Aug 29

SA VANS can self-provide

Geek No comments »
Geek

Our ridiculous communications minister's ridiculous mishandling and contradictory corruption has finally come up against the light of reason in the form of Altech Autopage's win in the high court. This means that value added network service providers (VANS) can provide their own networks, and the DoC's back-tracking of their 2005 statement to the same effect, has no legal weight. One step closer to a liberalised telecomms industry for South Africa.

More at Ingrid's blog, and the full ruling available here.

Posted by Dominic White

Last modified on 2008-08-29 15:13
Aug 27

Fyodor's NMAP Talk at BlackHat USA '08

Security No comments »
Security

Fyodor's talk was the first real talk I attended at Black Hat. TO be honest it was quite a thrill seeing "the creator of nmap". I did feel a bit dumb not knowing that Fyodor wasn't his real name, and thinking his family emigrated when he was young because had such a thick American accent.

Continue reading "Fyodor's NMAP Talk at BlackHat USA '08"

Posted by Dominic White

Aug 26

Caltex Key Fobs and a Chain Mail Security Alert

Security No comments »
Security

There's an e-mail going around in response to petrol attendants at Caltex service stations handing out free keyrings. The alert says:

Syndicates are giving away free key rings at petrol stations. Don't accept them as the key rings have a tracking device which allows them to follow you.

Some of my friends in this mailing list LOVE FREE THINGS. Watch out!

Forward to your friends and family.

Continue reading "Caltex Key Fobs and a Chain Mail Security Alert"

Posted by Dominic White

Last modified on 2008-08-26 16:07
Aug 22

Dan Kaminsky++

Security 1 Comment »
Security

Dan has posted two replies in the comment section of my previous post on his BlackHat talk. I think his comments indicate that his motivations were good and well reasoned before hand, and the net outcome of his find-and-fix was good. I believe they could have been better, but it's easy for me to comment from a removed, theoretical position, and "could have been better" sounds like a pretty weak position already. I've literally changed my opinion of Dan, and believe I judged him too harshly. Thus this entry isn't just a brown nosing affair.

Nice work Dan.

Posted by Dominic White

Last modified on 2008-08-22 15:48
Aug 20

Dan Kaminsky's BlackHat USA '08 Talk on the DNS Flaw

Security 10 Comments »
Security

Dan's talk at Black Hat on 'The DNS Bug' aka CVE-2008-1447 was packed. By this time I had worked out that BH attendees, much like Catholics fill up from the back, so you can usually just walk to the front and find a seat. I did and ended up three rows away from Dan and his podium, a decision I later regretted.

It's a long entry, so I've bold'ed the key parts of my rant.

Continue reading "Dan Kaminsky's BlackHat USA '08 Talk on the DNS Flaw"

Posted by Dominic White

Last modified on 2008-08-24 21:08
Aug 19

HTTPS, SSL, TLS etc. on singe.za.net

Security No comments »
Security

I've got an SSL cert I use for back-end stuff. If I mistakenly link to the HTTPS version, or you wear as much tinfoil as me, here's a brief explanation.

Continue reading "HTTPS, SSL, TLS etc. on singe.za.net"

Posted by Dominic White

Last modified on 2008-08-20 11:56