Last week, June 23 and 24 OWASP had it’s AppSec Research conference in Stockholm It was my first time attending, and definitely it was a unique experience. Although i would like to make a post about the talks and the people, i am making this one to simple show some pictures from the wonderful after-conference [...]

The past few months i have read 2 books, that although they come from different authors and deal with different subjects, the have something in common. The 2 books i am talking about are “Daemon” by Daniel Suarez and “This is not a game” by Walter Jon Williams. If you haven’t read the books, and [...]

Facebook’s popularity is getting bigger and bigger each day. Which is pretty good for Facebook, but pretty bad for the majority of users who have no clue about what’s going on One of the quotes i really used to like back in the old days, when i used to compile my own Linux kernel, was: [...]

Yesterday I was listening to a podcast from the pauldotcom crew, and they were talking about image metadata, and specifically about how pictures taken with iPhone contain a whole bunch of metadata, including GPS coordinates So, I decided to try it, with the following picture that I took some time ago, at the Greek embassy [...]

… every god damn fucking minute…

Today is Alexander’s godmother birthday I know that she is currently in Greece, but I decided to give her a call to wish her happy birthday So, I picked up my mobile (utilizing a Swedish operator) and called her mobile (which also utilizes a Swedish operator). I waited 5-10 seconds, and then i hear: Η [...]

Lately i played a bit with Ettercap. Great tool, great functionality. But it got me thinking. Especially when i tried Ettercap against a colleague’s system with the following filter in place: 01: if (ip.proto == TCP && tcp.dst == 80) { 02:    if (search(DATA.data, “Accept-Encoding”)) { 03:         replace(”Accept-Encoding”, “Accept-Rubbish!”); 04:         msg(”zapped Accept-Encoding!\n”); [...]

I made a new friend recently and after talking about a lot of things we touched the social media issue and especially Facebook What i found as really funny was the fact that she was very strong against opening a Facebook account. The official excuse was: “I do not want to post my private data [...]

I am thinking of writing some posts about the PCI DSS standard and its implementation. Unfortunately, we need to finish with the new kitchen in the apartment before i start this project, so it will have to wait for at least a week Stay tuned though cause PCI will take some beating!

Today i have been wondering about how PCI DSS defines “experienced penetration tester“. While on the subject, i received a link from a friend, from the “Firewall wizards” list, running on insecure.org Although the discussion originally focused on PCI DSS and firewalls, somehow the conversation took a turn into PCI DSS and penetration testing. An [...]