I'm hoping that #7 wasn't important. :(
On Tue, Sep 20, 2011 at 11:52 AM, Roee Hay wrote:
> 1 Background
>
> Android applications are executed in a sandbox environment, to ensure that
> no
> application can access sensitive information held by another, without
> adequate
> privilege
On Wed, 21 Sep 2011 11:36:32 PDT, Andrew Farmer said:
> Not true - the multibyte sequences in UTF-8 text consist entirely of
> high-bit characters (0xC2 - 0xF4 initial, 0x80 - 0xBF continuation). All
> characters below 0x80, including ASCII control characters, are always
> mapped directly to the c
On 2011-09-21, at 09:55, valdis.kletni...@vt.edu wrote:
> On Wed, 21 Sep 2011 16:01:24 +0300, Dan Carpenter said:
>> Seems like a good time to promote David Wheeler's filename proposal:
>> http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html
>
> Unfortunately, David Wheeler's proposal h
Research@NGSSecure wrote:
> Vulnerable SUID script in (nomachine) NX Server for Linux 3.5.0-4
> (Advanced and Enterprise across redhat and debian hosts)
>
> 21 September 2011
>
> NGS Secure has discovered a High risk vulnerability in (nomachine) NX
> Server for Linux 3.5.0-4 (Advanced and Enter
FOREGROUND SECURITY, SECURITY ADVISORY 2011-002
- Original release date: September 21, 2011
- Discovered by: Jose Carlos de Arriba - Senior Security Analyst at Foreground
Security
- Contact: (jcarriba (at) foregroundsecurity (dot) com, d
On Wed, 21 Sep 2011 16:21:24 +0300, Georgi Guninski said:
> for a fishing expedition i need to generate a gpg key with prescribed key ID.
>
> is there a relatively easy way to do this?
It's intentionally difficult. It *is* possible to generate a key to match a
given key ID,
or even match a give
On Wed, 21 Sep 2011 16:01:24 +0300, Dan Carpenter said:
> Seems like a good time to promote David Wheeler's filename proposal:
> http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html
Unfortunately, David Wheeler's proposal has some implementation issues:
1. Forbid/escape ASCII control c
On 21 Sep 2011, at 17:14, Thor (Hammer of God) wrote:
> FYI
Yep, he already told us.
Don't run as admin, you're fine. And change the permissions of the dscl binary
to 0100 root:wheel if you can't trust yourself not to run malicious code. It
wants fixing, though.
Cheers,
Sabahattin
_
FYI
From: Raging Hagis
Sent: Wednesday, September 21, 2011 7:21 AM
To: Thor (Hammer of God)
Subject: Apple Lion OS Suffers From A Major Security Issue
Apple’s Lion OS X stores passwords insecurely, with the updated OS appearing to
be more vulnerable than its previous Snow Leopard and Leopard ver
Seems like a good time to promote David Wheeler's filename proposal:
http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html
regards,
dan carpenter
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter
i know i am dumb.
for a fishing expedition i need to generate a gpg key with prescribed key ID.
is there a relatively easy way to do this?
(don't feel like spending much time on this, RTFM failed, opportunistic
hex editing failed, couldn't locate where to patch gpg in 1 hour)
10x.
--
joro
__
On 21/09/2011 10:39, Cédric Jeanneret wrote:
> Consider using:
> rm ./*
I dont see why someone would know how to use '--' for touch and not for rm...
[jacqui@dieter test]$ touch -- -f -r
[jacqui@dieter test]$ rm *
[jacqui@dieter test]$ ls -l
total 0
-rw-rw-r-- 1 jacqui jacqui 0 Sep 21 12:53 -f
-r
All - It has been a few weeks now since I demonstrated the following at
44con (http://www.44con.com) and thus time to just dump the details here.
The following are what can only be described as 'design flaws' in
Trusteer Rapport's anti-keylogger protections, that is Rapport provides
the functional
Consider using:
rm ./*
this will prevent the dashed files to be taken as options..
Cheers,
C.
On Tue, 20 Sep 2011 13:29:11 +0300, Kirils Solovjovs wrote:
> Brought this up a year ago. Seems that no attention has been given to
> this so far.
>
> See this screenshot for PoC:
> http://02.lv/f/2010
All - It has been a few weeks now since I demonstrated the following at
44con (http://www.44con.com) and thus time to just dump the details here.
The following are what can only be described as 'design flaws' in
Trusteer Rapport's anti-keylogger protections, that is Rapport provides
the functional
TinEye never used to index Facebook, has that changed? Even if it has,
there's a half a dozen things wrong with that entire concept.
I've hit the /roadblock page quite a few times, and I've never been given
the same set of images. So unless it's easily reproducible (and wasn't just
a fluke for tha
> there is a really neat image search engine. You point it at an
> image (file->save image as?) and it will hunt down the URLs referencing
> similar images.
You're probably thinking of TinEye (tineye.com) but Google Images does
it now too.
___
Full-Dis
On 20/09/2011 06:04, James Fife wrote:
> I noticed a recent flaw in Facebooks security resolution process recently.
> After being asked to confirm my identity simply because I was using a
> different computer, I apparently took too long to
> identify my friends in their photos. However, I was abl
18 matches
Mail list logo
