0000 2012)

RT @TheRealSpaf: And today, 11 years later, I am back the DC area, for another cancelled briefing. Did the world improve for other than …

(Originally on Twitter: Tue Sep 11 13:46:00 +0000 2012)

RT @NeelieKroesEU: CERT-EU (Computer Emergency Response Team) is to be established on a permanent basis for #EU institutions. Great news …

(Originally on Twitter: Wed Sep 12 07:29:11 +0000 2012)

@rommelfs I’m tweeting you to test your interface for testing the running command line interface “rm -rf /”…

(Originally on Twitter: Wed Sep 12 10:50:57 +0000 2012)

RT @nickm_tor: Some thoughts on the CRIME attack and its (apparent lack of) impact on Tor: https://blog.torproject.org/blog/some-thoughts-crime-attack

(Originally on Twitter: Fri Sep 14 20:18:07 +0000 2012)

@snazmeister We are doing well. Did you register for @hack_lu 2012? There is a nice CTF during the conference.

(Originally on Twitter: Fri Sep 14 20:20:41 +0000 2012)

@fvilers Indeed, everything is possible… I’m impressed by the quality of the geolocation ;-)

(Originally on Twitter: Fri Sep 14 20:20:50 +0000 2012)

To summarize the past mess, compression before encryption is still a good advice especially when you don’t have compression headers…

(Originally on Twitter: Fri Sep 14 20:29:29 +0000 2012)

@mikko It’s a good sign for the cryptanalysts to work on that.

(Originally on Twitter: Mon Sep 17 08:22:40 +0000 2012)

http://2012.hack.lu/index.php/List#Beer_homebrewing_workshop Not only hardcore security stuff at @hack_lu 2012, there will be also a beer home brewing workshop… #beer #infosec

(Originally on Twitter: Mon Sep 17 13:56:07 +0000 2012)

http://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00 “The scrypt Password-Based Key Derivation Function” as an Internet-Draft

(Originally on Twitter: Mon Sep 17 21:35:09 +0000 2012)

RT @push_pnx: Updated IDAscope to have loop awareness in crypto identification. Pretty good to narrow down candidates. http://pnx-tf.blogspot.de/2012/09/idascope-fixed.html

(Originally on Twitter: Tue Sep 18 12:13:28 +0000 2012)

Tonight, I used an old CVS manual to start fire in my #tulikivi… It’s the first time I feel good to use CVS ;-) #git

(Originally on Twitter: Tue Sep 18 22:04:30 +0000 2012)

Reading this from an infosec company newsletter “How technology can help mitigate the risks” I want to add “and create new risks” #infosec

(Originally on Twitter: Wed Sep 19 09:15:35 +0000 2012)

RT @BSidesLondon: While you wait for #BSidesLondon challenges why not try the one from @hack_lu & @DragonResearch http://t.co/RCpjA …

(Originally on Twitter: Wed Sep 19 21:01:11 +0000 2012)

A small reminder for malware authors, for the Visa 3D secure initial handshake it’s very easy, just store all fields entered in the DOM.

(Originally on Twitter: Thu Sep 20 09:47:22 +0000 2012)

RT @PhysicalDrive0: IE 0 Day CVE-2012-4969 - VirusTotal >>> 0/43 <<< http://goo.gl/m2kB6 #IE #0Day #execCommand #patchnow

(Originally on Twitter: Fri Sep 21 18:58:36 +0000 2012)

RT @ochsff: Hillarious combination of promoted Samsung tweet and article about NFC exploit

(Originally on Twitter: Fri Sep 21 19:11:53 +0000 2012)

RT @hack_lu: The party is confirmed at hack.lu 2012, it’s the 23th October evening… another good reason to register ;-) #hacklu #ctf # …

(Originally on Twitter: Fri Sep 21 19:19:17 +0000 2012)

“Товарищи, собрано меньше половины от требуемой суммы” for the ones part of the club. They still need some support…. #genlib

(Originally on Twitter: Fri Sep 21 19:50:20 +0000 2012)

RT @ioerror: Has anyone worked on Iridium satellite pager decoding in the 1626.4375MHz space?

(Originally on Twitter: Sat Sep 22 07:22:56 +0000 2012)

RT @shootingsawk: Le Figaro nous apprend que Jeff Mills fait de l’electro-pop. Non, non, non madame la journaliste, c’est de la techno. …

(Originally on Twitter: Sun Sep 23 09:10:58 +0000 2012)

http://www.cyberesi.com/2012/09/21/trojan-foxy-des/ “Trojan.Foxy-DES Analysis” It seems to be a trend for some malware authors to use slightly modified ciphers. #malware

(Originally on Twitter: Sun Sep 23 09:14:24 +0000 2012)

More talks for @hack_lu 2012 Honeypot ENISA Study outcomes, abusing SystemTap and pom-ng network analysis (the successor of packet-o-matic)

(Originally on Twitter: Mon Sep 24 08:11:10 +0000 2012)

RT @malwarelu: We updated our search engine by malware’s name It is very fast searching among 3 millions of samples now!! Test it and gi …

(Originally on Twitter: Mon Sep 24 14:21:08 +0000 2012)

RT @circl_lu: http://seclists.org/fulldisclosure/2012/Sep/170 “[SE-2012-01] Critical security issue affectingJava SE 5/6/7” Current recommendation remove or disabl …

(Originally on Twitter: Tue Sep 25 12:54:13 +0000 2012)

RT @mcholste: Favorite malware SSL cert of the day: emailAddress=larry.page@gmail.com,CN=Larry Page,OU=Web Search Dept #ELSA query: self …

(Originally on Twitter: Wed Sep 26 04:41:11 +0000 2012)

RT @pentestit: phpmyadmin_3522_backdoor.rb - http://dev.metasploit.com/redmine/projects/framework/repository/revisions/3ade5a07e7bb1b1f915a6421f3f1df0895e6f16d/entry/modules/exploits/multi/http/phpmyadmin_3522_backdoor.rb - Need I say more?

(Originally on Twitter: Wed Sep 26 12:04:39 +0000 2012)

RT @marcwickenden: Code for my Splunk admin abuse tool “spunk” can be found at https://github.com/offensivecoder/spunk #brucon

(Originally on Twitter: Thu Sep 27 12:39:08 +0000 2012)

RT @hack_lu: Don’t forget to register your team for the @hack_lu CTF and register onsite if you want to win the prizes @ctfcentral #ctf …

(Originally on Twitter: Thu Sep 27 20:37:13 +0000 2012)

http://blogs.adobe.com/asset/2012/09/inappropriate-use-of-adobe-code-signing-certificate.html “Inappropriate Use of Adobe Code Signing Certificate” via a compromised build server

(Originally on Twitter: Thu Sep 27 20:41:22 +0000 2012)

+1 infosec fun http://seclists.org/nmap-dev/2012/q3/1050 for the “Nmap: The Internet Considered Harmful - DARPA Inference Cheking Kludge Scanning”

(Originally on Twitter: Sat Sep 29 10:15:00 +0000 2012)

https://github.com/taviso/rarvmtools RarVM Toolchain is cool… wondering until when a HTML5VM will pop up as this is also close a Turing-complete machine

(Originally on Twitter: Sat Sep 29 10:33:01 +0000 2012)

RT @FilipWaeytens: Amazed: not a single word about #brucon in the Belgian media. Guess they are only interested in the negative kind of …

(Originally on Twitter: Sat Sep 29 10:49:54 +0000 2012)

https://github.com/gurgeh/selfspy a nice example with selfspy why sometime malware functionalities can be useful for everyone or is it the reverse?

(Originally on Twitter: Sun Sep 30 07:32:33 +0000 2012)

@adobe where is your exhaustive list of CRL URLs for Adobe products? for example FlashAccessIndividualizationCA never revoke a cert #infosec

(Originally on Twitter: Sun Sep 30 08:39:10 +0000 2012)

@endrazine @msuiche I’m close to replace the “powerpoint” karaoke at @hack_lu with your funny “SCIgen” paper ;-)

(Originally on Twitter: Sun Sep 30 10:43:32 +0000 2012)

A new announced talk at @hack.lu 2012 “Varnish Security Firewall - high voltage protection for your web apps” http://2012.hack.lu/index.php/List#Edward_Fjellsk.C3.A5l_and_Kacper_Wysocki_-Varnish_Security_Firewall-_high_voltage_protection_for_your_web_apps #infosec

(Originally on Twitter: Mon Oct 01 17:45:09 +0000 2012)

Today, I just won 1 kilogram of Belgian dark chocolate. Because my bet was on the Keccak hashing family for SHA-3….

(Originally on Twitter: Tue Oct 02 21:08:22 +0000 2012)

@sam280 at least, it will have an impact on my BMI ;-)

(Originally on Twitter: Tue Oct 02 21:20:36 +0000 2012)

@dakami is the file a multiple of the page size? I think it’s zeroed if not a multiple.

(Originally on Twitter: Tue Oct 02 21:24:29 +0000 2012)

RT @nickm_tor: Nice reading if you’re thinking “I should use SHA2 and SHA3 for extra security!”: http://homepages.cwi.nl/~pietrzak/publications/FLP08.pdf Be sure to read …

(Originally on Twitter: Wed Oct 03 14:58:07 +0000 2012)

@novytweety Why don’t you use the FreeRadius Dialup admin interface? http://freeradius.org/dialupadmin.html

(Originally on Twitter: Wed Oct 03 20:58:04 +0000 2012)

RT @securityerrata: Hakin9 sends lawyer and takedown request after Fyodor/nmap for hosting ‘The Internet Considered Harmful - DICKS’ spo …

(Originally on Twitter: Thu Oct 04 04:38:36 +0000 2012)

RT @xme: Sometimes, you must say “No way!”

(Originally on Twitter: Fri Oct 05 07:42:14 +0000 2012)

I need to understand something, why people are worried about surveillance? if the same people doing surveillance don’t read their own logs.

(Originally on Twitter: Sun Oct 07 20:56:34 +0000 2012)

Fyodor Yarochkin and Vladimir Kropotov will talk about Real-time malicious domain detection at @hack_lu 2012 #hacklu http://2012.hack.lu/index.php/List#Fyodor_Yarochkin_and_Vladimir_Kropotov_-_Real-time_malicious_domain_detection_and_malicious_activity_analysis

(Originally on Twitter: Tue Oct 09 06:27:56 +0000 2012)

“Insecurity of Security Equipments” talk added for @hack_lu 2012 http://2012.hack.lu/index.php/List#Eric_Chassard_and_Maxime_Clementz_-_Insecurity_of_Security_Equipments

(Originally on Twitter: Tue Oct 09 13:41:54 +0000 2012)

@evyncke @xme if you have any pointers for the game theory approach used (with reinforcement learning?) in the talk you mentioned. thx.

(Originally on Twitter: Tue Oct 09 15:16:57 +0000 2012)

@xme thanks for the pointer.

(Originally on Twitter: Tue Oct 09 15:24:35 +0000 2012)

A first version of the @hack_lu 2012 agenda has been published http://2012.hack.lu/index.php/Agenda #infosec #conference #luxembourg

(Originally on Twitter: Wed Oct 10 07:29:52 +0000 2012)

RT @npettiaux: Inviter tous les candidats aux élections communales ce 14/10/2010 à signer LePacte.be des libertés numériques http://t.co …

(Originally on Twitter: Wed Oct 10 11:59:04 +0000 2012)

http://tools.ietf.org/html/draft-balfanz-tls-obc-01 “TLS Origin-Bound Certificates” Maybe an approach to limit the risk of intercepted cookies… #infosec

(Originally on Twitter: Wed Oct 10 13:36:34 +0000 2012)

RT @hack_lu: We just received the hack.lu 2012 t-shirts with another “crypto” challenge… #ctf #challenge #crypto #conference

(Originally on Twitter: Wed Oct 10 18:57:24 +0000 2012)

@PascClau Le vote papier c’est moins cher, contrôlable par tous, facile à utiliser et en cas de panne on peut remplacer le crayon #evoting

(Originally on Twitter: Wed Oct 10 19:00:21 +0000 2012)

@PascClau @FlooFrans Le seul avantage du evoting, c’est la rapidité des résultats. Ce n’est pas un avantage pour la démocratie #Connexions

(Originally on Twitter: Wed Oct 10 20:12:10 +0000 2012)

@PascClau @FlooFrans All the security people in computer science prefer the paper ballot if they have the choice between electro/paper vote.

(Originally on Twitter: Wed Oct 10 20:16:22 +0000 2012)

@noktec @PascClau Toutes les implémentations sont vulnérables et refaire une impression papier démontre que le papier est plus efficace.

(Originally on Twitter: Wed Oct 10 20:37:43 +0000 2012)

@noktec @PascClau Si vous voulez voir les choses à ne pas faire voici une partie de digivote 2003 et 2009 http://git.quuxlabs.com/?p=belgium-election-digivote/.git;a=summary #infosec

(Originally on Twitter: Wed Oct 10 20:40:55 +0000 2012)

RT @hack_lu: Do you have something incredible to present or show @hack_lu 2012? There are still some slots during the lightning talks. D …

(Originally on Twitter: Wed Oct 10 20:44:10 +0000 2012)

https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/241305 I open an ticket in 2008 and it’s still open… just to have http://security.ubuntu.com accessible in IPv6

(Originally on Twitter: Thu Oct 11 04:45:49 +0000 2012)

@Hexacorn For the Skype “Worm”, could give the MD5 of the five samples? #infosec

(Originally on Twitter: Thu Oct 11 04:47:53 +0000 2012)

@Hexacorn Thanks for the MD5 hashes.

(Originally on Twitter: Fri Oct 12 07:19:53 +0000 2012)

RT @violetblue: Here are 3 representatives from Huawei covertly watching @41414141 dissect its surveillance-friendly code #HITB2012KUL h …

(Originally on Twitter: Fri Oct 12 07:38:33 +0000 2012)

Looking for Ngram dataset with a timeline? Google books Ngram dataset available -> http://books.google.com/ngrams/datasets

(Originally on Twitter: Fri Oct 12 19:28:15 +0000 2012)

Some raw statistics about my analysis of the X.509 certificate revocation reasons from 2011 to 2012 https://gist.github.com/3881180 #infosec

(Originally on Twitter: Fri Oct 12 20:04:43 +0000 2012)

RT @0xabad1dea: @letoams Skype is a malicious binary. No need to be snippy.

(Originally on Twitter: Fri Oct 12 20:19:11 +0000 2012)

I might give a lightning talk during #hacklu 2012 about my revisited X.509 Certificate Revocation analysis http://www.foo.be/cgi-bin/wiki.pl/2011-12-17_Certificate_Revocation_Reasons_2011

(Originally on Twitter: Fri Oct 12 20:24:33 +0000 2012)

http://2012.hack.lu/index.php/Agenda @hack_lu 2012 agenda updated including a new talk about “The Office Demon: Minos” - attacking Word documents. #hacklu

(Originally on Twitter: Mon Oct 15 08:18:15 +0000 2012)

RT @0xabad1dea: But when you make malware that has a distinctive style, you’re inviting other people to imitate it and get starred on Ka …

(Originally on Twitter: Mon Oct 15 19:24:32 +0000 2012)

RT @FlUxIuS: Curious about #GSM #Baseband #Fuzzing? Two ‘awesome’ researchers will be presenting at @hack_lu next week. Don’t Miss… Sa …

(Originally on Twitter: Tue Oct 16 21:07:55 +0000 2012)

http://megafrock.com/cryptex.html “Windows System Exploit” I don’t like it… especially when it’s touching the runtime subsystem. #infosec

(Originally on Twitter: Wed Oct 17 06:29:53 +0000 2012)

@jpflorent Thank you for your support. #hacklu 2012 will be a lot fun. #infosec @hack_lu

(Originally on Twitter: Wed Oct 17 09:44:15 +0000 2012)

Usually I don’t read ZDnet but I did an exception for “Don’t secure the internet, it needs crime” as said by Diffie http://www.zdnet.com/dont-secure-the-internet-it-needs-crime-diffie-7000005958/

(Originally on Twitter: Thu Oct 18 08:34:41 +0000 2012)

@mukimu Will you publish the full transcript/interview you had with Diffie? #infosec

(Originally on Twitter: Thu Oct 18 08:35:40 +0000 2012)

RT @sansforensics: Linux Sleuthing: Christmas come early: HFS/HFS+ Mounting http://ow.ly/2sKAJD

(Originally on Twitter: Fri Oct 19 06:10:50 +0000 2012)

@hack.lu #hacklu 2012 will be in the next days. We hope to see you there, enjoying the talks, the CTF, improving infosec and having fun.

(Originally on Twitter: Fri Oct 19 06:40:42 +0000 2012)

RT @deesse_k: Finished writing a MsvPasswordValidate bypass tool for win 8 x64 EFI (SB not activated). ISO release coming soon.

(Originally on Twitter: Fri Oct 19 08:08:17 +0000 2012)

You know that you are in deep shit when you compile some old Python modules and discover that you need a Fortran compiler. #wtf

(Originally on Twitter: Fri Oct 19 20:38:24 +0000 2012)

@cudeso thank you ;-) Luckily GNU Fortran was able to compile this modified vintage code from numerical recipes. My night is save.

(Originally on Twitter: Fri Oct 19 20:46:29 +0000 2012)

@clausoverbeck Will you participate to the CTF online? #hacklu that’s already a part of the fun without being at the conference ;-)

(Originally on Twitter: Fri Oct 19 21:00:19 +0000 2012)

RT @AcidRampage: @mikko If DDoSes are now used to hide more serious attacks, wouldn’t it be the best time to check for github logs and s …

(Originally on Twitter: Fri Oct 19 21:17:26 +0000 2012)

RT @headhntr: “Never ask a lawyer if you can do something! Ask them how to keep you out of jail for shit you did…” - @coryaltheide giv …

(Originally on Twitter: Sat Oct 20 06:30:40 +0000 2012)

I don’t know why but I have sometime this feeling when checking security products: http://www.flickr.com/photos/adulau/7712545428/in/photostream picture taken in Brittany #infosec

(Originally on Twitter: Sun Oct 21 14:37:57 +0000 2012)

Don’t expect to use the Canon Original Decision Data for forensic cases… https://github.com/lclevy/odd_verify #infosec #canon

(Originally on Twitter: Sun Oct 21 14:52:33 +0000 2012)

RT @Regiteric: Code for @hack_lu is ready, I can now finish the slides https://github.com/regit/opensvp/commit/9d24297793e2f2a11f81589004ed5a9be2568d42 (cc @r00tbsd)

(Originally on Twitter: Sun Oct 21 20:29:32 +0000 2012)

If you are at the hotel for #hacklu 2012 feel free to preregister in the Europe room until 23:00 @hack_lu

(Originally on Twitter: Mon Oct 22 20:08:12 +0000 2012)

Workshops agenda is now online http://2012.hack.lu/index.php/Agenda#Workshops_Agenda #hacklu

(Originally on Twitter: Tue Oct 23 05:28:33 +0000 2012)

RT @blackswanburst: About to start our #shodan workshop at #hacklu @adulau @achillean All welcome from novice to API ninjas! @IOActive

(Originally on Twitter: Tue Oct 23 07:35:34 +0000 2012)

RT @cokebottle: Ghetto ShodanHQ queries: port:23 Nyancat

(Originally on Twitter: Tue Oct 23 08:26:56 +0000 2012)

RT @xme: The magic of #shodan to find interesting stuff! #hacklu http://twitpic.com/b6nqxo

(Originally on Twitter: Tue Oct 23 08:27:22 +0000 2012)

#hacklu CTF will start at 11:00 @hack_lu

(Originally on Twitter: Tue Oct 23 08:27:46 +0000 2012)

RT @headhntr: Today: Warsaw, Poland for the 16th Conference on Telecommunications and Security. Tomorrow: Luxembourg for @hack_lu. #secu …

(Originally on Twitter: Tue Oct 23 08:28:03 +0000 2012)

#hacklu tshirt challenge is also available for non-local CTF participant. Enjoy and have fun! Clue: it’s easier with a tshirt @hack_lu #ctf

(Originally on Twitter: Tue Oct 23 08:29:16 +0000 2012)

RT @cvandeplas: Draw, simulate, run,… networks and systems with #hynesim at #hacklu http://www.hynesim.com/Overview-613-0-0-0.html #opensource

(Originally on Twitter: Tue Oct 23 09:42:45 +0000 2012)

Some updates in the Agenda for #hacklu @hack_lu http://2012.hack.lu/index.php/Agenda

(Originally on Twitter: Tue Oct 23 09:43:28 +0000 2012)

RT @DidierStevens: I’m at #hacklu My workshop is at 15:00 http://Workshop.didierstevens.com You need a 32-bit XP machine, VM is fine.

(Originally on Twitter: Tue Oct 23 09:43:34 +0000 2012)

RT @blackswanburst: @CanotasInule @adulau @achillean @ioactive We have a ten minute break now, but the slides will be in the archive for …

(Originally on Twitter: Tue Oct 23 10:08:44 +0000 2012)

RT @tomchop_: SinFP3 at #hacklu : OS fingerprinting on steroids!

(Originally on Twitter: Tue Oct 23 14:42:47 +0000 2012)

RT @xme: When slides look easy, think about the days/weeks/months spent to perform the research! Respect! #hacklu

(Originally on Twitter: Tue Oct 23 14:43:30 +0000 2012)

RT @virii: At #hacklu for the @c3l_ :) Come by and grab a sticker ;)

(Originally on Twitter: Tue Oct 23 15:14:42 +0000 2012)

RT @cedricpernet: RT @xme: 70% of Android malwares use “Premium SMS” services to get $$$ #hacklu #malware #android #cybercrime

(Originally on Twitter: Tue Oct 23 15:14:46 +0000 2012)

RT @Regiteric: @valdesjo77 @Sebdraven #hacklu slides are available here http://archive.hack.lu/2012/

(Originally on Twitter: Tue Oct 23 15:14:55 +0000 2012)

RT @tutterr: Sony used same private keys to decrypt and sign firm updates in some PRS readers - ouch! - #hacklu 2012

(Originally on Twitter: Tue Oct 23 15:15:06 +0000 2012)

RT @xme: Looking for bugs? Use Google Alerts to catch people reporting “IE9 crash” or use #pastemon ;-) #hacklu

(Originally on Twitter: Tue Oct 23 16:36:30 +0000 2012)

A small hint for the tshirt challenge “It was in use sometime ago” #ctf #infosec #hacklu

(Originally on Twitter: Tue Oct 23 18:51:35 +0000 2012)

RT @xme: [/dev/random] Hack.lu 2012 Wrap-Up Day #1 http://blog.rootshell.be/?p=19827 #hacklu

(Originally on Twitter: Tue Oct 23 23:52:00 +0000 2012)

RT @steevebarbeau: Malwasm developed by @r00tbsd & @y0ug looks awesome ! http://malwasm.com/ http://code.google.com/p/malwasm/ #hacklu

(Originally on Twitter: Tue Oct 23 23:52:25 +0000 2012)

@RealKevinNoble Thanks. If you have any question about this research, feel free. #infovis #dns #infosec

(Originally on Twitter: Tue Oct 23 23:55:00 +0000 2012)

#hacklu Agenda updated for today http://2012.hack.lu/index.php/Agenda @hack_lu

(Originally on Twitter: Wed Oct 24 07:37:32 +0000 2012)

Don’t forget to register your lightning talk for today on the whiteboard… #hacklu @hack_lu

(Originally on Twitter: Wed Oct 24 07:38:15 +0000 2012)

@fygrave Closer to the solution… until now, one team found it. #hacklu

(Originally on Twitter: Wed Oct 24 07:39:58 +0000 2012)

RT @niCRO: @newsoft je suis donc un APT reel ? ;-) Bien le bonjour aux autres a #hacklu /cc: @rbidule @adulau

(Originally on Twitter: Wed Oct 24 08:01:07 +0000 2012)

CTF #hacklu official prize distribution will be at 2:15 PM in the Europe room. @hack_lu

(Originally on Twitter: Thu Oct 25 07:42:29 +0000 2012)

RT @ProjectHoneynet: This looks like a promising project. http://code.google.com/p/malwasm/ Hearing good things about it from the folks at #hacklu #m …

(Originally on Twitter: Thu Oct 25 07:42:48 +0000 2012)

RT @xme: Let’s play with Broadcom firmware! #hacklu

(Originally on Twitter: Thu Oct 25 07:47:19 +0000 2012)

RT @tomchop_: Fyodor’s tool is available here : https://github.com/fygrave/dnslyzer #hacklu

(Originally on Twitter: Thu Oct 25 07:47:29 +0000 2012)

RT @tomchop_: Hacking and reversing Broadcom chipsets -> manipulating the device’s memory, stocking data, monitor mode… #hacklu

(Originally on Twitter: Thu Oct 25 07:54:41 +0000 2012)

RT @tutterr: For those who asked, here is the patch to get wifi monmode and injection on mobile devices #hacklu https://github.com/tuter/monmob

(Originally on Twitter: Thu Oct 25 09:10:42 +0000 2012)

RT @tomchop_: 802.11 injection from an iPad! #hacklu diff. chipsets and diff. cards share the same code.

(Originally on Twitter: Thu Oct 25 09:10:48 +0000 2012)

RT @DidierStevens: #hacklu and the cmd & regedit spreadsheet: http://blog.didierstevens.com/2012/09/06/update-split-taskmanager-xls-version-0-1-4/

(Originally on Twitter: Thu Oct 25 15:24:49 +0000 2012)

RT @DidierStevens: Lot of positive feedback on my #hacklu lightning talk (Excel Fun). Maybe I’ll submit a full talk for next year.

(Originally on Twitter: Thu Oct 25 15:26:33 +0000 2012)

RT @dennisappelt: There are pwnies right next to where #hacklu is held. Coincidence? :)

(Originally on Twitter: Thu Oct 25 15:26:57 +0000 2012)

RT @inliniac: Interesting #hacklu talk about packet-o-matic (pom-ng). Real time network forensics with lua scripting. Appears to be simi …

(Originally on Twitter: Thu Oct 25 15:27:11 +0000 2012)

RT @fluxfingers: you can find #hacklu #ctf writeups here: http://ctftime.org/event/38/tasks/

(Originally on Twitter: Thu Oct 25 15:27:31 +0000 2012)

RT @xme: Very nice lightning talks today! Great job guys! #infosec #hacklu

(Originally on Twitter: Thu Oct 25 15:40:30 +0000 2012)

@maxime_tz Thank you for being with us. See you at the next edition! #hacklu #infosec

(Originally on Twitter: Thu Oct 25 19:28:02 +0000 2012)

RT @Sebdraven: #hacklu three awesome days with awesome people. See you next year!

(Originally on Twitter: Thu Oct 25 20:21:06 +0000 2012)

After #hacklu 2012 “nani gigantum humeris insidentes” makes much more sense. #infosec #sharing

(Originally on Twitter: Thu Oct 25 20:21:13 +0000 2012)

Using the z3 sat solver in one of the #hacklu CTF http://blog.lse.epita.fr/articles/34-hacklu-ctf-2012-donn-beach-500-points.html interesting #reversing

(Originally on Twitter: Thu Oct 25 20:33:46 +0000 2012)

@tutterr Thanks for your talk. It’s really an impressive work… #hacklu #firmwaresecurity #infosec

(Originally on Twitter: Thu Oct 25 20:53:41 +0000 2012)

@Regiteric Congrats! I hope that you’ll work on the PF rule-set grammar for #Netfilter ;-)

(Originally on Twitter: Thu Oct 25 21:20:59 +0000 2012)

RT @leetmore: Hack.lu 2012 CTF Challenge #3 (450) http://ctf.su/4SYI #hacklu #ctf #writeup

(Originally on Twitter: Fri Oct 26 09:33:16 +0000 2012)

http://lutz.donnerhacke.de/eng/Blog/DNS-Dampening-under-the-microscope DNS Dampening under the microscope #infosec #ddos #dns

(Originally on Twitter: Fri Oct 26 11:25:29 +0000 2012)

RT @circl_lu: http://packages.qa.debian.org/e/exim4/news/20121026T084842Z.html Exim vulnerability packages compiled and updates to come in the next hours. #infosec #exim

(Originally on Twitter: Fri Oct 26 15:44:11 +0000 2012)

Don’t forget to add your writeup for #hacklu 2012 on @ctftime #ctf

(Originally on Twitter: Fri Oct 26 19:55:53 +0000 2012)

RT @jedisct1: RT @hdmoore: Examples of cf9139d54445c8957e750210ba377b2e in web application cookies: http://pastie.org/private/cyzavzyrgv2ymmyt4xotq

(Originally on Twitter: Sat Oct 27 07:02:02 +0000 2012)

Discussing about @hack_lu 2013 improvements, would you enjoy a full half-day of lightning talks? #hacklu #infosec

(Originally on Twitter: Sat Oct 27 10:44:52 +0000 2012)

RT @PatriceAuffret: @adulau @hack_lu A full half-day of 15 minutes talk would be nice ;) 5 minutes is too short.

(Originally on Twitter: Sat Oct 27 13:54:21 +0000 2012)

Question of the day: What was the first malware to abuse deliberately the NTFS Junction point function? #infosec #malware

(Originally on Twitter: Mon Oct 29 09:07:19 +0000 2012)

If you have any pictures for #hacklu 2012, don’t forget to upload them in the flickr hack.lu group http://www.flickr.com/groups/1559269@N23/ thank you!

(Originally on Twitter: Wed Oct 31 13:32:33 +0000 2012)

@bortzmeyer Le BGP Ranking d’OVH est peut-être plus détaillé… http://bgpranking.circl.lu/asns?asn=16276&source=&date= #infosec

(Originally on Twitter: Wed Oct 31 15:33:18 +0000 2012)

just released Forban 0.0.33 including patches from @MatthiasStrubel #p2p #p2popportunistic http://www.foo.be/forban/

(Originally on Twitter: Thu Nov 01 11:10:38 +0000 2012)

RT @FlUxIuS: #Fuzzing the #GSM Protocol Stack slides now available: http://2012.hack.lu/archive/2012/Fuzzing_The_GSM_Protocol_Stack_-_Sebastien_Dudek_Guillaume_Delugre.pdf | #hacklu #Sogeti #ESEC

(Originally on Twitter: Thu Nov 01 13:11:17 +0000 2012)

Any plan for adding a redis file type in Suricata? that would be a killer feature… @Regiteric #nids #infosec

(Originally on Twitter: Thu Nov 01 15:20:14 +0000 2012)

@Regiteric Redis output would be very useful for Suricata module like http-log when you have a ton of output logs to process in FIFO mode.

(Originally on Twitter: Thu Nov 01 15:47:46 +0000 2012)

@rafi0t you can replace Redis with RabbitMQ for the case of Suricata logging. This works too.

(Originally on Twitter: Thu Nov 01 15:55:54 +0000 2012)

RT @monoskop: @aaaarg @chrisdary There’s another TOS tracker at http://www.goodiff.org, and recently launched @ToSDR http://tos-dr.info/#services

(Originally on Twitter: Thu Nov 01 15:56:24 +0000 2012)

RT @inliniac: #Suricata 1.3.3 is out! Important fixes, upgrade highly recommended! Notes: http://suricata-ids.org/2012/11/01/suricata-1-3-3-available/ Download: http://t.co/Zed …

(Originally on Twitter: Thu Nov 01 18:37:19 +0000 2012)

http://tools.ietf.org/html/draft-ietf-websec-key-pinning-03 “Public Key Pinning Extension for HTTP” A good step the section 5 might be the source of core issues #infosec #x509

(Originally on Twitter: Fri Nov 02 11:09:25 +0000 2012)

http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/ “Reverse Engineering Serial Ports” nice one before firing up your bus pirate on an unknown serial bus.

(Originally on Twitter: Fri Nov 02 11:21:58 +0000 2012)

RT @cryptax: In the middle of @aumasson ‘s talk on SHA-3. Like it. You should have included swiss chocolate in your own submission ;) #h …

(Originally on Twitter: Fri Nov 02 12:42:48 +0000 2012)

RT @hack_lu: http://www.flickr.com/photos/adulau/8147615053/in/pool-1559269@N23 a photo of @fluxfingers at #hacklu 2012 operating the CTF with a high level of concentration #info …

(Originally on Twitter: Fri Nov 02 13:46:00 +0000 2012)

RT @pretorienx: tsa4ida.py - Rule Based Function Profiler for IDA http://bit.ly/X5POGh #Reverse #Engineering #Malware #IDA @PhysicalDrive0

(Originally on Twitter: Fri Nov 02 13:51:29 +0000 2012)

RT @DidierStevens: So I just created putty.dll. I guess you know what that means ;-) putty.xls

(Originally on Twitter: Fri Nov 02 21:51:39 +0000 2012)

RT @DidierStevens: And we have putty.xls http://twitpic.com/b9r3x0

(Originally on Twitter: Fri Nov 02 22:42:53 +0000 2012)

http://www.photographyisnotacrime.com/2012/10/30/creepy-cameraman-reemerges-as-surveillance-camera-man/ “ citizens do not mind being video recorded by surveillance cameras, but take great issue when recorded by strangers.”

(Originally on Twitter: Sun Nov 04 18:12:13 +0000 2012)

@bortzmeyer Using the money invested in quaero to fund 100 start-ups and maybe one will give better result than quaero. #startup

(Originally on Twitter: Sun Nov 04 18:29:11 +0000 2012)

RT @pretorienx: my latest slides on PE malformations, presented at #hashdays http://www.slideshare.net/ange4771/ange-albertini-hashdays2012extended http://corkami.googlecode.com/files/ange_albertini_hashdays_2012.zip @ange4771

(Originally on Twitter: Sun Nov 04 18:44:01 +0000 2012)

@fredraynal has many friends even John Draper ok… friend is a big word in this case ;-) http://sid.rstack.org/gallery/?galerie=201210_KualaLumpur&photo=53&exif_style=&show_thumbs=

(Originally on Twitter: Mon Nov 05 18:56:38 +0000 2012)

RT @opendns: OpenDNS is looking for: Software Engineer (Researcher) http://jobvite.com/m?3VTxAfwF #job

(Originally on Twitter: Mon Nov 05 21:37:14 +0000 2012)

@rysiekpl he just does statistics…

(Originally on Twitter: Mon Nov 05 21:45:26 +0000 2012)

I open this bug report in 2008 -> https://bugs.launchpad.net/ubuntu-website/+bug/241305/ Could you enable ipv6 for http://security.ubuntu.com? #ipv6 #security #ubuntu @canonical

(Originally on Twitter: Tue Nov 06 14:56:50 +0000 2012)

RT @hodgman: Remember: it is more important that there is a federal holiday for deceased presidents than a day off to allow you to elect …

(Originally on Twitter: Tue Nov 06 16:08:41 +0000 2012)

RT @mattblaze: Touchscreen machines that “flip” votes are prob a fixable calibration problem. Wrote this 4 yrs ago, still applies: http: …

(Originally on Twitter: Tue Nov 06 16:16:09 +0000 2012)

RT @uscert_gov: Security Updates Available for Adobe Flash Player: http://1.usa.gov/YTJosn

(Originally on Twitter: Tue Nov 06 22:08:44 +0000 2012)

Paper and pencil are king for voting… especially when you see the calibration mess of a touchscreen in US. http://thenextweb.com/shareables/2012/11/06/reddit-user-captures-video-of-2012-voting-machines-altering-votes/

(Originally on Twitter: Tue Nov 06 22:15:35 +0000 2012)

http://www.ei.rub.de/media/emma/veroeffentlichungen/2012/11/01/TR-HGI-2012-001.pdf “Down to the Bare Metal: Using Processor Features for Binary Analysis” branch tracing on x86 #malware #

(Originally on Twitter: Tue Nov 06 22:18:59 +0000 2012)

RT @circl_lu: http://www.group-ib.com/index.php/7-novosti/672-group-ib-us-zero-day-vulnerability-found-in-adobe-x “Group-IB US: Zero-day vulnerability found in Adobe X” #infosec #malware #blackhole

(Originally on Twitter: Thu Nov 08 14:58:58 +0000 2012)

RT @MatthiasStrubel: #piratebox in #mesh with running #forban http://www.youtube.com/watch?v=9qrLpEx8NUU

(Originally on Twitter: Sat Nov 10 09:57:22 +0000 2012)

@bortzmeyer Cool, c’est la première étape avant d’utiliser #Forban sur son téléphone. http://www.foo.be/forban/ #p2p #partage

(Originally on Twitter: Sat Nov 10 14:46:16 +0000 2012)

@followjuke Par défaut cela utilise tout l’espace disque disponible mais l’option “maxsize = 0” permet de limiter pour un espace donné

(Originally on Twitter: Sat Nov 10 15:36:15 +0000 2012)

@followjuke non pas encore. C’est “first seen first serve” mais cela fonctionne assez bien pour une majorité des réseaux locaux éphémères.

(Originally on Twitter: Sat Nov 10 16:01:42 +0000 2012)

@wimremes You’re welcome. Thanks for your work on cve-search too. Some patches might come in a near future. https://github.com/adulau/cve-search

(Originally on Twitter: Sun Nov 11 00:02:08 +0000 2012)

RT @halvarflake: http://ensiwiki.ensimag.fr/images/e/e8/GreHack-2012-talk-Kostya_Kortchinsky_Crypt0ad_-10_years_later_which_in_memory_vulnerabilities_still_matter.pdf

(Originally on Twitter: Mon Nov 12 15:18:27 +0000 2012)

If you google for MSRT (the malicious removal tool from Microsoft), check the second link. No worries. it’s just pure coincidence. #infosec

(Originally on Twitter: Mon Nov 12 15:39:00 +0000 2012)

I discovered in the train about the quality of a slashdot comment is usually higher than those “articles” in the train’s press. #media

(Originally on Twitter: Mon Nov 12 20:28:14 +0000 2012)

RT @maxime_tz: The slides of our #hacklu talk “Insecurity of security equipments” are finally online! http://2012.hack.lu/archive/2012/Hack.lu%202012%20-%20Insecurity%20of%20security%20equipments%20-%20Eric%20Chassard%20&%20Maxime%20Clementz.pdf

(Originally on Twitter: Tue Nov 13 21:21:40 +0000 2012)

http://blogs.lexpress.fr/media/2012/11/13/filippetti-preempte-une-partie-du-fonds-darchives-photos-de-france-soir/ A good initiative but I hope they will move the photos to #wikipedia / #wikimedia commons…

(Originally on Twitter: Tue Nov 13 21:53:52 +0000 2012)

RT @rommelfs: Literally 0-byte exploit eats up CPU, but “it still can be terminated via the task manager”. #microsoft #security “Not a v …

(Originally on Twitter: Tue Nov 13 21:54:28 +0000 2012)

@rommelfs What’s the impact on the PRNG (CryptGenRandom)? Some entropy sources come from CPU registers TSC or processor state…

(Originally on Twitter: Tue Nov 13 22:05:26 +0000 2012)

RT @Dinosn: CVE-2012-5076 Java sample from “Cool” exploit pack http://contagiodump.blogspot.com/2012/11/cve-2012-5076-java-sample-from-cool.html

(Originally on Twitter: Thu Nov 15 07:28:32 +0000 2012)

https://github.com/jbremer/pyasm2 An x86 assembler library with Intel-like assembly syntax, with sequences of instructions and label. A good meta-asm?

(Originally on Twitter: Sat Nov 17 13:22:59 +0000 2012)

RT @circl_lu: http://www.freebsd.org/news/2012-compromise.html “http://FreeBSD.org intrusion announced November 17th 2012” if you are using FreeBSD check/audit yo …

(Originally on Twitter: Sat Nov 17 15:36:20 +0000 2012)

RT @tomchop_: CVE-2012-5076 included in #BlackHole and many others - http://malware.dontneedcoffee.com/2012/11/cve-2012-5076-massively-adopted.html #exploitkit #malware

(Originally on Twitter: Sat Nov 17 23:38:59 +0000 2012)

After some hours of train… http://www.nytimes.com/2012/11/18/opinion/sunday/the-quiet-ones.html?pagewanted=all

(Originally on Twitter: Mon Nov 19 06:43:23 +0000 2012)

“Trusted Automated eXchange of Indicator Information” https://taxii.mitre.org/ tons of specification but where is the code? #infosec

(Originally on Twitter: Tue Nov 20 13:04:04 +0000 2012)

RT @peakscale: “The problem of viruses is temporary and will be solved in two years.” - John McAfee, 1988

(Originally on Twitter: Wed Nov 21 14:28:46 +0000 2012)

“Socket Error #0: unknown error (_ssl.c:2158)” This very useful message error from Python 3 SSL binding just means your PEM file sucks…

(Originally on Twitter: Wed Nov 21 14:30:48 +0000 2012)

@gyust connect but when reading the trust chain from a local PEM file.

(Originally on Twitter: Wed Nov 21 14:54:52 +0000 2012)

RT @DidierStevens: New blogpost “Update: AnalyzePESig Version 0.0.0.2” http://bit.ly/Ug6S8q

(Originally on Twitter: Wed Nov 21 14:55:12 +0000 2012)

http://wiki.rmll.be/index.php/Communiqu%C3%A9_du_22_novembre The next “Libre Software Meeting 2013” (6-13 July 2013) will be in Bruxelles. #freesoftware #belgium #belgique

(Originally on Twitter: Thu Nov 22 16:33:12 +0000 2012)

RT @radareorg: Fixed the x86-16 default analysis plugin (use udis86 as fallback). Go disasm your BIOS!

(Originally on Twitter: Thu Nov 22 17:11:12 +0000 2012)

https://github.com/agl/pond “Pond (Or, how to better organize a discreet relationship with the Director of the CIA.)” #crypto software to review?

(Originally on Twitter: Thu Nov 22 21:56:28 +0000 2012)

Today I was filling one of those form to submit a project and they asked which programming methodology, I wrote http://programming-motherfucker.com/

(Originally on Twitter: Thu Nov 22 22:13:51 +0000 2012)

http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages-00 “Virtual Private Network (VPN) traffic leakages in dual-stack hosts/networks” #ipv6 #ipv4 #infosec

(Originally on Twitter: Fri Nov 23 14:42:27 +0000 2012)

@wimremes I did some updates to cve-search enjoy https://github.com/adulau/cve-search/ #infosec #cve #vulnerability

(Originally on Twitter: Fri Nov 23 19:57:28 +0000 2012)

RT @thegrugq: @Dymaxion then they’re fucked. High value targets w/ general purpose computers and no security expertise?

(Originally on Twitter: Fri Nov 23 20:01:50 +0000 2012)

RT @Dymaxion: @thegrugq Oh, right. I forgot. The security community is interested in cool problems, not humans.

(Originally on Twitter: Fri Nov 23 20:04:01 +0000 2012)

@Dymaxion @thegrugq “You can’t get rid of the “bad” parts of technology and retain only the “good” parts.” as Ted Kaczynski would said…

(Originally on Twitter: Fri Nov 23 20:15:46 +0000 2012)

Why do you always feel like that when you are fixing a bug in a cryptographic function? http://www.flickr.com/photos/adulau/7815330644 #crypto #infosec

(Originally on Twitter: Sat Nov 24 09:26:45 +0000 2012)

I didn’t know that @esrtweet is against diversity in computer languages… pretty strange. #git http://permalink.gmane.org/gmane.comp.version-control.git/210329

(Originally on Twitter: Sun Nov 25 13:20:22 +0000 2012)

just added a ranking functionality in cve-search to classify/dispatch your vulnerable configuration #cve http://adulau.github.com/cve-search/ @wimremes

(Originally on Twitter: Sun Nov 25 14:01:55 +0000 2012)

@wimremes As you like, you know it’s git so it’s distributed ;-) just let me know if I should regularly pull. Thank you for your work too.

(Originally on Twitter: Sun Nov 25 14:13:53 +0000 2012)

@jaysonstreet no worries, we are waiting for you at #hacklu 2013… I’m sure everything will be fine.

(Originally on Twitter: Sun Nov 25 17:23:41 +0000 2012)

http://blog.hansenpartnership.com/adventures-in-microsoft-uefi-signing/ “Adventures in Microsoft UEFI Signing” interesting reading… #x509 #infosec

(Originally on Twitter: Mon Nov 26 20:48:28 +0000 2012)

Preparing the honeypot courses I’m giving the next weeks, I’m wondering if this academic year would be more or less offensive…

(Originally on Twitter: Tue Nov 27 21:30:56 +0000 2012)

RT @dragosr: Short Version: CanSecWest CFP open now, deadline Dec. 14 (secwest13@cansecwest.com) Conf Mar 6-8 2013 (Dojo Mar 2-5) More t …

(Originally on Twitter: Tue Nov 27 21:44:00 +0000 2012)

@cokebottle The students have to write their own honeypot but also abuse them. To see the security duality of software ;-)

(Originally on Twitter: Tue Nov 27 21:45:04 +0000 2012)

@elise_huard It’s even quite common to do to find sensitive documents. Digging in a dustbin doesn’t mean that you are homeless. #infosec

(Originally on Twitter: Wed Nov 28 10:07:18 +0000 2012)

@ochsff Does the IDB database snapshot help a little bit? You can enable the automatic snapshot in the “database snapshot manager”. #ida

(Originally on Twitter: Wed Nov 28 13:15:43 +0000 2012)

I don’t why but that’s the week of fixing code from one version to another. Python 2 to Python 3, K&R C to C99 and now an obscure Perl shit.

(Originally on Twitter: Wed Nov 28 21:28:56 +0000 2012)

http://www.renesys.com/blog/2012/11/syria-off-the-air.shtml “Syrian Internet Is Off The Air”

(Originally on Twitter: Thu Nov 29 14:11:25 +0000 2012)

RT @circl_lu: http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html Chrome version 23.0.1271.91 released fixing CVE-2012-5130 -> CVE-2012-5136 #infosec

(Originally on Twitter: Thu Nov 29 14:32:56 +0000 2012)

RT @41414141: #deepsec turns into “cyberwar” term definition con, which is a good thing. Where are the diplomats that need to hear this?

(Originally on Twitter: Thu Nov 29 14:35:30 +0000 2012)

Offensive software is just a software where you forgot about a functionality. Hmmm it’s a kind of bug? -> so everything can be offensive.

(Originally on Twitter: Thu Nov 29 16:23:09 +0000 2012)

git should be teach in CS courses just like advanced data structures courses or any algorithmics courses. #git #futureishere

(Originally on Twitter: Thu Nov 29 22:31:48 +0000 2012)

@bortzmeyer Je ne savais que le W3C était hébergé en Syrie… #syria #w3c

(Originally on Twitter: Thu Nov 29 22:35:20 +0000 2012)

https://github.com/mandiant/Reversing/blob/master/shellcode_hashes/make_sc_hash_db.py Computes common shellcode hashes in a DB that can be looked-up in IDA later on. #reversing #malware

(Originally on Twitter: Fri Nov 30 06:37:11 +0000 2012)

RT @mattblaze: Disclosure is also consistent with the scientific/academic ethic. Why should security have different rules from the rest …

(Originally on Twitter: Fri Nov 30 18:54:32 +0000 2012)

RT @inliniac: Created a template #Suricata packet inspection plugin and documented it here: https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Packet_Inspection_Module Feedback appreciated!

(Originally on Twitter: Fri Nov 30 21:22:18 +0000 2012)

http://www.flickr.com/photos/adulau/8233536808/ Sometime you can be scared by a poster street-art… #streetart #poster

(Originally on Twitter: Fri Nov 30 21:41:49 +0000 2012)

Just a got a notification from Google scholar about malware publication and all of them are US patents. Grrr… research papers ≠ patents.

(Originally on Twitter: Sat Dec 01 08:37:39 +0000 2012)

@wimremes Yes on malware detection like US 8,321,910 US 8,321,942 US 8,321,910… but often it’s just lawyer talks and not really useful

(Originally on Twitter: Sat Dec 01 08:56:36 +0000 2012)

RT @Regiteric: Documented the interaction with #suricata via unix socket: a user guide https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Interacting_via_Unix_Socket and a devel guide https://t …

(Originally on Twitter: Sat Dec 01 09:54:50 +0000 2012)

@wimremes you might enjoy this project proposal for a small group of my student http://www.foo.be/cours/dess-20122013/#_automatic_vulnerability_assessment_from_network_capture_1 I hope they’ll do something useful.

(Originally on Twitter: Sat Dec 01 10:18:38 +0000 2012)

RT @olesovhcom: #ArcelorMittal s’engage d’investir 180Me sur 5 ans. #Ovh investit naturellement 180Me en 2 ans.

(Originally on Twitter: Sat Dec 01 12:11:59 +0000 2012)

@hackerjoe Thank you. Hope to see you at hack.lu 2013 or even before at #OHM 2013 #hacklu cc: @wimremes

(Originally on Twitter: Sat Dec 01 12:25:08 +0000 2012)

@hackerjoe Interesting if you have the time to push it on #github I’ll have a look at it. #ctf #pcap cc @wimremes

(Originally on Twitter: Sat Dec 01 12:33:43 +0000 2012)

RT @hackerjoe: @adulau @wimremes actually @invisig0th built my pcap decodes into vstruct, its included in vdb and vivisect, look for pca …

(Originally on Twitter: Sun Dec 02 08:45:18 +0000 2012)

@invisig0th Tested a bit VDB, a very nifty and cool binary reversing framework in Python http://visi.kenshoto.com/ #reversing @hackerjoe

(Originally on Twitter: Sun Dec 02 09:20:55 +0000 2012)

There is a nice fork of VDB from @fitblip https://github.com/Fitblip/vdb-fork including some bug fixes and a documentation #reversing http://fitblip.github.com/vdb-fork/

(Originally on Twitter: Sun Dec 02 09:23:06 +0000 2012)

RT @mjg59: Microsoft-signed bootloader for all free operating systems available here: http://www.codon.org.uk/~mjg59/shim-signed/ - details at http://mjg59.dreamwidth.org/20303.html

(Originally on Twitter: Sun Dec 02 09:36:45 +0000 2012)

@pocket why don’t you support the Kindle by just sending an email to the kindle address with a daily summary? thank you

(Originally on Twitter: Mon Dec 03 20:18:32 +0000 2012)

@DennisRand looks like an RFP for Tor v2. “selecting optimal nodes in a cyber battlespace [] entry nodes, target nodes, & nodes to avoid.”

(Originally on Twitter: Mon Dec 03 20:21:27 +0000 2012)

RT @joshsusser: If you don’t hate time zones, you’re not a real programmer.

(Originally on Twitter: Mon Dec 03 21:04:15 +0000 2012)

@sans_isc There are CVEs - CVE-2012-4561 CVE-2012-4560, CVE-2012-4562 and CVE-2012-6063 #libssh #vulnerabilities

(Originally on Twitter: Mon Dec 03 21:57:44 +0000 2012)

@DennisRand Yep that the link your RT ;-) “DARPA-BAA-13-02: Foundational Cyberwarfare (Plan X) “ https://www.fbo.gov/index?s=opportunity&mode=form&id=1bc45a18e1ba0763640824679d331e46&tab=core&_cview=0

(Originally on Twitter: Tue Dec 04 16:07:18 +0000 2012)

CVE-2007-3891 is back? I cannot believe it. If you have samples, you’ll get some chocolate ;-) #malware

(Originally on Twitter: Wed Dec 05 20:59:52 +0000 2012)

https://github.com/sensepost/Snoopy “Snoopy; a distributed tracking and profiling framework” #infosec #tracking #privacy

(Originally on Twitter: Thu Dec 06 19:50:47 +0000 2012)

RT @satefan: @doctorow The leaked ITU documents are great. They basically show that the cypherpunks movement needs to be revived in a bi …

(Originally on Twitter: Thu Dec 06 19:53:03 +0000 2012)

https://community.rapid7.com/community/infosec/blog/2012/12/06/skynet-a-tor-powered-botnet-straight-from-reddit “Skynet, a Tor-powered botnet straight from Reddit”

(Originally on Twitter: Fri Dec 07 06:07:34 +0000 2012)

Dropbox will be acquired by Google? No just Guido moving there for testing out the organization ;-) https://tech.dropbox.com/2012/12/welcome-guido/

(Originally on Twitter: Fri Dec 07 21:46:11 +0000 2012)

https://github.com/psychomario/ntlmsspparse “Parses ntlmssp netlm[v2] hashes out of a pcap” Not perfect but already a very good start… #ntlm #infosec

(Originally on Twitter: Sat Dec 08 09:06:55 +0000 2012)

released netbeacon - tools to monitor your network capture sys (e.g. honeypot monitoring, IDS) and check its accuracy http://adulau.github.com/netbeacon/

(Originally on Twitter: Sat Dec 08 13:11:47 +0000 2012)

RT @Dinosn: Most Effective Malware-Related Snort Signatures http://mtc.sri.com/live_data/signatures/

(Originally on Twitter: Sat Dec 08 13:29:37 +0000 2012)

http://www.flickr.com/photos/mattblaze/8248156713/ Nice pictures from @mattblaze “The Meeting is Classified” I’m wondering if the PIN of the confcall is classified ;-)

(Originally on Twitter: Sun Dec 09 10:34:58 +0000 2012)

@aumasson I enjoyed the quotes around “military-strength” and was thinking of the classical Snake Oil FAQ http://www.interhack.net/people/cmcurtin/snake-oil-faq.html#SECTION000511000000000000000

(Originally on Twitter: Sun Dec 09 10:57:18 +0000 2012)

@Regiteric @inliniac Have you ever compared the Endace DAG Card 9.2X2 versus an Intel X540-T2 network card on Suricata? thx #suricata

(Originally on Twitter: Sun Dec 09 15:26:24 +0000 2012)

Not #infosec this time but just a photography of a metal cat guarding a garden http://www.flickr.com/photos/adulau/8257173175/ #photography #belgium

(Originally on Twitter: Sun Dec 09 16:18:37 +0000 2012)

@inliniac @Regiteric Thank you. I wondering about the performance comparison for the both cards with Suricata.

(Originally on Twitter: Mon Dec 10 13:03:11 +0000 2012)

@inliniac Sure, I’ll try to get the latest Endace card. Is there an official set of PCAP files for testing Suricata?

(Originally on Twitter: Mon Dec 10 13:06:18 +0000 2012)

If someone asked me again about prediction about information security in 2013, I will run over you with a very large fragmented IP packet.

(Originally on Twitter: Mon Dec 10 18:42:58 +0000 2012)

@snazmeister Both and also with random option headers…

(Originally on Twitter: Mon Dec 10 18:48:15 +0000 2012)

@snazmeister A good fight is usually better than a “cyberwar” because no one knows what’s behind this term ;-) #infosec #cyberBS

(Originally on Twitter: Mon Dec 10 19:01:28 +0000 2012)

@xme Yes, you are right ;-) A prediction to overwrite the other prediction. Wait that’s the bitwise AND 0 prediction.

(Originally on Twitter: Mon Dec 10 19:19:53 +0000 2012)

@britram Thanks for yaf. It’s a great piece of software. http://tools.netsa.cert.org/yaf/yaf.html #infosec #netflow #ipfix

(Originally on Twitter: Mon Dec 10 21:08:16 +0000 2012)

did a quick-and-dirty set of posters to state the Traffic Light Protocol classification for your physical meetings https://github.com/adulau/tlp-meeting

(Originally on Twitter: Mon Dec 10 21:51:49 +0000 2012)

RT @Kaplan_CERTat: @adulau hehe… or even worse: a half corrupt IP packet which creates side effects in layer 2: http://www.youtube.com/watch?v=euMHlV6MNqs

(Originally on Twitter: Mon Dec 10 21:56:40 +0000 2012)

http://arxiv.org/abs/1210.1847 “we have taken seriously the possibility that our universe is a numerical simulation” Just left the simulated train…

(Originally on Twitter: Tue Dec 11 07:11:09 +0000 2012)

http://www.w3.org/TR/2012/CR-eventsource-20121211/ So a replacement for “XMLHttpRequest” where the server is pushing messages to the client. I see many uses… #infosec

(Originally on Twitter: Tue Dec 11 19:31:37 +0000 2012)

Maybe we should mention to the totalitarian regime in Syria that they should purchase a “Bypass Switch” from netoptics to avoid L2 issue….

(Originally on Twitter: Tue Dec 11 20:56:34 +0000 2012)

RT @esizkur: I seldomly praise defensive papers in computer security. This is one of them: http://eprint.iacr.org/2012/579.pdf

(Originally on Twitter: Wed Dec 12 19:58:52 +0000 2012)

RT @holman: I hate meetings. http://zachholman.com/posts/chat/

(Originally on Twitter: Wed Dec 12 20:17:05 +0000 2012)

RT @_saadk: #DFIR “Fighting Back Malware with IOC & YARA” slides have been published by @OSSIRFrance http://www.ossir.org/paris/supports/2012/2012-12-11/Saad_Kadhi-FBMWIAY-OSSIR_Paris-20121211.pdf 1/2

(Originally on Twitter: Thu Dec 13 17:04:42 +0000 2012)

http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs/ “Btrfs CRC32C denial of service issues” #crypto #hashing

(Originally on Twitter: Thu Dec 13 21:13:01 +0000 2012)

RT @malwarelu: We made two reverse engineering challenges, we can download them here: http://www.malware.lu/hackgyver/hackgyver.zip

(Originally on Twitter: Thu Dec 13 22:18:30 +0000 2012)

@Pinboard Wonderful idea… I couldn’t resist to post it on HN… #startup #do

(Originally on Twitter: Fri Dec 14 20:32:58 +0000 2012)

RT @ilfak: IDA 6.4 is going to beta today. If you are willing to participate, send us an email!

(Originally on Twitter: Fri Dec 14 21:23:23 +0000 2012)

http://blog.icann.org/2012/12/d-root/ “D-root is changing its IPv4 address on 3 January 2013”

(Originally on Twitter: Fri Dec 14 21:43:06 +0000 2012)

Grrrrr, I’ll miss #29c3 and especially the talk from djb, Nadia Heninger and @hyperelliptic about RSA factorization http://events.ccc.de/congress/2012/Fahrplan/events/5275.en.html

(Originally on Twitter: Sat Dec 15 13:18:01 +0000 2012)

@JeffreyWWalter The old IP address will stay for 6 months… so systems including the old root IP address have 6 months to update.

(Originally on Twitter: Sat Dec 15 13:26:58 +0000 2012)

RT @craiu: The #Duqu CVE-2011-3402 exploits are spiking all over the web, 40000 reports so far, +5000 new per day in average.

(Originally on Twitter: Sun Dec 16 09:32:15 +0000 2012)

http://notary.icsi.berkeley.edu/trust-tree/ “the relationship between the root-CAs of the Mozilla root-store and their intermediates” #x509 #infosec #infovis

(Originally on Twitter: Sun Dec 16 09:36:59 +0000 2012)

@Thoreau_Assis On peut pas dire que Henry Thoreau voulait payer des impôts ;-) Surtout pour le financement d’un état esclavagiste… #free

(Originally on Twitter: Sun Dec 16 18:46:39 +0000 2012)

RT @quequero: Android #Carberp samples: http://contagiominidump.blogspot.it/2012/12/android-carberp.html interesting!

(Originally on Twitter: Sun Dec 16 18:54:47 +0000 2012)

Here is my definition of an experimental coding session who is going nowhere: git clone, n(git commit -a), make test and git reset –hard

(Originally on Twitter: Sun Dec 16 20:05:24 +0000 2012)

@rommelfs Never underestimate the growing capabilities of a rotten banana in your bag, it’s a nice sandbox for biological weapons.

(Originally on Twitter: Mon Dec 17 13:08:27 +0000 2012)

@rommelfs Do you know who is responsible for biological hazard in Luxembourg? I’m not sure they will move for bag with a rotten banana.

(Originally on Twitter: Mon Dec 17 13:11:39 +0000 2012)

http://ec.europa.eu/taxation_customs/resources/documents/taxation/vat/how_vat_works/e-services/press_notice_fr.pdf So in 2015, the VAT on “electronic” sales will be calculated from where the customer lives in Europe. I see loopholes.

(Originally on Twitter: Tue Dec 18 19:01:47 +0000 2012)

https://retractionwatch.wordpress.com/2012/12/11/elsevier-editorial-system-hacked-reviews-faked-11-retractions-follow/ “Elsevier editorial system hacked, reviews faked, 11 retractions follow” Another good reason to publish reviews…

(Originally on Twitter: Wed Dec 19 06:48:07 +0000 2012)

RT @joernchen: So according to http://www.timeanddate.com/countdown/maya?p0=155 the world ends in ~ 15 hours. You all should release all your 0day before. Just to s …

(Originally on Twitter: Thu Dec 20 20:20:29 +0000 2012)

Hi @Giribot https://github.com/MaStr/mkPirateBox-Forban Let me know if you need something else to run #Forban on your OpenWRT… enjoy. #p2p

(Originally on Twitter: Sat Dec 22 13:18:34 +0000 2012)

@PvdWalle You should open a ticket with @certbe about the @SNCBEurope data leak ASAP @cudeso @ddurvaux

(Originally on Twitter: Sat Dec 22 14:07:37 +0000 2012)

RT @JensenClan88: America had 11,000 gun-related homicides in 2008. Japan had 11. Does anyone know if they play video games in Japan?

(Originally on Twitter: Sat Dec 22 14:16:33 +0000 2012)

CVE-2012-4969 was reported to the vendor the 24th July 2012? http://packetstormsecurity.org/files/119030 Did I miss something?

(Originally on Twitter: Sat Dec 22 18:01:42 +0000 2012)

@OSVDB Right. I was comparing the CVE publishing date with http://adulau.github.com/cve-search/ and found a set around the same time. I probably mixed.

(Originally on Twitter: Sat Dec 22 18:58:04 +0000 2012)

@tricaud en tongues? J’espère que notre ami l’ours était à la piscine durant la coupe de la pelouse ;-)

(Originally on Twitter: Sat Dec 22 22:33:00 +0000 2012)

@thegrugq I suppose the synonym for “Ent. Security” is “Oh, those workstations over there, they don’t have access to Internet, it’s safe.”

(Originally on Twitter: Sat Dec 22 22:36:52 +0000 2012)

@tricaud So you cooked #pedobear in a large pot, you are definitely more crazy than I thought. #infosecbbq

(Originally on Twitter: Sat Dec 22 22:40:08 +0000 2012)

RT @darrenpauli: Netzob - one of the most advanced tools to help reversers with undocumented protocols http://www.netzob.org & slides …

(Originally on Twitter: Sat Dec 22 22:53:53 +0000 2012)

@LibraryThing Could we sponsor LibraryThing to extend the Android application “Book Catalogue” http://www.librarything.com/topic/121348#3768123 ?

(Originally on Twitter: Sun Dec 23 10:29:51 +0000 2012)

@xme The clever part of the various groups doing ransomware is to play with the shame. Victims often refuse to give their PC for analysis.

(Originally on Twitter: Sun Dec 23 17:21:06 +0000 2012)

@GiriBot For an explanation of the three Forban modes: opportunistic, shared or passive. Slides 7+ on http://www.foo.be/haxogreen2012/forban-general.pdf #p2p

(Originally on Twitter: Mon Dec 24 09:25:39 +0000 2012)

@Giribot the passive mode: you just sniff passively for Forban announce message ( check sample tcpdump script in https://github.com/adulau/Forban/blob/master/bin/bash-forban/bforban.sh )

(Originally on Twitter: Mon Dec 24 09:36:34 +0000 2012)

@GiriBot FYI, #Forban is also able to run on the #raspberrypi with the default image (including Python). The first test was on a #OLPC

(Originally on Twitter: Mon Dec 24 10:03:29 +0000 2012)

@williballenthin started to work on a pure Python EVTX (the new EVT in a binary XML format) parser… https://github.com/williballenthin/python-evtx looks promising

(Originally on Twitter: Mon Dec 24 11:33:28 +0000 2012)

After 15 years, GnuPG 1.4.13 has been released and includes the old cipher IDEA because the patents finally expired. http://lists.gnupg.org/pipermail/gnupg-announce/2012q4/000319.html

(Originally on Twitter: Mon Dec 24 12:13:48 +0000 2012)

@carmelo Oui mais #begov n’a pas encore compris que le format était important pour partager des données. cf ex. AFSCA http://data.gov.be/fr/idea/resultats-des-controles-afsca

(Originally on Twitter: Mon Dec 24 12:19:57 +0000 2012)

RT @halvarflake: The NRA is right, and instead of security control at an airport, everybody should get a gun upon boarding. Business gla …

(Originally on Twitter: Mon Dec 24 12:33:40 +0000 2012)

@SteveClement So you did a holy upgrade of OpenBSD ;-)

(Originally on Twitter: Mon Dec 24 17:49:07 +0000 2012)

@SteveClement Do you know if softflowd or YAF still work with 5.2? #netflow #infosec

(Originally on Twitter: Mon Dec 24 18:06:10 +0000 2012)

I just released Forban 0.0.34 it’s a bug fix release http://www.foo.be/forban/ https://github.com/adulau/Forban #p2p #forban #sharing

(Originally on Twitter: Tue Dec 25 12:47:42 +0000 2012)

@olesovhcom As-tu essayé le Luxembourg pour la construction d’un DC?

(Originally on Twitter: Tue Dec 25 17:03:58 +0000 2012)

RT @i0n1c: @0xabad1dea if people leave a project just because someone virtually yells at them then they are most probably better off in …

(Originally on Twitter: Tue Dec 25 18:22:54 +0000 2012)

@Calimaq Pourquoi un cauchemar? C’est plutôt une bonne nouvelle. Une mise en valeur de la culture fait vendre plus de culture… #forban

(Originally on Twitter: Tue Dec 25 20:56:44 +0000 2012)

RT @Shpantzer: It’s cool, I mapped the covert channels used for exfil to an ISO 27002 security control objective! We should be safe now …

(Originally on Twitter: Tue Dec 25 21:04:37 +0000 2012)

https://github.com/snarez/ida-efiutils “Some scripts for IDA Pro to assist with reverse engineering EFI binaries” #reversing #ida #efi #infosec

(Originally on Twitter: Tue Dec 25 21:08:43 +0000 2012)

http://arxiv.org/abs/1212.6177 “How Much of the Web Is Archived?” Interesting maybe “How Much of the infected Web is Archived” might be also useful…

(Originally on Twitter: Thu Dec 27 10:08:20 +0000 2012)

http://dnsviz.net/d/af.mil/dnssec/ “Expiration:2012-12-26 19:03:49 UTC (13 hours, 16 minutes in the past)” now I can disable the validating resolver

(Originally on Twitter: Thu Dec 27 16:03:14 +0000 2012)

http://www.mlsec.org/malheur/ New release of Malheur (automatic classification of malware based on malware behaviour) version 0.5.3 #malware #infosec

(Originally on Twitter: Fri Dec 28 09:37:48 +0000 2012)

RT @daviddarts: Testers needed for newest PirateBox release with mesh networking (powered by Forban) http://bit.ly/Un2Uwg

(Originally on Twitter: Fri Dec 28 21:36:09 +0000 2012)

@daviddarts For direct Forban bug reports, https://github.com/adulau/Forban you can open an issue in GitHub. Thank you very much. #p2p #Forban

(Originally on Twitter: Fri Dec 28 21:37:57 +0000 2012)

Another perspective to a malicious laboratory http://www.flickr.com/photos/adulau/8320720779/ quite old style… #belgium

(Originally on Twitter: Sat Dec 29 11:55:51 +0000 2012)

RT @ChristiaanBeek: Metasploit: Added module for CVE-2012-4792 http://feedproxy.google.com/~r/metasploit/development/~3/71T4fnKJmJg/6cb9106218bde56fc5e8d72c66fbba9f11c24449 (Internet Explorer CDwnBindInfo Object Use-After-Fre …

(Originally on Twitter: Sun Dec 30 07:42:15 +0000 2012)

Can we have a new year resolution for A/V vendor to make easy to pronounce malware names? BKDR_JAVAWAR.JG #malware

(Originally on Twitter: Sun Dec 30 09:05:03 +0000 2012)

@jweyrich Correct and based on some fuzzy matching logic. #malwarenaming

(Originally on Twitter: Sun Dec 30 09:18:03 +0000 2012)

Donc le #CSPLA n’aime pas les licences libres pour les photos? Et aussi les photos libres en CC sur flickr? #wtf http://static.pcinpact.com/images/bd/news/125406.png

(Originally on Twitter: Mon Dec 31 11:01:44 +0000 2012)

@FredericJacobs Are you sure it’s a good idea to allow email look-up in the SNCB leak to get back first and last name? An ACK is enough.

(Originally on Twitter: Tue Jan 01 08:01:01 +0000 2013)

RT @letoams: The ARPANET transitioned to TCP/IP on 1 January 1983. That was 30 years ago http://www.rfc-editor.org/rfc/rfc801.txt Happy death anniversary to …

(Originally on Twitter: Tue Jan 01 09:58:17 +0000 2013)

RT @_sinn3r: CVE-2012-4792 fix-it now available: http://support.microsoft.com/kb/2794220

(Originally on Twitter: Tue Jan 01 10:40:01 +0000 2013)

@FredericJacobs Cool and thanks for your work.

(Originally on Twitter: Tue Jan 01 11:01:15 +0000 2013)

https://bugzilla.redhat.com/show_bug.cgi?id=891142 “CVE-2012-6085 GnuPG: read_block() corrupt key input validation” #security #pgp -> upgrade to gnupg 1.4.13

(Originally on Twitter: Wed Jan 02 08:03:17 +0000 2013)

@xme http://labs.adobe.com/technologies/swfinvestigator/ “Adobe SWF Investigator” might help you. #infosec

(Originally on Twitter: Wed Jan 02 08:13:09 +0000 2013)

RT @mrkoot: Self-propagating heap-memory crawler in x86-64 Linux assembly (Jan 1) http://pastebin.com/rtGeDEmC

(Originally on Twitter: Wed Jan 02 11:11:29 +0000 2013)

RT @FredericJacobs: #SNCBGate Lookup tool gathered 45861 visitors on Monday and Tuesday. I don’t track any other stats. Not logging the …

(Originally on Twitter: Wed Jan 02 11:21:23 +0000 2013)

RT @y0m: Forensic Challenge 13 – “A Message in a Picture“ - https://www.honeynet.org/challenges/2012_13_message_picture

(Originally on Twitter: Wed Jan 02 11:22:26 +0000 2013)

added full-text indexing to cve-search http://adulau.github.com/cve-search/ relying on Whoosh cc: @wimremes #infosec #security #cve

(Originally on Twitter: Wed Jan 02 18:53:30 +0000 2013)

RT @volatility: @vietwow sorry, we don’t maintain ssdt_ex anymore, but most of the code you’d need to implement for >= 2.0 is in ssdt …

(Originally on Twitter: Wed Jan 02 20:02:47 +0000 2013)

A proposal statement to the communication manager at #SNCB -> “We did an error, we will inform the users and will support our IT to improve”

(Originally on Twitter: Wed Jan 02 20:36:19 +0000 2013)

Does someone already work a bit on the security assessment of the owncloud software? http://owncloud.org/ #infosec #security #cloud

(Originally on Twitter: Thu Jan 03 13:36:17 +0000 2013)

http://googleonlinesecurity.blogspot.be/2013/01/enhancing-digital-certificate-security.html “mistakenly issued two intermediate CA certificates to organizations that should have regular SSL certificates.” Aie…

(Originally on Twitter: Thu Jan 03 20:57:10 +0000 2013)

http://technet.microsoft.com/en-us/security/advisory/2798897 “Fraudulent Digital Certificates Could Allow Spoofing”

(Originally on Twitter: Thu Jan 03 21:02:30 +0000 2013)

@dakami @BinaryParadox Another option would be to run havege(d) on the Android device. #prng #seeding

(Originally on Twitter: Fri Jan 04 16:21:40 +0000 2013)

@dakami @BinaryParadox I first discovered the effect when I saw on a production SSL/TLS server running out of entropy after a simple DoS.

(Originally on Twitter: Fri Jan 04 16:35:59 +0000 2013)

@jepoirrier Thanks to diesel for powering the GSM base station…

(Originally on Twitter: Sat Jan 05 19:45:43 +0000 2013)

@wimremes A per vendor RSS feed. Sure I can add it but the CPE classification might be confused… http://adulau.github.com/cve-search/ cc: @RSnake

(Originally on Twitter: Sat Jan 05 21:07:08 +0000 2013)

English Letter Frequency Counts: Mayzner Revisited http://norvig.com/mayzner.html

(Originally on Twitter: Sun Jan 06 07:56:42 +0000 2013)

RT @BenLaurie: OpenSSL moves to git:

git clone git://openssl.net/openssl

Possibly in flux for a while, but … enjoy.

And Happy New Year!

(Originally on Twitter: Sun Jan 06 21:52:48 +0000 2013)

http://wiki.debian.org/DebianWiki/SecurityIncident2012 “Security breach on the Debian wiki” “The attacker(s) stole the email and password hashes of Debian wiki users”

(Originally on Twitter: Mon Jan 07 10:16:12 +0000 2013)

@quinnnorton http://arxiv.org/abs/1207.2683 “IP over Voice-over-IP for censorship circumvention” At least a prototype exists…

(Originally on Twitter: Mon Jan 07 10:52:30 +0000 2013)

RT @moxie: A surprising number of young people have been contacting me to ask for career advice recently. Here are my suggestions: http: …

(Originally on Twitter: Mon Jan 07 21:07:49 +0000 2013)

Music for the #infosec people especially while coding http://www.youtube.com/watch?feature=player_embedded&v=g72AaWagoLY#!

(Originally on Twitter: Mon Jan 07 22:05:30 +0000 2013)

@DennisRand Do you know what’s the role of the ECC (European Cybercrime Centre)? is that a centralized law-enforcement agency in Europe?

(Originally on Twitter: Thu Jan 10 09:30:04 +0000 2013)

@Janet_LegReg IMHO, The best for risk mitigation is to ditch #BYOD in any corporate #security

(Originally on Twitter: Thu Jan 10 12:29:21 +0000 2013)

@Janet_LegReg Right but I still think that #BYOD and the #security of internal critical assets are inherently incompatible.

(Originally on Twitter: Thu Jan 10 13:42:18 +0000 2013)

RT @circl_lu: http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/ “New year, new Java zeroday!” #java #security this exploit works on fully-patched Java…

(Originally on Twitter: Thu Jan 10 14:10:08 +0000 2013)

RT @metasploit: In case you haven’t seen it, the Ruby on Rails module is now available for #Metasploit: http://r-7.co/VSbX6a Update your …

(Originally on Twitter: Thu Jan 10 16:21:14 +0000 2013)

@wimremes http://www.nianticproject.com/ I’m wondering if the SQLi are part of the game? #ingress

(Originally on Twitter: Thu Jan 10 17:02:47 +0000 2013)

http://gaurangkp.wordpress.com/2013/01/09/nokia-https-mitm/ “Nokia’s MITM on HTTPS traffic from their phone” #infosec #security

(Originally on Twitter: Thu Jan 10 22:24:21 +0000 2013)

RT @EKwatcher: Looks like Cool EK is also including the IE 8 0-day exploit (CVE-2012-4972) similar to the one in Metasploit

(Originally on Twitter: Fri Jan 11 08:37:36 +0000 2013)

RT @SteveClement: Qqn. a des Information sur la Ligne 42 de l’SNCB?

Est-ce que le Luxembourg est touché aussi? #CFL

http://www.salm.be/Vielsalm-plan-d-investissement-de-la-SNCB-et-avenir-de-la-ligne-42-Liege-Gouvy-Luxembourg

(Originally on Twitter: Fri Jan 11 13:07:00 +0000 2013)

https://github.com/MITRECND/yaraprocessor “Yaraprocessor allows you to scan data streams via data streams in discrete chunks, or buffers. “ #yara #infosec

(Originally on Twitter: Fri Jan 11 13:16:54 +0000 2013)

RT @ioerror: It is absolutely soul crushing to learn that @aaronsw is dead: http://tech.mit.edu/V132/N61/swartz.html He will be missed by many; he was a won …

(Originally on Twitter: Sat Jan 12 19:22:13 +0000 2013)

RT @mattblaze: The @aaronsw JSTOR case is the only example I’m aware of of a computer crime case being prosecuted without the victim pre …

(Originally on Twitter: Sat Jan 12 19:22:17 +0000 2013)

Today, it’s not about malware analysis, infosec or anything like that… It’s just a set of trees http://www.flickr.com/photos/adulau/8377265638/in/photostream

(Originally on Twitter: Sun Jan 13 17:17:07 +0000 2013)

@csoghoian doing pseudo-free license limiting the fields of endeavor is a mistake. There are legal loopholes and FLOSS incompatibilities.

(Originally on Twitter: Sun Jan 13 19:04:11 +0000 2013)

RT @Netzob: Want an alphabet of relevant strings (byte/word n-grams) based on an unknown protocol? try Sally by @mlsec http://t.co/rbSDw …

(Originally on Twitter: Sun Jan 13 21:37:07 +0000 2013)

RT @virusbtn: Oracle has released JDK update 7u11, which fixes critical Java vulnerability CVE-2013-0422 discovered this week http://t.c …

(Originally on Twitter: Sun Jan 13 21:42:13 +0000 2013)

RT @mlsec: A quick intro to Sally has been recently published in JMLR: http://jmlr.csail.mit.edu/papers/volume13/rieck12a/rieck12a.pdf (JMLR is open access for years btw)

(Originally on Twitter: Sun Jan 13 21:45:34 +0000 2013)

RT @mattblaze: @Dymaxion @csoghoian I don’t think that’s actually the choice. Govts already participate in 0day markets.

(Originally on Twitter: Mon Jan 14 14:09:50 +0000 2013)

Nowadays, the random generators are mainly used for the malware attribution business… #infosec #security #redoctober

(Originally on Twitter: Mon Jan 14 21:23:19 +0000 2013)

http://www.ietf.org/id/draft-ietf-sidr-usecases-06.txt “Use Cases and Interpretation of RPKI Objects for Issuers and Relying Parties” #bgp #security

(Originally on Twitter: Tue Jan 15 10:14:27 +0000 2013)

http://honeyproxy.org/ “a man-in-the-middle SSL proxy & traffic analyzer” compatible with mitmproxy #infosec

(Originally on Twitter: Wed Jan 16 15:02:13 +0000 2013)

RT @headhntr: New Document shows German Federal Gov. purchase of Gamma’s #FinFisher / #FinSpy Trojan - https://netzpolitik.org/2013/geheimes-dokument-bundeskriminalamt-kauft-international-bekannten-staatstrojaner-finfisherfinspy-von-gamma/ (german) vi …

(Originally on Twitter: Wed Jan 16 15:47:03 +0000 2013)

RT @malwarelu: Our fourth article about #RedOctober here: http://code.google.com/p/malware-lu/wiki/en_malware_redoctober_cc our home made command & control in python! http://t.c …

(Originally on Twitter: Wed Jan 16 16:15:39 +0000 2013)

@malwarelu only calc.exe is executed ;-) I was expecting some obscure and random malware from your collection. #redoctober #fun

(Originally on Twitter: Wed Jan 16 16:18:14 +0000 2013)

@malwarelu for fun only, you could also play with TorInj and reinject it for the poor malware analyst using Tor ;-) http://www.foo.be/torinj/

(Originally on Twitter: Wed Jan 16 16:28:38 +0000 2013)

hack.lu 2013 will take place the 22-24 October 2013 - see you there ;-) @hack_lu #infosec #conference #hacklu

(Originally on Twitter: Thu Jan 17 11:00:08 +0000 2013)

RT @circl_lu: http://www.securelist.com/en/analysis/204792273/Red_October_Detailed_Malware_Description “ “Red October”. Detailed Malware Description 4. Second Stage of Attack” including the modules artef …

(Originally on Twitter: Thu Jan 17 14:56:43 +0000 2013)

RT @fpietrosanti: EU-funded project calls for transparency and accountability of use of surveillance systems http://www.federicoguerrini.com/english/ec-funded-project-calls-for-greater-transparency-and-accountability-re-use-of-surveillance-systems/ /cc @ …

(Originally on Twitter: Thu Jan 17 15:12:17 +0000 2013)

RT @circl_lu: http://seclists.org/fulldisclosure/2013/Jan/142 “[SE-2012-01] Java 7 Update 11 confirmed to be vulnerable” #infosec #java

(Originally on Twitter: Fri Jan 18 14:30:40 +0000 2013)

@BiellaColeman Maybe reseaulibre.ca should give a try to local p2p sharing with Forban? http://www.foo.be/forban/ #scs13

(Originally on Twitter: Fri Jan 18 20:35:57 +0000 2013)

RT @alcyonsecurity: Finally. My rejection mail for attending the #NCSC conference. Good thing there is an alternative: @ALTSNL

(Originally on Twitter: Fri Jan 18 21:16:07 +0000 2013)

RFC 3526 “More Modular Exponential (MODP) Diffie-Hellman groups” Can we still use the criteria for recent DH agreement? #crypto #infosec

(Originally on Twitter: Sat Jan 19 05:59:02 +0000 2013)

“Your 2048-bit RSA public / private key pair is now being created.” they should add “in the browser & we hope everything will be ok” #mega

(Originally on Twitter: Sun Jan 20 09:51:58 +0000 2013)

@jweyrich Right with “encrypted with a hash derived from the user’s login password.” I’m curious about the hashing function doing this.

(Originally on Twitter: Sun Jan 20 11:00:56 +0000 2013)

RT @zooko: “Publishing a Paper without the Code is Not Enough”—http://ur1.ca/cka1h (by a certain brilliant and delightful @ambimorph) # …

(Originally on Twitter: Sun Jan 20 19:53:58 +0000 2013)

@zooko @BrianKent @ambimorph http://www.d.umn.edu/~tpederse/Pubs/pedersen-last-word-2008.pdf A related paper (2008) “Empiricism Is Not a Matter of Faith”

(Originally on Twitter: Sun Jan 20 20:45:21 +0000 2013)

@bortzmeyer the DNS-lg is a good idea that would be a nice way to feed Passive DNS to have different views of key domain names.

(Originally on Twitter: Sun Jan 20 21:26:35 +0000 2013)

@novytweety If the data were very sensitive, shred it. Nowadays, I would recommend to create a new encrypted partition and then wipe it.

(Originally on Twitter: Mon Jan 21 07:20:49 +0000 2013)

Anyone organizing a PGP keysigning session at #NCSC2013 ? That would be useful.

(Originally on Twitter: Tue Jan 22 16:58:11 +0000 2013)

@lreerl The registration for #hacklu will just start after the #CFP (should be end February or early March). Hope to see you there.

(Originally on Twitter: Thu Jan 24 16:59:05 +0000 2013)

@ioerror you seem very concentrated while listening to a question about Tor at #ncsc2013. Thanks for your work. https://www.flickr.com/photos/adulau/8412081726/

(Originally on Twitter: Thu Jan 24 18:06:55 +0000 2013)

http://archives.neohapsis.com/archives/fulldisclosure/2013-01/0221.html “Critical SSH Backdoor in multiple Barracuda Networks Products” but the scary part, it’s not the only vendor. #infosec

(Originally on Twitter: Thu Jan 24 19:21:37 +0000 2013)

http://seclists.org/fulldisclosure/2013/Jan/217 “CVE ID Syntax Change - Call for Public Feedback” #infosec #cve #cveid

(Originally on Twitter: Thu Jan 24 20:15:03 +0000 2013)

@cbrocas Yep but the main problem is the ugly PasswordAuthentication that must be disabled at any cost. (removed from compiled OpenSSH?)

(Originally on Twitter: Fri Jan 25 09:52:19 +0000 2013)

RT @nacin: If you suspect a vulnerability in WordPress core, you can disclose it privately to security@wordpress.org. Happy to chat (and …

(Originally on Twitter: Fri Jan 25 12:28:27 +0000 2013)

RT @jekil: New tool released! Photo/image forensics via metadata extraction http://www.imageforensic.org/ I hope you like it!

(Originally on Twitter: Fri Jan 25 12:39:01 +0000 2013)

http://www.imageforensic.org/ is a nice tool - small question: Why do you said “high risk” for “GPSTag:” when the value is undefined @jekil

(Originally on Twitter: Fri Jan 25 12:42:25 +0000 2013)

@jekil Thanks. Maybe from high to medium? if there are no localization info. Just to stress the point when the localization is present.

(Originally on Twitter: Fri Jan 25 14:38:02 +0000 2013)

RT @cBekrar: Thank you vendors for backdooring your soft & placing hidden (you think!) features that allow us to pwn you with minimu …

(Originally on Twitter: Sat Jan 26 16:56:26 +0000 2013)

RT @daviddarts: Web inventor says governments stifling net freedom http://goo.gl/7EtB1

(Originally on Twitter: Sat Jan 26 16:57:52 +0000 2013)

@PETS_2013 “assigning an exclusive 3-year distribution license to Springer.” Maybe you should consider open access for PETS cc/ @mattblaze

(Originally on Twitter: Sat Jan 26 17:08:52 +0000 2013)

RT @circl_lu: https://www.circl.lu/files/tf-csirt-first2013-circl-restena-blackhole.pdf “Another Perspective to IP-Darkspace Analysis” presented at #FIRST #TFCSIRT

(Originally on Twitter: Tue Jan 29 09:45:10 +0000 2013)

Seeing BYOD terminology, I’m always wondering if the D means desolation, destruction or devastation. #infosec #byod

(Originally on Twitter: Tue Jan 29 11:32:08 +0000 2013)

RT @fygrave: @adulau B[ring]Y[your]O[wn]D[etonation device] ;-)

(Originally on Twitter: Tue Jan 29 11:36:52 +0000 2013)

RT @snazmeister: @adulau I like to think that it means Bring Your Own Disaster. As I feel that with users, this is inevitable #BYOD

(Originally on Twitter: Tue Jan 29 11:37:02 +0000 2013)

#TFCSIRT #FIRST Following the ongoing presentation about CVE, CPE and CVSS, you might be interested https://github.com/adulau/cve-search and its ranking.

(Originally on Twitter: Tue Jan 29 16:35:33 +0000 2013)

RT @circl_lu: http://www.kb.cert.org/vuls/id/922681 “Portable SDK for UPnP Devices (libupnp) contains multiple buffer overflows in SSDP” #infosec #router

(Originally on Twitter: Tue Jan 29 17:09:20 +0000 2013)

RT @tcertcom: Telecom Honey Pot catches new SS7 attacker today. And still some vendors and operators say it’s a totally safe network. #t …

(Originally on Twitter: Thu Jan 31 09:50:22 +0000 2013)

RT @circl_lu: Regarding last tweet, we recommend disabling #UPnP on routers if it is not needed or block port for untrusted sources http …

(Originally on Twitter: Thu Jan 31 09:50:43 +0000 2013)

RT @PETS_2013: @adulau indeed we’re considering moving to open access for next years hoping to make progress as a community, and not as …

(Originally on Twitter: Fri Feb 01 09:48:16 +0000 2013)

Will be at #FOSDEM tomorrow

(Originally on Twitter: Fri Feb 01 20:47:27 +0000 2013)

https://github.com/MerlijnWajer/tracy “tracy - a system call tracer and injector.” #infosec

(Originally on Twitter: Fri Feb 01 21:33:10 +0000 2013)

@tunguuz Thanks it was nice to see you and talk about those disappearing technologies.

(Originally on Twitter: Sat Feb 02 08:09:09 +0000 2013)

@l_a_u_r_e_n_t If you see something to be done in #forban to be used for #pirateboxbru let me know.

(Originally on Twitter: Sun Feb 03 09:17:46 +0000 2013)

https://www.flickr.com/photos/adulau/8442476626/ “Everybody needs a hacker” even hackers… #fosdem

(Originally on Twitter: Sun Feb 03 19:50:58 +0000 2013)

@jpflorent We already sent a list of vulnerabilities the 22nd of January to them but it was before the challenge really started ;-(

(Originally on Twitter: Mon Feb 04 16:15:01 +0000 2013)

RT @circl_lu: http://bgpranking.circl.lu/ has been updated including the graphs and new public black-list were added. raw data available #bgp # …

(Originally on Twitter: Mon Feb 04 16:34:35 +0000 2013)

@Kaplan_CERTat The two (a)s got lost in front of an (a). https://www.flickr.com/photos/adulau/8445182447/ #photography #geeks cc: @ddurvaux

(Originally on Twitter: Mon Feb 04 22:51:50 +0000 2013)

RT @circl_lu: http://curl.haxx.se/docs/adv_20130206.html libcurl is vulnerable to a buffer overflow vulnerability when using protocols POP3, SMTP or IMAP. #in …

(Originally on Twitter: Wed Feb 06 16:57:06 +0000 2013)

I’m betting that more searches on intel eeprom 8257 82583 82574L will pop up in a very near future… #infosec

(Originally on Twitter: Wed Feb 06 22:05:27 +0000 2013)

http://referaat.cs.utwente.nl/conference/18/paper/7381/characterization-of-tor-exit-nodes.pdf “Characterization of Tor Exit-Nodes” #tor #privacy #infosec

(Originally on Twitter: Thu Feb 07 16:47:11 +0000 2013)

https://community.ja.net/blogs/regulatory-developments/article/eu-cyber-security-strategy Comments about the EU Cyber Security Strategy.

(Originally on Twitter: Thu Feb 07 17:04:29 +0000 2013)

If you are a student and willing to work on CRLs and looking for an internship, you can DM me. #x509 #infosec http://www.foo.be/cours/dess-20122013/crl-datastore-and-browser.html

(Originally on Twitter: Fri Feb 08 19:45:21 +0000 2013)

@mikko I’m surprise that you just discovered the work from the fabulous Fabrice Bellard.

(Originally on Twitter: Fri Feb 08 20:22:18 +0000 2013)

RT @thegrugq: Coordinated disclosure w/ vendor? 90-180 days patch, you get nothing. Russian blackmarket <15 day patch, plus you get p …

(Originally on Twitter: Sat Feb 09 20:09:39 +0000 2013)

I don’t know why but each time I see an interview with a spokesperson for a large corporation, I always see propaganda-person as a title.

(Originally on Twitter: Sun Feb 10 16:21:44 +0000 2013)

https://github.com/SecPlus/libmalelf libmalelf is an evil library the intent to assist in the process of infecting ELF binaries… #infosec #elf

(Originally on Twitter: Sun Feb 10 16:33:53 +0000 2013)

RT @hack_lu: We are working on the hack.lu 2013 (22-24 October) CFP, it will be open very soon. see you there. #infosec #conference #lux …

(Originally on Twitter: Sun Feb 10 16:56:30 +0000 2013)

@adainitiative What’s the best approach for a call-for-paper to support your initiative? thank you cc @hack_lu #conference #hacklu

(Originally on Twitter: Sun Feb 10 17:14:03 +0000 2013)

RT @hack_lu: @beist If you like we can reuse the picture for the poster of this year! We hope to see you… #hacklu /CC @ochsff

(Originally on Twitter: Sun Feb 10 19:29:59 +0000 2013)

just booked my ticket for #OHM2013

(Originally on Twitter: Mon Feb 11 14:41:47 +0000 2013)

Tomorrow I have to explain what a kitten groomer is in order to get support a security research prototype… pfffff @quinnnorton

(Originally on Twitter: Mon Feb 11 22:15:01 +0000 2013)

https://github.com/torvalds/linux/commit/b5c37fe6e24eec194bb29d22fdd55d73bcc709bf “sctp: sctp_endpoint_free: zero out secret key data” #sctp #linux

(Originally on Twitter: Tue Feb 12 12:02:11 +0000 2013)

“How to choose a PIN - assessment of dictionary methods” http://arxiv.org/abs/1302.2656 #infosec #security #pin

(Originally on Twitter: Wed Feb 13 09:38:00 +0000 2013)

RT @ambimorph: PIN solution: choose randomly and convert to memorable phrase: http://arxiv.org/abs/1302.2656 HT @adulau

(Originally on Twitter: Wed Feb 13 17:00:00 +0000 2013)

@jmattheij Nice. I registered the domain http://paperbay.org in 2009 to do something similar. I’m sure @aaronsw would have liked it.

(Originally on Twitter: Wed Feb 13 17:44:33 +0000 2013)

@jmattheij if you want a reverse proxy back, let me know.

(Originally on Twitter: Wed Feb 13 17:46:11 +0000 2013)

The funky security netblock of the day http://bgpranking.circl.lu/asn_details?date=;source=;asn=199079;ip_details=2012-08-30T05:09:16.779919 #infosec the ISP has no luck with its customers ;-) cc @bgpranking

(Originally on Twitter: Wed Feb 13 17:54:03 +0000 2013)

@wr Looks like the song headhunter from Front 242. You scare me… ;-)

(Originally on Twitter: Wed Feb 13 18:21:14 +0000 2013)

RT @mattblaze: Disappointed that some think our technical analysis should bend to accomodate their preferred conclusion. http://t.co/gFV …

(Originally on Twitter: Wed Feb 13 19:07:48 +0000 2013)

RT @mattblaze: @evacide LE has always used targeted surveillance, long before the net. It’s the global mandates that are new

(Originally on Twitter: Wed Feb 13 19:14:10 +0000 2013)

RT @botherder: Despite the mistakes from all sides, I want to give my support to @ioerror for the unreasonable hostility he received bec …

(Originally on Twitter: Fri Feb 15 09:13:37 +0000 2013)

https://github.com/shjalayeri/MCEDP “Malicious Code Execution Detection Prevention (MCEDP) High Interaction Client Honeypot” #honeypot

(Originally on Twitter: Fri Feb 15 21:18:46 +0000 2013)

I was lost in the snow and burnt by the sun but my CCD still works. http://www.flickr.com/photos/adulau/8471539608/in/photostream #sooc #photography #winter

(Originally on Twitter: Fri Feb 15 21:23:53 +0000 2013)

@snazmeister Yes, this makes sense. Would you trust software? I can’t. #infosec

(Originally on Twitter: Sat Feb 16 15:26:20 +0000 2013)

@cryptocatapp “We are not looking to hire someone to write an implementation,” Why? that’s usually the only way to validate the mpOTR spec.

(Originally on Twitter: Sat Feb 16 17:37:52 +0000 2013)

@OSVDB It seems that the link http://osvdb.org/database_info is down. Is there another way to download the full DB of OSVDB? thanks for your work.

(Originally on Twitter: Sat Feb 16 17:40:21 +0000 2013)

@OSVDB Ok, thx. I just wanted to add the import for http://adulau.github.com/cve-search/ to help people to do local searches from OSVDB too.

(Originally on Twitter: Sat Feb 16 17:48:15 +0000 2013)

@dena_ftb I’m listening your tracks from Belgium… nice work. keep on… you should add a bit more beats from a 303 and 909 ;-)

(Originally on Twitter: Sat Feb 16 20:28:25 +0000 2013)

RT @aumasson: announcing the Password Hashing Competition: https://password-hashing.net submit before January 31, 2014

(Originally on Twitter: Sat Feb 16 21:28:41 +0000 2013)

http://www.strazzere.com/blog/2013/02/loose-documentation-leads-to-easy-disassembler-breakages/ “Loose Documentation Leads to Easy Disassembler Breakages” #security #reversing

(Originally on Twitter: Sun Feb 17 09:15:35 +0000 2013)

http://www.ccssforum.org/malware-certificates.php “ list of digital certificates that have been reported by the forum as possibly being associated with malware”

(Originally on Twitter: Tue Feb 19 05:48:19 +0000 2013)

https://www.djangoproject.com/weblog/2013/feb/19/security/ I know why I like static pages ;-) #security

(Originally on Twitter: Tue Feb 19 22:38:20 +0000 2013)

http://www.nlnetlabs.nl/downloads/publications/report-rrl-dekoning-rozekrans.pdf “Defending against DNS reflection amplification attacks” #infosec #dns #security

(Originally on Twitter: Wed Feb 20 07:57:40 +0000 2013)

RT @Tactical_Intel: Dude has so much Zeus traffic on his network he should rename his company Mount Olympus.

(Originally on Twitter: Wed Feb 20 20:26:22 +0000 2013)

http://www.adobe.com/support/security/bulletins/apsb13-07.html Finally the updates for CVE-2013-0640, CVE-2013-0641 are available… #security

(Originally on Twitter: Wed Feb 20 20:53:44 +0000 2013)

RT @OpenITP: OpenITP’s first round of 2013 project funding is now open for proposals! http://www.openitp.com/?q=node/33 @guardianproject @accessnow @ …

(Originally on Twitter: Thu Feb 21 20:29:57 +0000 2013)

To malware authors, don’t work too much into A/V detection it’s useless. A loader using LoadLibraryA GetProcAddr.. & VirtualAlloc is enough.

(Originally on Twitter: Thu Feb 21 20:39:21 +0000 2013)

@eromang Thanks for your researches too. Maybe more to come…

(Originally on Twitter: Thu Feb 21 21:51:49 +0000 2013)

@hh86_ Does it depend on the Free list internal implementation of Windows? If yes, I think block alloc is ascending. For glibc, descending?

(Originally on Twitter: Thu Feb 21 22:05:37 +0000 2013)

@eromang maybe the socket is still open on the proxy side but not ending somewhere. I’m wondering how they manage all the reverse shells ;-)

(Originally on Twitter: Thu Feb 21 22:07:15 +0000 2013)

RT @mikko: At least two fake Mandiant reports in circulation, with exploits embedded. See http://www.symantec.com/connect/node/2702691 and http://t.co/dAA6cxA …

(Originally on Twitter: Fri Feb 22 05:49:52 +0000 2013)

“All information collected should be stored securely on read only media.” from ISO/IEC 27035 really? 15TB on read only media? #security

(Originally on Twitter: Fri Feb 22 10:17:51 +0000 2013)

Is there any public security review for the poppler source code? it’s really used everywhere… http://poppler.freedesktop.org/ @OpenITP

(Originally on Twitter: Fri Feb 22 14:28:02 +0000 2013)

@cudeso “A lot of people never use their initiative because no-one told them to.” written sometime by #Banksy on some walls.

(Originally on Twitter: Fri Feb 22 22:20:38 +0000 2013)

http://pastebin.com/raw.php?i=v10EPR5u “Additional Comment Crew Indicators of Compromise” At this rhythm the whole 2^32 ip space will be published. #infosec

(Originally on Twitter: Fri Feb 22 22:31:01 +0000 2013)

Don’t fall into the trap of @koken it’s not free software… Maybe it’s time for them to use a real free software license

(Originally on Twitter: Sat Feb 23 17:25:12 +0000 2013)

http://www.foo.be/cgi-bin/wiki.pl/2013-02-23_Vulnerability_Management_Is_Just_An_Approximation “Software Vulnerability Management Is Just A Huge Approximation” #infosec #security #cve @wimremes

(Originally on Twitter: Sat Feb 23 20:53:40 +0000 2013)

@wimremes Thanks. Don’t forget that you somehow played a role in this blog post ;-)

(Originally on Twitter: Sat Feb 23 21:01:23 +0000 2013)

@msuiche I might submit something. Is the CFP still closing end of March? @NoSuchCon cc @tricaud

(Originally on Twitter: Sun Feb 24 20:47:15 +0000 2013)

RT @nickm_tor: @aumasson I’ve felt that everyone should get some press coverage, just to learn how little credence to give the rest of w …

(Originally on Twitter: Mon Feb 25 21:00:58 +0000 2013)

RT @_oRb: CVE-2013-1763 https://rdot.org/forum/showpost.php?p=30827&postcount=3

(Originally on Twitter: Mon Feb 25 21:19:19 +0000 2013)

https://blog.bit9.com/2013/02/25/bit9-security-incident-update/ “Bit9 Security Incident Update” Interesting Mdmbot.F is back… #malware #infosec

(Originally on Twitter: Mon Feb 25 21:29:45 +0000 2013)

@cudeso “Global Attacker Intelligence Service” Is this a new tool for automatic exploitation of #juniper devices? ;-)

(Originally on Twitter: Mon Feb 25 21:58:43 +0000 2013)

@cudeso In these days, the global scope is in eyes of the attackers and the private scope is in the eyes of victims. Where should we be?

(Originally on Twitter: Mon Feb 25 22:16:15 +0000 2013)

Are you doing security researches on botnets? You might consider to submit it to @Botconf 2013 #cfp #infosec #malware

(Originally on Twitter: Mon Feb 25 22:26:58 +0000 2013)

A small recommendation to people in public transport next to me, don’t plug the USB key I left unattended you might be surprised…

(Originally on Twitter: Tue Feb 26 18:12:24 +0000 2013)

http://marc.info/?l=openssh-unix-dev&m=136191728900631&w=2 “Added support for encrypt-then-mac (EtM) MAC modes for SSH protocol 2.” #openssh #ssh #crypto

(Originally on Twitter: Wed Feb 27 21:17:59 +0000 2013)

RT @skier_t: Darm - a lightweight, efficient, ARMv7 disassembler in C (BSD3, Python bindings) http://jbremer.org/darm/

(Originally on Twitter: Wed Feb 27 21:18:16 +0000 2013)

RT @AlTobey: Dear @github: please add a >>> fast-forward button for browsing Java projects. If I press it, it takes me to the f …

(Originally on Twitter: Thu Feb 28 05:43:14 +0000 2013)

RT @circl_lu: http://docs.cpanel.net/twiki/bin/view/AllDocumentation/CompSystem#Compromised%20RPMs more info about the Trojanized OpenSSH packages. #security #malware #trojan #cpanel

(Originally on Twitter: Thu Feb 28 13:18:15 +0000 2013)

https://forums.dropbox.com/topic.php?id=97303 “Why was my email leaked?” #security #dropbox

(Originally on Twitter: Thu Feb 28 20:12:11 +0000 2013)

@craiu If you are looking a good track for #duke #miniduke I would suggest Front 242 headhunter http://www.youtube.com/watch?v=m1cRGVaJF7Y

(Originally on Twitter: Fri Mar 01 16:47:51 +0000 2013)

RT @jduck1337: The recent Java exploit (CVE-2013-1493) appears to exploit a vulnerability in the color management native code.

(Originally on Twitter: Sat Mar 02 10:49:42 +0000 2013)

Some interesting memory disclosure bugs in user-space from the Linux kernel crypto part: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6 #security #linux

(Originally on Twitter: Sun Mar 03 20:26:30 +0000 2013)

@altquinn to reassure you it’s also freezing cold here. #europe is just like #US

(Originally on Twitter: Sun Mar 03 21:39:22 +0000 2013)

Second paper I read mentioning privacy-preserving with Bloom filters for IPv4 addresses. Look-up of 4 billions entries is fast ;-) #privacy

(Originally on Twitter: Sun Mar 03 21:56:28 +0000 2013)

RT @DennisRand: IPv6 Focus Month at the Internet Storm Center https://isc.sans.edu/diary/IPv6+Focus+Month+at+the+Internet+Storm+Center/15307

(Originally on Twitter: Mon Mar 04 08:01:44 +0000 2013)

RT @circl_lu: http://contagiodump.blogspot.com/2013/03/mandiant-apt1-samples-categorized-by.html “Mandiant APT1 samples categorized by malware families” #infosec #apt1 #malware

(Originally on Twitter: Mon Mar 04 17:06:13 +0000 2013)

RT @eromang: Urf … #Oracle #Java Update 7 U 17 message “The update is improperly signed” #Update #Error

(Originally on Twitter: Mon Mar 04 21:19:43 +0000 2013)

https://crypton.io/ “Crypton is a framework for building cryptographically secure cloud applications.” Did someone try this? #crypto

(Originally on Twitter: Mon Mar 04 22:42:41 +0000 2013)

Yep @grsecurity should be mandatory.

(Originally on Twitter: Tue Mar 05 10:59:12 +0000 2013)

RT @iiamit: @jack_daniel thing is - PCI (and most regulations) are trying to bring the horribly unprotected to lowest comm denom. #medio …

(Originally on Twitter: Tue Mar 05 21:20:34 +0000 2013)

https://gist.github.com/adulau/5094750 some random notes on how to acquire memory from a running Linux system, feel free to update. #infosec #forensic

(Originally on Twitter: Tue Mar 05 22:07:41 +0000 2013)

@quinnnorton @turkshead The Pu Erh pack on the right side of the picture might confuse a LE analyst… #tea with #gun

(Originally on Twitter: Thu Mar 07 12:30:40 +0000 2013)

@quinnnorton @turkshead They do especially when you talk about an AK-12 or Mecar M72 that you can exchange with 20KG of Pu Erh. #monitoring

(Originally on Twitter: Thu Mar 07 15:45:28 +0000 2013)

RT @y0m: Having fun with cuckoo (again). http://malwr.com/analysis/e8a064854b655baee7515eff8ae8ad17/

(Originally on Twitter: Thu Mar 07 16:15:07 +0000 2013)

A note for malware authors, you should stop to use your custom binary protocols and go for JSON-based protocol. You won’t be detected…

(Originally on Twitter: Thu Mar 07 17:16:11 +0000 2013)

@thegrugq As long as you have a VAT number, you can buy/sell stuff including 0-days. A blackhat with a VAT is just another company ;-)

(Originally on Twitter: Thu Mar 07 21:21:03 +0000 2013)

@giovannibajo Are you sure Simtec Electronics is going out of business? I just have one entropy key that I use regularly. #crypto

(Originally on Twitter: Sat Mar 09 09:18:15 +0000 2013)

RT @rjek: @jpmens @habbie Incidentally, they should start shipping again RSN: the lead design and production engineer has had some *MAJO …

(Originally on Twitter: Sat Mar 09 12:07:06 +0000 2013)

@usnistgov It seems that your website where the CVE/CPE dumps are located is experiencing some issues. http://nvd.nist.gov/download.cfm cc @wimremes

(Originally on Twitter: Mon Mar 11 09:10:09 +0000 2013)

http://inertiawar.com/microcode/ “notes gathered while investigating the Intel microcode” Interesting… #security #intel #cpu #infosec

(Originally on Twitter: Tue Mar 12 17:55:16 +0000 2013)

https://lkml.org/lkml/2013/3/11/501
“drivers/gpu/drm/i915/i915_gem_execbuffer.c” bounds check execbuffer relocations… #kernel #linux #security

(Originally on Twitter: Wed Mar 13 16:48:33 +0000 2013)

@wimremes Now we know why the 404 on the NVD XML dump while using cve-search #infosec http://www.theregister.co.uk/2013/03/14/us_malware_catalogue_hacked/

(Originally on Twitter: Thu Mar 14 07:43:01 +0000 2013)

http://arxiv.org/abs/1303.3047 “Data Retrieval over DNS in SQL Injection Attacks” #infosec #sqli Another good reason to limit recursive DNS queries.

(Originally on Twitter: Thu Mar 14 08:27:20 +0000 2013)

RT @xme: <sponsor> marketing time </sponsor> #BlackHatEU

(Originally on Twitter: Thu Mar 14 08:49:35 +0000 2013)

@Jindroush Which CRL are checking for 2B73432AA84F44? I checked all know CRLs for GoDaddy and cannot find 2B73432AA84F44…

(Originally on Twitter: Thu Mar 14 09:24:14 +0000 2013)

@Jindroush Thank you. I’m curious if the CRL/OCSP check is properly done by the JRE in such case.

(Originally on Twitter: Thu Mar 14 09:45:02 +0000 2013)

RT @mikko: 20 years ago, I was generating a PGP key and decided to go with a 384-bit key. Generating a longer one took too long… http:// …

(Originally on Twitter: Fri Mar 15 08:04:11 +0000 2013)

discovers that investing in professional lenses is safer than putting money in a bank account. The depreciation is lower than in Cyprus…

(Originally on Twitter: Sun Mar 17 12:11:02 +0000 2013)

@travisgoodspeed Thx for the info. Why not moving GoodFET to @github ? git-svn is nice but can be really painful when merging…

(Originally on Twitter: Sun Mar 17 16:29:39 +0000 2013)

RT @hashbreaker: “Cryptography worst practices” lecture from SecAppDev 2012 now has audio online: http://cr.yp.to/talks/2012.03.08-1/audio.ogg Slides: http:// …

(Originally on Twitter: Sun Mar 17 18:34:21 +0000 2013)

@ralphholz I couldn’t resist to quote The Treasure of the Sierra Madre with “I know what gold does to men’s souls. “ #economy

(Originally on Twitter: Sun Mar 17 19:11:09 +0000 2013)

RT @circl_lu: http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4 “Cisco IOS and Cisco IOS XE Type 4 Passwords Issue” #cisco #security #ios

(Originally on Twitter: Mon Mar 18 16:18:41 +0000 2013)

RT @ProcDOT: ProcDOT 1.0 beta is online! Get it from … http://cert.at/downloads/software/procdot_en.html

(Originally on Twitter: Tue Mar 19 10:27:06 +0000 2013)

I don’t know why but my favorite song from the Monty Python is running into my ears… https://www.youtube.com/watch?v=NH2P_pVze6s #infosec #apt

(Originally on Twitter: Thu Mar 21 10:43:47 +0000 2013)

Think about all the PRNGs around you http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2013-003.txt.asc How many operates as expected? #crypto #random #infosec

(Originally on Twitter: Fri Mar 22 06:00:31 +0000 2013)

https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/241305 The bug for #ubuntu I submitted 5 years ago is now solved. Yeah… #infosec #ipv6

(Originally on Twitter: Fri Mar 22 09:00:14 +0000 2013)

http://jessekornblum.livejournal.com/290597.html?nojs=1 “Using Colorize to Visualize Recovered Memory Forensics Data “ #infosec

(Originally on Twitter: Fri Mar 22 10:16:36 +0000 2013)

RT @alexsotirov: Just realized that my system would need 350 days to decompress all the Internet Census data. Do I need to build a dec …

(Originally on Twitter: Fri Mar 22 15:06:39 +0000 2013)

@ioerror It might not be impossible that we add the Census data into BGP ranking http://bgpranking.circl.lu/ip_lookup just looking for the right dbstruct

(Originally on Twitter: Fri Mar 22 15:10:10 +0000 2013)

Thanks to @jpflorent for the waste collection #opendata in Luxembourg province & I tried a D3 visualization http://www.foo.be/waste/ #belgium

(Originally on Twitter: Sat Mar 23 09:20:53 +0000 2013)

@bortzmeyer Oui, l’entartrage est obligatoire dans ces cas ultimes. #jfr2013

(Originally on Twitter: Sat Mar 23 09:39:03 +0000 2013)

RT @i0n1c: Still annoyed that there is no easy way to do a multiline regex search over the disassembly with IDA.

(Originally on Twitter: Sun Mar 24 16:51:04 +0000 2013)

@i0n1c At the end, “the dump ASM function in IDA and open in Vim” should be a default IDC plugin…

(Originally on Twitter: Sun Mar 24 16:53:23 +0000 2013)

@eromang https://www.hkcert.org/ HKCERT

(Originally on Twitter: Sun Mar 24 18:45:49 +0000 2013)

RT @fablablux: #FabLab #Luxembourg Official Opening on April 23rd @Technoport_Esch / REGISTER NOW via fablablux@technoport /… http://t …

(Originally on Twitter: Tue Mar 26 18:37:21 +0000 2013)

http://www.securityweek.com/nasa-takes-down-database-after-contractor-arrested “NASA Takes Down Database After Contractor Arrested” Why taking an HDD when a RAT is installed on every single PC ;-)

(Originally on Twitter: Tue Mar 26 18:47:06 +0000 2013)

Next time a journalist asks me for the phone number of Satoshi Nakamoto, I won’t be able to be serious. #cryptocircus #bitcoin

(Originally on Twitter: Tue Mar 26 20:00:50 +0000 2013)

http://www.cc.gatech.edu/~traynor/papers/lever-ndss13.pdf “Analyzing Malicious Traffic in Cellular Carriers” “Known mobile malware samples are virtually unseen” dataset?

(Originally on Twitter: Wed Mar 27 05:40:57 +0000 2013)

@HostExploit In your report, how do you differentiate parked domains hosting from malicious hosting? thank you.

(Originally on Twitter: Wed Mar 27 09:37:54 +0000 2013)

https://hashcat.net/oclGaussCrack/ “The goal of the program is to crack the verification hash of the encrypted payload of the Gauss Virus” #malware

(Originally on Twitter: Wed Mar 27 21:06:18 +0000 2013)

http://blog.codeclimate.com/blog/2013/03/27/rails-insecure-defaults/ “Rails’ Insecure Defauts 13 Security Gotchas You Should Know About” #security #RoR

(Originally on Twitter: Wed Mar 27 21:15:12 +0000 2013)

@nigroeneveld Cyber arms control is just the new name for the control of the cryptographic tools. Export restriction was a disaster.

(Originally on Twitter: Wed Mar 27 21:19:51 +0000 2013)

@cbrocas Avec plaisir ;-) Dois-je comprendre que c’est une invitation à soumettre une présentation? #rmll2013

(Originally on Twitter: Thu Mar 28 07:50:37 +0000 2013)

RT @mruef: People telling me we should invest more in marketing. Nope, we have too much work to do. We should invest in recruiting instead!

(Originally on Twitter: Thu Mar 28 08:56:15 +0000 2013)

Following the advice from @cbrocas I submitted a talk to the #rmll2013 and that one is not about breaking software but breaking copyright.

(Originally on Twitter: Thu Mar 28 21:26:16 +0000 2013)

@esizkur @jvanegue @chrisrohlf I think it is (was?) using HMAC for ensuring the integrity of the messages. PSK management is cool ;-)

(Originally on Twitter: Thu Mar 28 21:34:20 +0000 2013)

@esizkur I cannot DM you ;-) you know this wonderful twitter feature when you don’t follow someone.

(Originally on Twitter: Thu Mar 28 21:43:17 +0000 2013)

RT @circl_lu: https://www.circl.lu/pub/tr-12/ CIRCL published an analysis of a PlugX malware variant used for targeted attacks #malware #apt #plugx

(Originally on Twitter: Fri Mar 29 09:38:32 +0000 2013)

@agonarch The only advantage of long-term copyright it’s in use for free software copyleft-type licensing. 5-10 years period could be enough

(Originally on Twitter: Sat Mar 30 08:40:32 +0000 2013)

@agonarch Improvement in the Berne convention to reduce the copyright term to 5-10 years, fair use extended and orphan works in PD.

(Originally on Twitter: Sat Mar 30 09:46:47 +0000 2013)

made a visualization of keywords used in CVE from the past 14 years. added in cve-search http://www.foo.be/cve/ @secviz @wimremes #infosec

(Originally on Twitter: Sat Mar 30 15:58:12 +0000 2013)

@angealbertini Right, for the viz. I should use a list of stop words. But the initial objective was to have a list for advisory detection.

(Originally on Twitter: Sat Mar 30 22:01:11 +0000 2013)

@Contrepoints The article misses authors for a counter-comparison P. K. Dick, Greg Bear or Orson S, Card. Diversity in litterature is key.

(Originally on Twitter: Sun Mar 31 07:46:05 +0000 2013)

Finally I submitted a second talk to #rmll2013 and this time it’s about #infosec and my try to sort the mess in CVEs @cbrocas @wimremes

(Originally on Twitter: Sun Mar 31 08:30:23 +0000 2013)

RT @PhysicalDrive0: Dumping Raw Kernel Memory http://jessekornblum.livejournal.com/291418.html

(Originally on Twitter: Sun Mar 31 08:55:51 +0000 2013)

@r00tbsd Enjoy your trip. I hope that the fly won’t be redirected ;-)

(Originally on Twitter: Sun Mar 31 10:45:48 +0000 2013)

@r00tbsd Maybe you should have a list of the addresses of the consulates and embassy in the surrounding ;-) Take care.

(Originally on Twitter: Sun Mar 31 10:56:19 +0000 2013)

@francbelge Pourquoi? Lisp est un excellent langage de programmation.

(Originally on Twitter: Sun Mar 31 13:00:28 +0000 2013)

@francbelge MIX, de l’assembleur (ia-32) ou du C pour les étudiants mais il vaut mieux qu’ils maitrisent les concepts de plusieurs langages.

(Originally on Twitter: Sun Mar 31 13:14:57 +0000 2013)

“Canari - Maltego Rapid Transform Development Framework” seems quite nifty to make #maltego transforms in Python. https://github.com/allfro/canari

(Originally on Twitter: Sun Mar 31 13:30:15 +0000 2013)

RT @SushiDude: @adulau @secviz @wimremes prevalence of “unknown” and “unspecified” keywords shows how many disclosures don’t have all te …

(Originally on Twitter: Mon Apr 01 08:14:07 +0000 2013)

RT @kurtseifried: @SushiDude @adulau @secviz @wimremes Yeah I have enough trouble with OpenSource CVEs, can’t imagine what it’s like for …

(Originally on Twitter: Mon Apr 01 08:14:20 +0000 2013)

@jduck @SushiDude @secviz @wimremes Good idea. I’ll do a version with the stemmed words and we could see what’s the impact on visualization.

(Originally on Twitter: Mon Apr 01 08:20:16 +0000 2013)

@jduck @SushiDude @secviz @wimremes http://www.foo.be/cve/ updated including your feedback. Lemmatizer and english stopwords now used. thx.

(Originally on Twitter: Mon Apr 01 11:10:50 +0000 2013)

@NoSuchCon I saw the Analyze Porn Traffic in your schedule ;-) This means we have to release publicly the 2012 LT at #cansecwest @tricaud

(Originally on Twitter: Mon Apr 01 11:34:21 +0000 2013)

@vloquet Your agenda is incredible. Well done. @NoSuchCon

(Originally on Twitter: Mon Apr 01 11:57:26 +0000 2013)

@fboule You might enjoy this http://cryptome.org/2013/03/parastoo-fsf-kill.htm “Two Major Satellite Developer Company… involved in GPL licenses violation”

(Originally on Twitter: Mon Apr 01 13:52:56 +0000 2013)

@thegrugq When we did Torinj to inject in HTTP traffic at Tor exit nodes (some years ago), it was not tagged as Bad. http://arxiv.org/abs/1208.2877

(Originally on Twitter: Mon Apr 01 20:23:49 +0000 2013)

@sam280 What do you mean?

(Originally on Twitter: Tue Apr 02 08:20:19 +0000 2013)

@MatthiasStrubel How many files and subdirectories are you indexing?

(Originally on Twitter: Tue Apr 02 09:17:32 +0000 2013)

RT @nc2y: Adi Shamir at #FC2013 presenting a “Quantitative Analysis of the Full #Bitcoin Transaction Graph” http://is.gd/iW0PZH

(Originally on Twitter: Tue Apr 02 09:33:35 +0000 2013)

RT @thegrugq: I thought IEEE journals were like Phrack, where almost any article is relevant, interesting, and/or novel. I was very very …

(Originally on Twitter: Tue Apr 02 12:55:59 +0000 2013)

@jduck @SushiDude @secviz @wimremes the lematizer helped a bit on some terms and the stop words too. CVE summary is like a legal corpus ;-)

(Originally on Twitter: Tue Apr 02 17:34:39 +0000 2013)

@jessekornblum so the only(?) remaining way is to trojan the BIOS POST boot process? #DFIR #truecrypt

(Originally on Twitter: Tue Apr 02 17:41:52 +0000 2013)

@sam280 From your tweet I got the impression you knew more about the topic than I do.

(Originally on Twitter: Wed Apr 03 07:36:47 +0000 2013)

@jessekornblum I just remember of the Stoned bootkit presented at BH09 using the boot. It might still function. http://www.blackhat.com/presentations/bh-usa-09/KLEISSNER/BHUSA09-Kleissner-StonedBootkit-SLIDES.pdf

(Originally on Twitter: Wed Apr 03 07:42:57 +0000 2013)

RT @torservers: Torservers on the way to more diversity https://lists.torproject.org/pipermail/tor-relays/2013-April/001996.html

(Originally on Twitter: Wed Apr 03 07:49:43 +0000 2013)

http://www.plosone.org/article/info%3Adoi%2F10.1371%2Fjournal.pone.0059613 “Attack Robustness and Centrality of Complex Networks” Another way to test the importance of diversity in IT?

(Originally on Twitter: Wed Apr 03 13:43:54 +0000 2013)

RT @semiconduktor: New blog post on IOActive’s blog regarding integrity of supply chains. http://blog.ioactive.com/2013/04/spotting-fake-chips-in-supply-chain.html

(Originally on Twitter: Wed Apr 03 14:54:24 +0000 2013)

http://arxiv.org/pdf/1303.7012.pdf “Automated Classification of Malware Zeus Samples” Interesting but where is the dataset and the code? #malware

(Originally on Twitter: Wed Apr 03 19:34:48 +0000 2013)

@bortzmeyer Was the packet fragmented? If yes, it was a notification before going into war ;-)

(Originally on Twitter: Wed Apr 03 19:59:10 +0000 2013)

Avoiding the race conditions in javascript is like avoiding the cctv cameras in the London underground. #infosec

(Originally on Twitter: Mon Apr 08 21:30:29 +0000 2013)

RT @malwarelu: After more than 1 month of work, a new article is available: #APT1: technical backstage: http://www.malware.lu/Pro/RAP002_APT1_Technical_backstage.1.0.pdf #malware …

(Originally on Twitter: Mon Apr 08 21:42:09 +0000 2013)

@dzidorius It seems Interesting. Is the presentation available somewhere? thx.

(Originally on Twitter: Mon Apr 08 21:44:40 +0000 2013)

If you are using lynx the default URL_DOMAIN_PREFIXES and URL_DOMAIN_SUFFIXES parameters are dangerous ;-) you should empty them.

(Originally on Twitter: Tue Apr 09 15:03:51 +0000 2013)

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=178657 and the best it’s not a bug as stated by a Debian dev. in 2004. a good dataset for the search spammer.

(Originally on Twitter: Tue Apr 09 15:07:27 +0000 2013)

was at @kewgardens enjoying nice gardens https://www.flickr.com/photos/adulau/8635537198/ https://www.flickr.com/photos/adulau/8634382667/ along with the work of David Nash. #art

(Originally on Twitter: Tue Apr 09 18:07:48 +0000 2013)

@i0n1c Any pointers to the statistics in question?

(Originally on Twitter: Wed Apr 10 09:35:53 +0000 2013)

@i0n1c a better comparison would be between Munich and Luxembourg to have a comparable scale. Original data: http://www.ecb.int/pub/scientific/stats/html/index.en.html

(Originally on Twitter: Wed Apr 10 10:03:15 +0000 2013)

RT @deesse_k: Dreamboot UEFI bootkit coming soon on github today #HITB2013AMS @quarkslab

(Originally on Twitter: Wed Apr 10 12:19:32 +0000 2013)

RT @circl_lu: https://www.circl.lu/pub/tr-08/ updated version of CIRCL automatic launch object detection for Mac OS X released. #macos #security

(Originally on Twitter: Wed Apr 10 13:55:12 +0000 2013)

@ioerror Do you know if Iran is currently playing with global interception? http://www.google.com/transparencyreport/traffic/?r=IR&l=GMAIL&csd=1328394245230&ced=1365600600000 #iran #internet

(Originally on Twitter: Wed Apr 10 15:54:53 +0000 2013)

RT @beist: Stars aligner’s how-to: kernel pool spraying and VMware CVE-2013-1406 http://blog.ptsecurity.com/2013/03/stars-aligners-how-to-kernel-pool.html <- Nice and detailed post

(Originally on Twitter: Thu Apr 11 20:31:20 +0000 2013)

RT @travisgoodspeed: My slides from HITB on writing shellcode for embedded systems are up. http://conference.hitb.org/hitbsecconf2013ams/materials/D1T1%20-%20Travis%20Goodspeed%20-%20Nifty%20Tricks%20and%20Sage%20Advice%20for%20Shellcode%20on%20Embedded%20Systems.pdf

(Originally on Twitter: Sat Apr 13 10:22:11 +0000 2013)

Si vous ne pouvez pas vérifier qui est le propriétaire d’un nom de domaine (via whois), ce n’est pas bon signe comme pour @DerapagesOrg

(Originally on Twitter: Sat Apr 13 12:42:03 +0000 2013)

It seems that @hack_lu 2013 will be replicant or robotic style this year… #hacklu #infosec #conference

(Originally on Twitter: Sat Apr 13 13:17:30 +0000 2013)

RT @hack_lu: @y0m @adulau @hack_lu Indeed blade runners might be needed to do the @fluxfingers #CTF during #hacklu 2013 #p.k.dick

(Originally on Twitter: Sat Apr 13 13:24:57 +0000 2013)

@jaysonstreet @hack_lu We love them too but sometimes they can be dangerous too. #security #softwareengineering

(Originally on Twitter: Sat Apr 13 13:27:52 +0000 2013)

http://www.bbc.co.uk/news/world-asia-china-22137950 “US and China to set up cyber security working group” A nice opportunity to share the source code of their malware.

(Originally on Twitter: Sat Apr 13 20:45:04 +0000 2013)

I’m surprised that not a lot of companies are using CC honey token to discover leaked database and fraudulent CC charges. #infosec #honeypot

(Originally on Twitter: Mon Apr 15 18:29:16 +0000 2013)

@snazmeister YB work quite well and you can replace the AES key. But I still prefer HOTP like Feitian to avoid an USB connection.

(Originally on Twitter: Tue Apr 16 18:36:00 +0000 2013)

@SystemLean infovis is often just a trigger to think in a different way about information. You’ll need people who like to learn.

(Originally on Twitter: Tue Apr 16 18:55:37 +0000 2013)

RT @pmbureau: ESET is looking for 4 analysts in Montreal: https://hqcareers-eset.icims.com/jobs/1130/job pls spread the word!

(Originally on Twitter: Tue Apr 16 18:55:51 +0000 2013)

@y0m Il me semblait que la sécurité informatique est la culture de l’échec pour oublier les incidents le plus rapidement possible. #infosec

(Originally on Twitter: Tue Apr 16 20:35:09 +0000 2013)

@eromang can we safely assume that the remaining 23 vulnerabilities are just wrongly scored? #java #rankingisdifficult

(Originally on Twitter: Tue Apr 16 20:37:24 +0000 2013)

@eromang looking at http://www.cvedetails.com/cvss-score-distribution.php I’m wondering if the modified Benford’s law is not showing fabricated data http://digitalcommons.calpoly.edu/cgi/viewcontent.cgi?article=1046&context=rgp_rsr

(Originally on Twitter: Tue Apr 16 21:06:45 +0000 2013)

CVSS distribution should be a log-series distribution? and not a spike in the 4-6 range? are CVSS data inline with the Benford’s law? #cve

(Originally on Twitter: Tue Apr 16 21:18:20 +0000 2013)

My talk about cve-search at #RMLL 2013 is accepted. See you there. cc @xme @wimremes #infosec #cve

(Originally on Twitter: Wed Apr 17 10:04:17 +0000 2013)

RT @cvandeplas: #MISP graph tool published - Generates a dot or gexf with the relations between the attributes and events. https://t.co/ …

(Originally on Twitter: Thu Apr 18 18:47:28 +0000 2013)

@novytweety That was long time ago ;-) #everythingisfreesoftware

(Originally on Twitter: Thu Apr 18 18:48:09 +0000 2013)

If you want to manage your #IOC in your organization, you should check MISP Malware Information Sharing Platform https://github.com/MISP

(Originally on Twitter: Thu Apr 18 18:54:07 +0000 2013)

I’ll present at @sstic a talk about some recommendations for the malware authors to improve their software. #malware #infosec

(Originally on Twitter: Fri Apr 19 08:08:02 +0000 2013)

Is this the beginning of new hacks on mobile phone? it might be… http://www.bunniestudios.com/blog/?p=3040 #gsm #mobile

(Originally on Twitter: Fri Apr 19 20:42:03 +0000 2013)

@ciphercloud Maybe you should publish your cryptosystem instead of filling DMCA notice… #crypto http://meta.crypto.stackexchange.com/questions/250/ciphercloud-dmca-notice

(Originally on Twitter: Sat Apr 20 05:14:18 +0000 2013)

@librarythingtim It’s not because a religion contains good principles that the religion is the source of their use @quinnnorton

(Originally on Twitter: Sat Apr 20 10:17:40 +0000 2013)

@librarythingtim it’s not because a religion or a non-religion express some good principles that they really promote those. @quinnnorton

(Originally on Twitter: Sat Apr 20 10:24:49 +0000 2013)

@quinnnorton I’m battling with 140 characters with my non-native tongue. I feel like Salvatore in “The Name of the Rose” @librarythingtim

(Originally on Twitter: Sat Apr 20 10:30:16 +0000 2013)

@quinnnorton Indeed.The roots for being good/bad is at different places and not only in religious principles. @librarythingtim

(Originally on Twitter: Sat Apr 20 10:34:48 +0000 2013)

@librarythingtim By the way, I should record my books about “Ludwig Wittgenstein” in LibraryThing ;-) http://www.librarything.com/profile/adulau @quinnnorton

(Originally on Twitter: Sat Apr 20 10:38:26 +0000 2013)

@librarythingtim That’s correct. For the whole book, you should have followed the “latin cursus” but it was usual some years ago in Belgium.

(Originally on Twitter: Sat Apr 20 10:41:16 +0000 2013)

@librarythingtim No worries. It’s not because I have books about Wittgenstein that I like his “theories” ;-) @quinnnorton

(Originally on Twitter: Sat Apr 20 10:43:06 +0000 2013)

“On the accuracy of statistical procedures in Microsoft Excel 2007 “ http://www.pages.drexel.edu/~bdm25/excel2007.pdf

(Originally on Twitter: Sun Apr 21 05:59:05 +0000 2013)

@hugbomb Interesting map. Would you share the data with the CERTs around world to inform the victims with compromised systems?

(Originally on Twitter: Sun Apr 21 06:09:37 +0000 2013)

@sam280 Indeed, it’s really a disaster. Talking about disaster, his brother is not too bad either. http://www.edwardtufte.com/bboard/q-and-a-fetch-msg?msg_id=0001yB

(Originally on Twitter: Sun Apr 21 10:04:50 +0000 2013)

RT @circl_lu: If you are interested to see what are the locations of the network attacks against Luxembourg http://map.circl.lu/ #luxembo…

(Originally on Twitter: Mon Apr 22 15:04:25 +0000 2013)

@veorq for your information, the #CFP for #hacklu