I joined Purdue University in 1996, and joined the COAST laboratory (Computer Operations, Audit, and Security Technology) in the Computer Sciences department, under the direction of Gene Spafford. A couple of years later, COAST became CERIAS (Center for Education and Research in Information Assurance and Security). Under both names, it was a great place to [...]
Password Assistant | codepoetry – For some time I've thought it would be nice to be able to invoke the Password Assistant from the OSX Accounts preference pane on its own, since it is very nice to generate pronounceable passwords. Alas, it seems I was not the only one, someone did it alre (tags: cocoa cool hack macosx password security tools )
(2)
CERIAS ranked as U.S. top information security program
May 6th, 2008 · No Comments
Tags: education · news · Security
alex dragulescu :: dynamic for the people – Interesting artistic visualizations of malware, spam and other nasties, generated from automated analysis of their characteristics. (tags: art cool malware security visualization )
(0)
CERIAS Weblogs » Passing of a Pioneer
January 3rd, 2008 · No Comments
On November 18, 2007, noted computer pioneer James P. Anderson, Jr., died at his home in Pennsylvania. Jim, 77, had finally retired in August. [From CERIAS Weblogs » Passing of a Pioneer]
Anderson is author, among many other things, of the report that is almost universally cited as the seminal work in the intrusion [...]
Ten ways to anger your IT department (and maybe get fired)
August 1st, 2007 · 1 Comment
This article in WSJ (courtesy of Lifehacker) describes several ways to get around restrictions placed by your IT department at work. I cannot believe the article seriously suggests some of these things. Storing your work files online and forwarding your work email to your personal email account are only the two that I found most [...]
Tags: Security
Solaris telnet vulnerability
February 14th, 2007 · No Comments
This is all over the place by now: telnet in Solaris 10 has a vulnerability that allows you to login as any user, without even the need of a special exploit tool, just by passing certain options to the telnet command line. I just tested it in my Nexenta box, and it works. Honestly, I [...]
Tags: Security
Using the Thinkpad fingerprint reader on Linux (HOWTO)
April 25th, 2006 · 2 Comments
Update: new overlay for xscreensaver 5 (see below)
A Linux driver for the fingerprint reader found in some of the newer Thinkpads has been released (I have a T43p). I got it to work on Gentoo using the instructions and ebuilds provided by Tobias Sager, which are based on the original instructions found in the very [...]
Tags: Linux · Security · Tips & tricks
CopperExport 0.2.1 – security fix
February 24th, 2005 · No Comments
It is very embarrassing, but in the patch to the xp\_publish.php file shipped with CopperExport 0.1 and 0.2, I had introduced a security vulnerability that would allow for SQL injection attacks against the gallery. I have released CopperExport 0.2.1. The plugin itself has not changed (except for some additional error reporting), but it is extremely [...]
Tags: CopperExport · Security