Using Cookies For Selective DoS and State Detection: “

28 posts left….

This is a continuation of he first post where we described how you can use cookies to DoS certain portions of the website. After our speech one of the Mozilla guys came up to us and described another attack that arises from this. Let’s say when a user logs in it sets a cookie that is 200 bytes long, and when they log out it re-sets the same cookie to 50 bytes. Well if the attacker can set a cookie with a particular path to a single image on the site, for instance, they can use JavaScript to check with an onerror event handler to see if the image has loaded.

Read more…

Using Cookies For Selective DoS: ” Read more…

Your Password Should Be At Least 12 Random Characters Long to Be Safe [Security]: ” Read more…

Simple arrays in C#: “

Quick Proxy Detection: “

32 Posts left…

Just a quicky post on how in Firefox you can detect proxies using image tags. Firefox (and possibly other browsers but I first saw it in Firefox) use [ ] to denote IPv6 (I believe that’s it’s original intention anyway) but it also works in IPv4.

Read more…

Hackers. Faceless people who deface government Web sites, who can peek into your computer without you knowing. What are they like? Forbes India asked Akash Mahajan, a Certified Ethical Hacker, for a few insights into the shadowy world.

Read more…

Convert EXT2 or EXT3 to EXT4 Without Reformatting Your Hard Drive [Linux]: ” Read more…

For eight years, Skype enjoyed selling the world security by obscurity. We must admit, really good obscurity. I mean, really really good obscurity. So good that almost no one has been able to reverse engineer it out of the numerous Skype binaries. Those who could, didn’t dare to publish their code, as it most certainly looked scarier than Frankenstein.

Read more…

Details of 100m Facebook users collected and published: ” Read more…

Denial-of-service attack on an email client: ” Read more…