Irregular Expressions

February 26, 2012  9:36 PM

Mobile malware report by Juniper

Posted by: Dan O'Connor

My personal belief for the last number of years and still currently is that his is the market to be creating malware in to make a profit.  It’s only going to get worse from now.  With mobile phones with banking apps now this is a juicy market to be in.

The report is here;

February 25, 2012  2:04 AM

P2V of a Windows 2000 machine

Posted by: Dan O'Connor
vshpere 5 w2k, vsphere 5 windows 2000, vsphere 5 windows 2000 conversion

Sounds so simple.

I started up my VMWare Converter and aimed at a Windows 2000 server, and it would not go?  That’s strange.

I tried a few times, still wont start.  Next I attempted to log in and run the client from the target, same issue but now I get a message that only XP and up is now supported.

Well does that not make for an afternoon, after a few attempts at other version I did get v4 to go.  I connected to the VCenter ok-ish.  It did work but I had to select a host and not the cluster also picking the datastore it was going to go to was not going to happen.  No matter what I selected it went to the first datastore on the host.

So the short version is that you need V4 and be prepared to move some machines around, but other then that success.

February 12, 2012  3:24 PM

Passwords in plain text

Posted by: Dan O'Connor

I have to admit I do not do very much web / app development.  Maybe a one or two times a year and I am not sure how you end up with storing passwords in plain text?

I guess you would have to write your own authentication, not sure why you would go through all of that when there is stuff already made. Strange.

February 9, 2012  8:20 PM

Symantec Source Code and Blackmail oh my

Posted by: Dan O'Connor
norton source code, pc anyware source code, symantec hack

If you have missed it, individuals claiming to be connected to anon have stolen source code to Norton AV and PC Anywhere.  They attempted to blackmail Symantec in to paying them to keep it under wraps.  From what I have been able to find the contact at Symantec was FBI, playing as an employee.

I would think that this will become more prevalent over the next 18 months, once one story like this goes around there will be copy cats.  More details;$50000-to-keep-symantec-source-code-private/

Also the code is posted on some bittorrent sites, I will not link to that.  If you really want it, it’s not hard to find.

February 9, 2012  8:15 PM

Sophos yearly report

Posted by: Dan O'Connor

Excellent recap of 2011.

February 9, 2012  8:13 PM

CRL’s being dropped from Chrome

Posted by: Dan O'Connor

A few links;

It makes no sense to continue to use the CRL.  My personal experience is limited with it, but I have to agree with the experts on this one.

February 3, 2012  2:36 AM

Dropbox not deleting files when requested??

Posted by: Dan O'Connor
dropbox, dropbox delete, dropbox privacy

February 2, 2012  9:21 PM

VeriSign hack (2010)

Posted by: Dan O'Connor
symantec hack, verisign, verisign hack

While it happened a while ago, it just came to light in a filing to the SEC.

The details in the story are lacking, but this type of attack can be very serious.  It also seems to be a trend of attacking certificate signors.  Having a legit signed bank or Google cert can net you a ton of money.

January 30, 2012  12:24 PM

FreeBSD 9 release

Posted by: Dan O'Connor

FreeBSD has released production version 9,

Some of the highlights;

  • High performance SSH
  • PowerPC Playstation 3 support
  • ZFS version 28

January 29, 2012  1:13 AM

This made my day

Posted by: Dan O'Connor

Very simple concept, and it does not surprise me that people are using this and banks are seeing a loss on it.  If you work for a FI it’s time to try it out and see if you need to get on the phone.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: