No in-tar-web for you!

YouTube - South Park + Over Logging

Interesting. Also see source documents for Mozilla and IE

Flirting with MIME Types

In an age where JavaScript is so ubiquitous that some websites won't even load if you don't enable in your browser, cross-site scripting hacks are everywhere - letting malicious or merely mischievous hacker create links that have some very unintended consequences on websites that are not careful to keep from executing other people's code.

Most are run-of-the-mill and hardly worth writing about, but reader Harry Sintonen writes in with a vulnerability on the CIA's site that THREAT LEVEL can't resist.

For those of you who don't see it after clicking through, notice that the links lead to the CIA's site, but displays a recent THREAT LEVEL story. Here the CIA search box fails to rip out characters that will run as a script when the site tries to process the search query.

This story went up at 3:26pm, and it's still working at 8:45pm.

This would be great for a prank form...

Update: This is still working today. So much for fast response.. Here is the obligatory memestreams @ cia.gov link.

SSL no less.

CIA.gov XSS still working

In the automatic patch-based exploit generation problem, we are given two versions of the same program P and P' where P' fixes an unknown vulnerability in P. The goal is to generate an exploit for P for the vulnerability fixed in P'. More formally, we are given a safety policy F, and the programs P and P'. The purpose of F is to encode what constitutes an exploit. Our goal is to generate an input x such that F(P(x)) = unsafe, but F(P′(x)) = safe.

... ... !!!

There is something humbling about seeing hours work (reading the Microsoft security bulletin, using IDA and BinDiff, discovering the security changes, performing the needed "magic" like unicode evasion, no null's etc) reduced to a math equation.

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications

Rob: "I like my women like I like my whiskey: 50 years old and full of coke."

My RAID 5 array died 2 days ago. And my heart just about stopped.

Actually only a single drive died, but in the process of failing the drive in mdadm and adding a new one, somehow ext3 freaked out. Superblocks gone. filesystem, unmountable. Testdisk couldn't find any superblocks and insisted that the 320GB array I was pointing it contained a 13TB HFS+ partition.

Holy Shit!

Every document I wrote
Every piece of code I wrote
Documents and code I was legally required to destroy years ago
Every digital picture I had taken
Every email I had sent
All my music and videos

Essentially the record of my life, both digital and non, since 1996 was gone.

Holy Shit!

Sure I had backups, but they were spotty at best, and some of these are on CDs of dubious quality that I had burned literally 11 years ago.

Holy Shit!

I was almost beyond hope and was about to call SE2600 friend Scott Moulton when I saw a passing reference to debugfs on a forum post. I fire it up, point it a /dev/md0 and at the prompt do an ls.

...

...

and I can see my directories!

... ok ok [breathes] ... [checks man debugfs] ...

debugfs: rdump publications /tmp/
debugfs:

Could it be?

acidus@hatter:~$ cd /tmp/publications

HOLY SHIT! HOLY SHIT! Ode to joy and all that lot, I can recover my data!

[HR inappropriate victory dance]

Theodore Ts'o, I love, and if I ever meet you, I just might make sweet sweet love to you down by the fire. Serious. I crave my obsolete and poorly written C code that badly.

PS: The only thing I couldn't recover with debugfs were some 4+ GB files that were flat text files and MySQL dumps. debugfs coredumps. Luckily the code which crawled the in-tar-web to assemble this data was still around and working, and so the data is reproduceable.

Hell yeah for Summercon! It lead to some good stories, and one of the best emails I've even sent to IT:

Dear Homey,

My Laptop smells like beer and the tab key doesn't work. Please fix this.

B

Summercon 2008 Official Announcement | summercon 2008

[sigh]. Now I have a good answer to the statement "Surely no one is stupid enough to put raw SQL into a URL!"

The best part if that the "blurring" of the email address is horrible and you can easily see many of the email addresses of register sex offenders.

Want to see who else is an idiot?

...

allinurl:?= SELECT FROM WHERE AND (sql|q|query)

... and watch the silliness.

Oklahoma isn't the only one

King of the Hill isn't usually funny to me and as such I don't typically watch it. However Lord TiVo (peace be upon him) has decided I should watch it and every now and then there is a great exchange like this:

Father-in-law: So... you good with computer?

Khan: Yes

Father-in-law: Then puts MP3s in my watch! I want talk radio and Frank Sinatra!

Khan: uhhh errr uhhh but that's not how it works!

Father-in-law: Do it! Drag and Drop!

Khan: but I

Father-in-law: DRAG AND DROP!

Khan: But this watch isn't even digital

Father-in-law: [growls, takes back watch]

Many times I've had the [do something technically impossible] - [technology doesn't work like that] - [growls] exchange with non-technical family members and friends. Why is it non-geeks always think that it is somehow your fault that:

-There is a pause when changing channels on a digital TV stream
-The mircowave messes with the wireless network
-They have to live near a phone exchange to get DSL
-HDMI cables are so expensive
-Word can't edit PDFs
-etc

In the race to be the first to reach the ACID3 reference rendering, Opera's software leads now with 98%, closely following by Safari with 96% and Firefox 3 beta 4 with 71%.

Update: 03/26 21:21 GMT by Z : Opera is now at 100%, apparently, with Safari close behind at 98%. Update: 03/27 by J : Public build r31356 of WebKit (Safari's rendering engine) is at 100%.

Browser wars, but fighting each other for the best compliance? Awesome beyond words! Microsoft take note.

A browser war for Compliance???!!!???