Back to Top

Tuesday, January 26, 2010

You go PHD Comics!

0 comments

PHD Comics is always great and hilarious (and worth to subscribe to if you are even vaguely related to the academic world - like trough a friend of a friend :-)) but there are those occasions when it is epic, like this one:

The media can almost never be trusted to get things right and we should get into the habit of questioning everything they deliver. Think for yourself people, get a grip on basic math and logic and learn how to dig up information!

PS. I'm not "new media", I'm just a raindrop :-p.

Carving out files with Perl

0 comments

I've had to use this trick a couple of times the last few years, so I decided that I might as well document it:

If you have an image of a storage media (like an SD card or CD/DVD) which you can not mount (either because the filesystem is hosed - that's a technical term for damaged beyond repair :-) - or because it uses some proprietary extension - *cough* MS *cough) and you know the approximate size of each file (maybe they are JPEGs or AVIs), you could adapt this script of mine.

What it does:

  1. It reads $search_buffer bytes from $input
  2. It looks for $header (as it is written it looks for RIFF, which means AVI or WAV usually - for JPEG you would use "\xFF\xD8")
  3. If it finds it, it dumps $extracted_size bytes from the given position (this should be set to be larger than the biggest file you expect)
  4. It not, it seeks forward $search_buffer - length($header) (to handle the cases when the header is split by the border of the buffer)

The script is not perfect (for one it tries to load the entire file into memory before writing it out; it also doesn't do any validation of the fileformat, thus possibly creating some garbage output), but it worked well for me in the past, so I thought I share it.

PS. If you need some more serious file recovery, you might want to look at PhotoRec and TestDisk. They are both free (as in freedom - GPL license) and seem to be great programs (I never actually managed to get them to recover more than my little cobbled together script, but I might have some very particular usecases).

Monday, January 25, 2010

Should I use RoboForm?

6 comments

A little background about this post: while I was vaguely aware of RoboForm, I never took a closer look at it until I saw the following post by Derek: Beware of fake shopping sites. What it basically says is that a password manager (such as Roboform) will help you avoid phising sites, because it will observe the different URL and will not pre-fill your contact details, thus providing you with an additional warning sign that something is phishy :-)

I have a great deal of respect for Derek so I did some quick checking around the product. Here are my findings:

  • My first question was: how does the company behind Roboform make money? Because if they don't have a clear way of making money and they are giving away the product for free, you might start to wonder - aren't they giving away my information to make money? I was relieved to find that they have a pro version which costs money. This doesn't necessarily mean that they aren't giving away your information, but there is one less reasons for them to do so.
  • The animated banner ad reminded me of some "smiley toolbar" advertisements which lead to adware, but taste is relative :-). An other marketing method of them which I personally found distasteful (although it is certainly legal) is the "Free Password Scan". This is a small tool which, when executed, shows the saved passwords from IE and Firefox. The purpose of this - I assume - is to show how "insecure" those browsers are (BTW, if you need such a tool, I would point you towards the NirSoft utilities). I dislike FUD and negative campaigning (sadly it works quite well).
  • A quick test in a VM showed it working as advertised. I have one remark though: while it doesn't store the master password in memory (as the setup boldly points out), it stores the individual account passwords in clear-text when it is unlocked. You can check this out using something like Process Hacker or Process Explorer. You should point them to the actual browser process, since it is there where the passwords are stored, rather than the main RoboForm process.
  • One thing which Roboform doesn't do is to differentiate between the HTTP and HTTPS version of the sites. It happily fills the secure version of the page with credentials saved on the insecure version and vice-versa, potentially exposing the user to and sslstrip type of an attack, which becomes more and more important because of the wide use of wireless technology.
  • Finally, I would like to comment on something Derek wrote in his post (so this is not an official statement from Roboform as far as I know): "ROBOFORM ... keeps all passwords in a secure encrypted database that only you (not a keylogger or malware) can access and use it". This is and isn't true. It is true that keyloggers won't see your individual passwords, but it will see your master password (!!!). Also, while Roboform will protect you against malware which specifically targets the password store of browsers (and there are quite a few of those out there), it will not protect you against the ones which inject themselves in the browser and simply capture the contents of any HTML forms which have an INPUT element of type PASSWORD in them - of course neither will SSL/TLS. And there are quite a few out there which do this.

In conclusion: I wouldn't trust my sensitive passwords to a closed source program and I would always go with an open-source alternative. Roboform isn't vastly superior in any particular way and the marketing around it leaves a sour taste in my mouth.

BTW, the links on Derek's site are affiliate links - which is all nice and good, I too have affiliate links in my blog postings occasionally - but I would have liked a clear disclosure about this fact.

Who feeds me? (with information)

0 comments

I received a private request to share the feeds which I read, an I though to do it publicly, since there might be other people interested in it (yeah, right :-p). Also, the least I can do is to post a link back to the authors website. So grab my OPML file or see the complete list below. Disclaimer: the presence of a given site in the list below shouldn't be seen as an endorsement. I read a couple of feeds to "hear the other party". Also there are a couple of dead feeds in were not cleaned up. So in no particular ordere here are the feeds:

blog.avast.com

000webhost hosting scam

Catherine: pyOraGeek

cktricky and Web Application Security

Comments on: yLife: Open database for Yu-Gi-Oh duels proprietary alternatives

Deep Rants

Digital Forensics Journal

Domber's Basecamp

DonationCoder.com Radio Show Podcast

ECE264 BoilerCast!

ECON251 BoilerCast!

eDave.org

English 1154

Eric Cherng

ESPM 160AC: American Environmental and Cultural History

Evilcodecave

Featured's Screencast.com feed

feed/http://www.101webdesignshow.com/xml/feedmp3.xml

Firefox Power

flytecast: web strategies for small business

Fresh Voices - powered by PodTech

Freshtopia.net

Friends in Tech

Friends Of The Fringe

FS651 BoilerCast!

Fuming Incense Stencher

Geek Pit

Geekdrome MP3 audio

Geo 10: World Regions, Peoples, and States

George Ou

Global Nerdy

Google App Engine Blog

Hak5 Rainbow Tables

Help Desk Talk

History 5: European Civilization from the Renaissance to the Present

Humanized Weblog

IDS 110: Introduction to Computers

igxglobal Daily Security Briefing

InDigital

Indy News

Information Architecture (IA) Podcast Show Notes

InfoSec Jobs

InfoSys 296A-2 / Law276.8: Open Source Development and Distribution of Digital Information: ...

InfoTalk - powered by PodTech

Intel - powered by PodTech

Intel Software Network RSS feed for Podcasts

Internet2 Network Upgrade

IPPH362 BoilerCast!

IT Conversations

IT345 BoilerCast!

ITIdiots Show Feed

iVirtua Podcast

Joomla! powered Site

Juniper Networks - powered by PodTech

Juniper Networks J-News - powered by PodTech

Justin & Lindsey's Adoption Story

Kevin's eLearning Blog

Koral Blog

Less Than 3

lifehack.org

Limited-Exposure :: Networks, Security and Technology | News, Reviews, and Opinions

Linux on the desktop

Local Area Security

Maeda's SIMPLICITY

Magnus Hagander's PostgreSQL Blog

MainFunction::Editor's Corner

Marketing Voices - powered by PodTech

MATH154 BoilerCast!

Matt Hempey

MCMP304 BoilerCast!

MCMP311 BoilerCast!

Me & The World

Mike Christensen: Web Dev Guy

MSDN Magazine - Cutting Edge

msdn's Showtime

Mubix's Links

muzikDEN h.264

NerdTV - MP3 Podcast | PBS

NETGEAR - powered by PodTech

Network Consulting Services

Network General Sniffer Cast - powered by PodTech

NODE101

Nontourage

norbtek.info

NotParanoia Podcasts

OLS274 BoilerCast!

OLS274G BoilerCast!

Ownedcast

Paul Thurrott's Internet Nexus

PHIL103 Introduction to Philosophy

PHPR476 BoilerCast!

PLANET WEBSECURITY

PodSummit - powered by PodTech

PodTech News - powered by PodTech

POL101 BoilerCast!

Polycom - powered by PodTech

PolySci 179: Undergraduate Colloquium on Political Science

PowerUser.TV (Power User Podcast)

Practical Web Design

Psychology 116

radare pvc

Raganwald

REblog

Robert Schmelzer is Thinking about IT

SABAGsecurity

Scott Stanfield

Seagate Backup Awareness Month - powered by PodTech

Search Engine Optimization(SEO) Mr SEO's Podcast

Secure IT Live

SecureBlog

Security and Secure IT

Security Renaissance

Security Wire Weekly

Security-Protocols

Sick of spam? Get mad and get even: Blog

SOC100 BoilerCast!

SOC100T BoilerCast!

SOC312 BoilerCast!

Software, Technology, and Science

Spam chongqing

SPCH101 Oral Communication in Contemporary Society

SploitCast

Stat 2: Introduction to Statistics

Steven Sinofsky's Microsoft TechTalk

Stranger Things - iPod (640×480)

SWTC CourseCasts: 806-177-01 A&P

Symantec - powered by PodTech

Symantec Security Response Podcast

Tales From Boxcat Junction

Tasty Research

Technobabylon

the Accidental Creative

The Bleeding Edge

The ColdFusion Podcast

The Command Line

The Cubicle Escape Pod

The Cubicle Escape Pod Blog

The Digital Standard

The Dilbert Blog

The Front Line Trendcast for Medium Business: Medium Business

The Hacker's Choice - News

The Laws of Simplicity

The Medium Bagel

The Official Parallels Virtualization Blog

The Podcast Academy

The Register - Software: Open Season

The Security Hookup Vodcast

the show with zefrank

The SOX Jockey

The Tucows Blog

the TwitFeeder blog

TheLinuxDiaries

trimMail's Email Battles

Unplugged

Virtual War Unlimited

Web Design & Development Podcast by Engines of Creation.com

Web Standards Group PodCasts

webcast.berkeley: UC Berkeley Events | All

Webstock - News

::Planet PostgreSQL::

Bad CTK

blog

Brian "Krow" Aker's Idle Thoughts

CMD: Joshua Drake's Blog

Database Geek Blog

Databases and Performance

Denish Patel

Devrim's PostgreSQL Diary

Diamond Notes

DimitriK's (dim) Weblog

domas mituzas: vaporware, inc.

EnterpriseDB News

Everything is Data

Frakkle

Fujitsu Supported PostgreSQL blog

Greg's Postgres stuff

I'm just a simple DBA on a complex production system

Just a Theory

Magnus Hagander's PostgreSQL blog

Monty says

MySQL Performance Blog

Nati Shalom's Blog

Open Query blog

ORACLENERD

Paul Ramsey

PGSQL_Announce - TwitFeeder

Postgres Database News

Roland Bouman's blog

The Database Column

Xaprb

zillablog

Aaron Margosis' WebLog

Absoblogginlutely!

Adam M Craven's Technical Blog

Advice and Opinion - Executives Online

Anchor Web Hosting Blog

Andy ITGuy

Apache Infrastructure Team

Backblaze Blog

CCIE Lab

Deb-Tech

DynDNS

dyninc - TwitFeeder

Eating Security

Ed Bott's Windows Expertise

Everything Sysadmin

Friends in Tech

George Ou's technology blog

Grand Stream Dreams

IT Law in Ireland

Justin James' Critical Thinking

kasia in a nutshell

Life Pattern

My Green Paste, Inc.

N.E.R.D.

obijuan: [techno]plebe

PacketLife.net Blog

Personal website of Dave Hope

Random things in IT

Retro Computing

Righteous IT

Roger's Information Security Blog

Security Blogging under a mask

Sharky's blog

Standalone Sysadmin

Starinfosec

sysadvent

Systems Engineering and RDBMS

There is a small blog here.

Thinking about IT

VPSLink Blog

Within Windows

Yet Another IT Guy

Hirek.com

Slashdot

.NET Rocks!

A Couple Of Admins Podcasting

Adventures in Security

An Information Security Place

AudioParasitics - The Official Podcast of McAfee Avert Labs

Binary Revolution Radio

Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference.

Blue Box: The VoIP Security Podcast

Brad Pollard's 140 Seconds

brucon podcast

bsdtalk

Buzz Out Loud from CNET

Career Tools

CastaBlasta

Casting from the Server Room

Cloud Security Podcast

CNET News.com: Security Bites

ColdFusion Weekly

ComodoVision

CyberSpeak Podcast

Daily Internet Storm Center Threat Update

Dan Bricklin's Log Podcast

dConstruct 2007

Dr. Kiki's Science Hour

ESET Podcasts

Eurotrash Security Podcast

Exotic Liability

FLOSS Weekly

Forensic 4cast

FourBitsWorth

free-as-in-node

FRONTLINE - Reports | PBS

Hanselminutes

In the Trenches

Internet Storm Center Threat Update

Johns Hopkins University Podcast - Exploring Liberal Arts

Jupiter Broadcasting

Justice Talking

LugRadio (high-quality mp3)

Manager Tools

Marketplace - Marketplace Whiteboard

Millahseconds

Mondays

Network Security Blog

Network World's Twisted Pair

Open Voices: The Linux Foundation Podcast

OurSQL: The MySQL Database Podcast for the Community, by the Community

OWASP Security Podcast

Pandora Podcast Series

PaulDotCom's Web Site

Perlcast

php|architect's Pro PHP Podcast

PodVentureZone

Polymorphic Podcast

Pond Jumpers

Radio Free Security

Risky Business

Ruby on Rails Podcast

Run Your Own Server

RunAs Radio

Security Justice

Security Now!

Software Engineering Radio

Sophos Podcasts

SourceTrunk

SQL Down Under

stackoverflow

stackoverflow

TalkCrunch

The Algorithmic Trading Podcast

The Algorithmic Trading Podcast

The HTML Show

The IT Security Pubcast

The Java Posse

The Linux Action Show! Podcast

The Reality Check Security Podcast

The Rear Guard

The Security Roundtable

The Silver Bullet Security Podcast

The Software Freedom Law Show

The Southern Fried Security Podcast

The Thirsty Developer - Podcast

The Web 2.0 Show

The WordPress Community

thelip

This Week in Google

this WEEK in LAW

this WEEK in MEDIA

This Week in Startups - Audio Only

this WEEK in TECH - MP3 Edition

TPN :: The Cranky Middle Manager Show

TWAT Radio

Ubuntu UK Podcast » mp3-low

Uploads by pennsays

UXpod - User Experience Podcast

Valid Syntax

Warwick Podcasts

WeatherBrains

Web Axe - Accessibility Tips

Web Design Advice (boagworld.com)

WebDevRadio Podcast home - web development discussion

Welcome to the TechPodZone!!!!

Wie war dein Tag, Liebling? Mit Anke Engelke und SWR3-Moderator Kristian Thees

Wikipedia Weekly

WinDirStat weblog

Windows Weekly with Paul Thurrott

Zend Developer Zone | php_abstract

0x2121.com

Abstruse Goose

Bug Bash

Code Comics (Comics)

Ctrl+Alt+Del

Demotivator Blog

Dilbert

Dilbert Daily Strip

Doomed to Obscurity

Explosm.net

Fredo and Pidjin. The Evil Comic.

Kevin and Kell

Looking For Group

Nerdcore: The Core Wars

OK/Cancel

OSNews Comics

PHD Comics

Reverend Fun

The 5th Wave - goComics.com

Ubersoft.net: Technology Is Not Your Friend

Userfriendly With images

Wondermark

xkcd

xkcd.com

YAISC

Avi Kivity's blog

ChrisWolf.com

Fun with virtualization

rakeshm's VM Management Blog

Robert Larson

The Virtual Data Center

Virtual PC Guy's WebLog

Virtual Scoop - latest scoop on virtual machine technology

VMware Security Blog

Windows Virtual PC

Windows Virtualization Team Blog

www.run-virtual.com

0xDECAFBAD

Ajax Cookbook

Apache Friends News

as days pass by

Chris Shiflett

Chromium Blog

Dare Obasanjo aka Carnage4Life

Davis Freeberg's Digital Connection

deconcept

delicious blog

DOM Scripting Blog

Elsewhere on the 'Net

Extra Pepperoni

Firebug - Web Development Evolved

ginger's thoughts

Google Analytics Blog

Google Custom Search

Google Enterprise Blog

Google Operating System

Google Website Optimizer Blog

hackaddict.net

hacks.mozilla.org

html5doctor

Joe Walker's Blog

Kalimat al-Mutafalsif

Matt Cutts: Gadgets, Google, and SEO

mnot’s Web log

molly.com

Niche blogs with Google AdSense

No Such Weblog

Official Google Blog

Official Google Reader Blog

Official Google Webmaster Central Blog

opencomponentry

Pete Lacey's Weblog

PeteL's Blog

Powerset Blog - Home

Push cx

QuirksBlog

scriptNode

Snook.ca

The Official FireHost Blog - Secure Web Hosting

The Opera Rootstore

Videos uploaded by websiteoptimizer

Vitamin

Web Standards with Imagination

Web Things, by Mark Baker

www.seoidiot.com

- biht -

-: A Random View of an Insecure World :

...And you will know me by the trail of bits

...And You Will Know me by the Trail of Bits

.:Computer Defense:.

0Kn0ck's Blog - dt sns!_*

0x000000 Security

1 Raindrop

4 X Security Team

:: extra ::

A for-now blog of Araz Samadi

A Spamtracker's Blog

abuse.ch

ADD / XOR / ROL

Adobe Product Security Incident Response Team (PSIRT)

Al Iverson's DNSBL Resource

Alex Ionescu's Blog

Alex's Corner.....

Ambersail Infosec Roundup

Amir Lev's blog

Andrew Martin

Anti Rootkit Blog

Anton Chuvakin Personal Blog

Application & Threat Research Center

Artists Against 419

asmatiks' zone

Attack Research

Australian Honeynet Project - Australian Honeynet Project

av-rage-english

Avi Rubin's Blog

Aviv Raff On .NET

AwghBlog

ax0n - TwitFeeder

azmo|aore

BenEdelman.org

BindShell.Net

Bits from Bill

BjOG - Bjou's Blog, that is!

[Black Security]

blackbag

Blog

Blog ESEC Lab

Blog.DanYork.com

blog.zynamics.com

BlogSecurity

BlueHat Security Briefings

botnetz.com

Bradley Schatz' Weblog

Breaking Code

BreakingPoint Labs Blog

C skills

C.I.S.R.T.

call dwerd ptr [6c756973]

Captain's Blog

Carlos Perez's Blog

carnal0wnage.attackresearch.com

CERIAS Combined Feed

Certifiedbug.com

Checkmate

CHINAYOUREN

Chris Quirke's Blog

Christian Seifert's Blog

christian's weblog

Christophe Pradier on Security

Cisco Security Blog

Clerkendweller : Web Security, Usability and Design

Cloud Security Alliance Blog

Coding Insecurity

Columnist Guild Blog

Commtouch Café

Community Crisis Response Teams

Computer and Network Security, Mamak Style

Computer Forensics, Malware Analysis & Digital Investigations

Computer Security Is My Interest!

contagio

cr0 blog

Crash-At-A-Time

cruft

CyberCrime & Doing Time

Daemon on Security

Damn Spam!

Dancho Danchev - Mind Streams of Information Security Knowledge

Dasient Blog

Datasets for the Research Community

Dave Piscitello's Personal Web Log

dave_rel1k - TwitFeeder

DCS Security

Decurity Blog

Defence Intelligence

Defensio, the blog

Devels playground

/dev/random

DiabloHorn

Didier Stevens

Digital Forensics and more

Digital Soapbox - Information Security, Risk & Data Protection Blog

DISOG

DK 'Log

Donkey On A Waffle

Don't Stuff Beans Up Your Nose!

DoxPara Research

Dr. Antonio Nucci

Dribble

DVLabs: Blogs

Dynamoo's Blog

Educated Guesswork

eEye Digital Security - Zero-Day Tracker

eEye Research

Electric Alchemy

EM_386

Episteme: Belief. Knowledge. Wisdom

Errata Security

Everlasting Wanderer

Evil Fingers - The Blog

EvilFingers

Exploit Prevention Labs

Extended Subset

extern blog SensePost;

extraexploit

Extreme Security -- Do It Securely or Not at all !

Facebook Application Smashing

Farfromr00tin

Fast Horizon

Financial Cryptography

Finjan MCRC Blog: Posts

Fitsec - Information Security Blog

Fix Winfixer!

Forage Security Inc.

forensic . seccure . net

fred avolio's musings

Fred Avolio's Musings

fudsec.com

Full Decent Life

G-SEC - Blog

GhettoWebmaster.com

Gimme Hardware/Software Interface.

GlasBlog

GNUCITIZEN Media Portfolio

Google Online Security Blog

Greg Martin's blog - InfoSecurity 2.0

Gustavo Duarte

gynvael.coldwind//vx.log (en)

HacDC

hackademix.net

hackers @ microsoft

HackersBlog

halsten

Happy Packet Blog

haxorthematrix - TwitFeeder

Hex blog

HEXALE (security. reverse engineering. stuff.)

HexEsec

HiR Information Report

hiredhacker.com

HolisticInfoSec.org

honeyblog

Hostexploit

Hosts News

hpHosts Blog

I Kill Spammers

IBM Internet Security Systems Frequency X Blog

IBM Rational Application Security Insider

iDefense Labs Software Releases

idleloop

Iljas Blag

IncrediBILL's Random Rants

Indefinite Studies

Infinite second

Information Centric Security

Information Security is not an Oxymoron

Information Warfare Monitor

InfoSecPodcast

Innovations Blog

inREVERSE

Insanely Low-Level

insanesecurity

(IN)SECURE Magazine Notifications RSS

Into The Boxes

Invisible Denizen

invisiblethings

iplosion security

Irongeek's Security Site

(ISC)2 Blog

j00ru//vx tech blog

Jack In The Box

Jaime Blasco Blog

Jeff Jones Security Blog

Jeremiah Grossman

JL's stuff

jnavarro.net

Joe Wein's blog

Join The Revolution!

jon.oberheide.org

Joshua "Jabra" Abraham

jsunpack blog

just security !

Kees Leune

K'LL3r

KOrUPt

KPNC

Krebs on Security

Laramies Corner

Larry Osterman's WebLog

Latest Alerts From Websense Security Labs

Latest web hacking incidents

Laurent Gaffié blog

Light Blue Touchpaper

LiveAmmo Computer Security News

Lookout

Lostmon Blogger

LURHQ

Lvdeijk's Blog

M-unition

majii's blog

Malware Analysis InDepth (MAI)

Malware Database

Malware Forge

Malware Web Threats

Malware-Research

MalwareResearchGroup

Marco Ramilli's Blog

Marcus Ranum, computer security, photography, and other weirdness

Mark's Blog

matchent.com

Matousec - Blog

Matousec - News

Matt Blaze's Exhaustive Search

Matthieu Suiche's blog !

MBs Windows Security

McGrew Security Blog

mcwresearch.com

Metasploit

Michael on Security - Comments

miekiemoes' Blog

Mighty Seek

Mike Rothman's blog

Minded Security Blog

Mischel Internet Security - Blog

MNIN Security Blog

Mozilla Security Blog

MSRC Ecosystem Strategy Team

Mu Dynamics Research Labs

Mubix Links

Musings of an Over-Grown Dwarf

Musings on Information Security

MW-Blog

mwcollect.org News

mwcollect.org News

mxlab - all about anti virus and anti spam

myf00

Nart Villeneuve

Neil Carpenter's Blog

Nenad Vijatov • 0x4e 0x56

Neohapsis Labs

Neohaxor.org

Netcraft

Network Forensics Puzzle Contest

Niels Provos

Nitesh Dhanjani

NNL-labs

Node 5

Notes & Thoughts

NoticeBored blog

NP-Incomplete

NTCore Blog

Nynaeve

nzight

Observations of digitally enlightened mind

ocean's InsecLab

Off by On

Offensive Computing - Community Malicious code research and analysis

Offensive Security Blog

Old McDonald's Farm

Omnivora

Open Information Security Foundation

OpenDNS Blog

OpenRCE: Articles

OpenRCE: Site Updates

OSF Data Loss Database Blog

oxff's Blog

p42 labs

Pablo Rincon

Paranoid Linux Ninja Geek

pastebin.fail

Pat's Daily Grind

PaulDotCom Community Blog

Pentoo's blog

PeskyMalware.info Feed

philosecurity

Phn1x - Hamsterswheel

PHP Security Blog

PHPIDS » Web Application Security 2.0

PHX2600

Piotr Bania Chronicles :: http://blog.piotrbania.com

PlanAHeist.com

Planete Project

Plausible Deniability

Poromenos' Stuff

Powered by Mambo 4.5.2

Privacy, Security and UI Review

Professional IT Security Providers - Exposed

Programming stuff

Push the Red Button

RaDaJo (RAul, DAvid and JOrge) Security Blog

Rafal Los

Ramblings of the änal security guy

Ramblings++

Random stream of chars

Random Thoughts from Joel

RCE Cafe

Reading a Hacker's Mind

REblog

Reiners' Weblog

Renesys Blog

Report Security Flaws

Reusable Security

Reverse Engineering b10g | REM

ReverseEngineering: what's new online

Reversing folies

Reversing It Out!

Ribadeo Hack Lab - Articles

Richard WM Jones

Ride The Lightning

Ring3 Circus

RioSec - Security WebLog

RLR-UK

Robert Hensing's Blog

Roger's Security Blog

Rogue Antispyware

Room362.com

root labs rdist

Rooted Your {0x2E} Com

ryanlrussell

S!Ri.URZ

s3c-watch

SANS Internet Storm Center, InfoCON: green

Santi 'Log

ScanSafe STAT Blog

Schmoilitos Way

Schneier on Security

Science and Language

Sean's Blog

Secdev - Thierry Zoller

SecSci Social Scene

SecTech

SecTechno

Secure Computing: Sec-C

Secure Home Networks

SecureThoughts.com

SecureWorks Research Blog

Securi-D's Weblog

SecuriTeam Blogs

Security

Security

Security and Privacy

Security Balance

Security Cadets

Security Fix

Security For All

Security for Canadian Developers

Security Garden

Security Insights Blog

Security Is Simple: Only Use Perfect Software

Security Mike's Blog

Security Ninja

Security Onion

Security Product Testing

Security Research by Alexander Sotirov

Security Retentive

Security Ripcord

Security Ripcord

Security Sauce

Security Second Thoughts

Security Tips & Talk

Security to the Core | Arbor Networks Security Blog

Security Vulnerability Research & Defense

Security-Hacks.com

Security-Shell

Security4all

SecurityZone.org

SecurityZone.org - Information Security Blog

Securology

Securosis Blog

securosis.com

ShackF00

Shadow Security

Silviocesare's Weblog

sirdarckcat

skeptikal.org

slight paranoia

Small Blue-Green Blog

SMBlog -- Steve Bellovin's Blog

SNOsoft Research Team

Software Vulnerability Exploitation Blog

Someone Else

souriz's weblog

Spacequad AntiSpam Services

Spam in my inbox

Spamhuntress

SpamIt Must Fall

Speaking of Security, the RSA Blog and Podcast

spl0it.org

spylogic.net

Spyware Sucks

Spyware Warrior

Stacks of Shame - an epitaph of bad coding...

Stefan's Computer Center

stephen r. moore

StopBadware Blog

strings /dev/brain

Stuff n Things

sudosecure.net

Suspekt...

Swatkat's rants

SynJunkie

System Advancements at the Monastery

System Integrity Team Blog

Taking Network Security to the Streets

Tales from the Crypto

Techie working in a corporate world

Technicalinfo.net Blog

Telic Thoughts

terminal23

Terry Zink's Anti-spam Blog

The Antivirus Guy Blog

The Art Of Noh

The Dark Visitor

The Day Before Zero

The Ethical Hacker Network RSS News Feed

The Final Stream

The FORWARD project blog

The Guerilla CISO

The Honey Stick Project

The HP Security Laboratory Blog

the JoshMeister on Security

The Merchant Account Blog

the Month of PHP Bugs

The NoAH Blog

The Real Hustler

The SABRE Lablog

The Security Development Lifecycle

The Security Shoggoth

The Security Skeptic

The Spamhaus Project News Blog

The Spanner

The SpywareGuide Greynets Blog

Threat Chaos

Threat Researcher

ThreatExpert Blog

ThreatLevel - TwitFeeder

time to bleed by Joe Damato

(title unknown)

Tor: The Blog

trapkit blog

Tricks of the Trade

tssci security

tssci security

TwitPwn

Tyler Spivey's blog

Uncommon Sense Security

Under The Hood - Matt Pietrek

Unmask Parasites. Blog.

UploadMalware.com's Malware Blog

Uploads by teamcymru

VERT

ViCheck Malware Trends

Virus Blog

Vitalsecurity.org

Vitalsecurity.org

Volatile Systems

VRT

Vulnerable Minds

Vulnerable Minds

WA GWAN HAX STAR

WabiSabiLabi's blog

WAVCi

wblog3

Web Security Blog

Web Security Blog by Purewire

Websecurity.ro

Websense Security Labs Blog

Welcome to the dregs of my mind

When {Puffy} Meets ^RedDevil^

WhiteHat Security RSS Blog Feed

Will Hack For SUSHI

Windows Incident Response

Windows Live OneCare Team Blog

Wintercore

winternals: Windows OS internals and programming

worm blog

WVE Recent Entries

www.rootkit.com

xorl %eax, %eax

xorlgr - TwitFeeder

XSSed syndication

Yet Another Infosec Blog

Zaphod's Web Wanderings

Zero in a bit

Zone-H syndication

Zscaler Research

All about Linux

Full Circle Magazine

J_K9 @ Linux

Lightweight Linux

Linux Gazette

Linux.com :: Features

Mostly Linux

My life's journey

shotofjaq - TwitFeeder

The Linux Society - The AberTayLUG

Ubuntu Linux Blog by Ralph

Yet Another Linux Blog

Anti-Malware Engineering Team

anti-virus rants

Application Control and Device Control for Windows Desktops

Assa's blog

Authentium Virus Blog

AV-Comparatives weblog

avast! blog

Avira - TechBlog

Blog VirusTotal

CA Security Advisor Research Blog

Chester Wisniewski's Blog

Clamwin RSS Feed

Countermeasures

eSage Lab company news

F-Secure Antivirus Research Weblog

F-Secure Linux weblog

FireEye Malware Intelligence Lab

Forefront Client Security Team Blog

Fortinet FortiGuard Blog

Graham Cluley's blog

iAntiVirus Blog

Kasperky Lab Weblog

Malware Diaries

Malwarebytes blog

Marshal TRACE News

McAfee Avert Labs Blog

McAfee SiteAdvisor Blog

Microsoft® Malware Protection Center

MoMusings

NanoScan Blog

News from the Lab

News from the Lab

Norton Protection Blog

Notes & Thoughts

Panda Research Blog

Paul Ducklin's blog

PGSurfer Block Watch

Prevx Blog

Roger Thompson

Schouw's Blog

Security Response Weblog

SophosLabs blog

SunbeltBLOG

Symantec Connect - Security - Blog Entries

The AVIEN Blog

ThreatBlog

ThreatFire Research Blog

TREND MICRO Security Blog

TrendLabs | Malware Blog - by Trend Micro

Virus Lab

Welcome to AMTSO - The Anti Malware Testing Standards Organization

Zª╔εs±é└

ASCII by Jason Scott

bin-false.org

blog.reddit -- what's new on reddit

Bob Frankston's Writings

Freakonomics

Google Logos

Grooveshark

grooveshark - TwitFeeder

I Heard It On NPR

Isotopia - Variations, on a theme<br/><small><em> Home of Xenon's Stuff</em></small>

Johannes Koelman's blog

Lunduke.com

Not Always Right | Funny & Stupid Customer Quotes

Rosswriting

The Pathos Daily

The Quantified Self

The “Blog” of “Unnecessary” Quotation Marks

Things That ... Make You Go Hmm

Unenumerated

Watch The Fishers!

writequit (:wq)

Yahoo! Mail Blog

Zero Gravity

Andreas Gohr: Weblog [splitbrain.org]

ch!mer!c.de

CH!MER!C.de

ch!mer!c.de blog

DokuWiki at Yahoo! Groups

Blog Entries

FeedBulletin for: sandrosaitta

Life Analytics

Neural Market Trends

2007 Perl Advent Calendar

2008 Perl Advent Calendar

2009 Perl Advent Calendar

Audrey

Dev411 Blog

Modern Perl Books, a Modern Perl Blog

Nordic Perl Workshop 2009

Not this...

Parrot

Perl 6 Advent Calendar

Perl Buzz

Perl Hacks

Perl Tips

Perlgeek.de

perloneliner - TwitFeeder

Planet Perl

plasmasturm.org

Project Hum

RJBS Advent Calendar

Roth Consulting Blog

Shlomi Fish's Journal

Twitter Content

YAPAC

{ Parsed Content };

Add GUID

Google Alerts - cd-man

Google Alerts - hype-free

hype-free

Software Engineering Radio - Comments

8 bits

A Computer Scientist in a Business School

A Hole In My Head

Aaron Bockover

Achmad Z's Archives

acme's bits

App Engine

Atarininja

Atlassian Developer Blog

Attic #42

bagder - TwitFeeder

Beautiful Code

Bitbucket

Black Magic Code

Blog of Metrics

Breaking Eggs And Making Omelettes

Chris Jackson's Semantic Consonance

Cipher Prime Blog

Cliff Click Jr.’s Blog

Coding Horror

Coding the Wheel

CosmoCode Blog

craigrow

Dan Bricklin's Log

Dan Weinreb's blog

daniel.haxx.se

Danny Tuppeny

DebugInfo.com - Oleg Starodumov

dive into mark

Doboism

Encytemedia - Home

Eric Fortier's Bridging The Gap

Evil Fish

Evil, as in Dr.

Experimental Turk

felipe's Blog

foobar: foobar on computers, software and the rest of the world

GLOG

good coders code, great reuse

Google Code - Updates

Google Open Source Blog

hackety org

HackMii

Hardwarebug

Hexadeciman - 16-bit Programming Blog

Humboldt Solutions

I. M. Wright’s “Hard Code”

If broken it is, fix it you should

it's all guid

jCraze Blog

JEDI Windows API

JeffCroft.com Journal

Jensen Harris: An Office User Interface Blog

Jeremy Zawodny's blog

Johann Burkard

Kernel Mustard

Krugle Blog

Laurentiu Cristofor's blog

Manuel Aldana

MaraDNS

Mechanix

Microsoft Office 2010 Engineering

mishou.org

Mixxx Development Blog

Monsters Got My .NET

Moserware

Murray Sargent: Math in Office

Nadia Alramli's Blog

NASA NEBULA News

NDIS Musings

Nektra Advanced Computing Blog

Neopythonic

Net::DNS maintenance Blog

NetBeans Profiler

Nikolay Igotti

Nothing For Ungood

Ntdebugging Blog

Otaku, Cedric's weblog

Paint.NET

Personal website of Dave Hope

PHP Advent

Pidgin News

Qef's Blog

Quoderat

REblog

RED news and information

RemkoWeijnen.nl

Roads Less Taken

Scott Hanselman's Computer Zen

slayeroffice.com - web experiments gone horribly awry

Squawks of the Parrot

stackoverflow

steike.com

Stevey's Blog Rants

Suckbusters! from David Platt

Tales of a Code Monkey

tenshu.net

Terminal Services Team Blog

The Audio Fool

The Braidy Tester

The Data Compression News Blog

The GitHub Blog

The History of Python

The Old New Thing

The Oracle at Delphi

The PowerPoint Team Blog

There’s not a moment to lose!

Thormick's Tech Blog

Tim Starling's blog

Toolness

VirtualBlog

Windbg by Volker von Einem

WinDirStat weblog

Windows Insight Blog

WinDrvr

About Romanian Web Security

Adi Roiban

AlexJ

asdf vs hjkl

BalaBit Corporate Blog

BalaBit IT Security Blog

Bani pe net - by Cotiso

Big Lazy Sysadmin

Blog ingineresc

Blog uitat de lume

Ca să nu uit

Cafea cu Zahar

Comentarii pentru: Startup JUG Cluj Napoca

Convertor.ro

diacritica

edy si lory

Grupul pentru software liber

JAVA User Group Cluj-Napoca, Romania

Jurnal de noapte

La Andu

Life is life [Tudor Salomie's Blog]

Logica economica

My playground

Plastic-Smil3

puiutu de sub pod

re:Fresh

Skunkworks

Strange Theories

StudentClub

Symbianized.net

Transylvania JUG Google Group

transylvania.java.user.group's Photo Gallery

tudy .ro - Tudor Damian

Twindows Internals

Twitter / vtopan

UberGeek

Webdevelopment with Style

Weblogul lui Zoli

twitter - TwitFeeder

Twitter Blog

Econbrowser

Exchanges

Finance Blog

MintLife Blog | Personal Finance News & Advice

Mish's Global Economic Trend Analysis

naked capitalism

neuralmarket - TwitFeeder

Rortybomb

The Market Ticker

Tim Harford

zero hedge - on a long enough timeline, the survival rate for everyone drops to zero