Robby Pedrica's Tech Blog

Day: 8 August 2008

  • OpenID and SSL/DNS poisoning

    by

    Robby Pedrica
    in

    Ben Laurie of Google’s Applied Security team, while working with an external researcher, Dr. Richard Clayton of the Computer Laboratory, Cambridge University, found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue…

  • DNS – Source Port Randomisation

    by

    Robby Pedrica
    in

    Dan Kaminsky gave a very interesting talk on the recent DNS issues as part of the Black Hat USA 2008 conference currently on the go in Las Vegas. Originally DJ Bernstein had advocated ( and put into DJBDNS ) source port randomisation as part of the DNS request but no one else had as they…

  • Windows Vista insecurity?

    by

    Robby Pedrica
    in

    The following article comes courtesy of SDV: Some researchers at the recent BlackHat conference have been doing work in the area of Window Vista security and have ( apparently ) found a major hole whereby they can use .Net or similar scripting languages to effectively bypass the memory security functions built into Vista ( DEP…

x Powerful Protection for WordPress, from Shield Security
This Site Is Protected By
Shield Security