The price of storage has been steadily dropping over the last several years, and this is the latest example: A Complete Terabyte File Server For About $500 ā Yep, you read that right, a custom 1TB file server, in the $500 range. While I’m not sure what I could do with that much storage (I remember saying that when I picked a 1.25GB drive over a 1.5GB, saying I’d never need it), but it’d be nice to have. š
On the topic of cheap storage, I just purchased a 250GB SATA drive to replace my 80GB data drive that’s almost full. With SATA drives under $100 for 250GB, I’m tempted to try my own version of his project.
Visual Basic is at an interesting crossroads, it’s at a critical juncture between two paths. One path, it has followed since its earliest days, where simplicity and ease of use ruled over maintainability and solid design. The other, the longer, harder road, is that of design over ease. With the release of Visual Basic .NET, a major shift occurred in the direction the language is taking, though looking back now, nearly 5 years later, I’m finding myself concerned for the future of the language.
During my Christmas vacation last year, I converted this site from WordPress to Hugo; while I’ve been happy with the change, a couple of features are missing. One of these is that there was a section with related content at the bottom of each post. I wanted to get it back.
Thankfully Hugo has native support for Related Content, so while I was hoping this would be a simple task, there’s a note that made things substantially more complicated:
Last week I gave a lighting talk at the DEFCON CryptoVillage on SMIMP. The talk went over the basics of why the project is needed, and how the specification works.
Here are the slides:
Here is a rough transcript of the talk:
Slide 1: I’m Adam Caudill, Iām a developer and security researcher; I work on a number of different things, but my recent work has been around privacy and secure messaging.
phpMyID is a simple solution for those that want to run their own OpenID endpoint ā the problem is that its author stopped maintaining the project in 2008. Despite this, there’s still quite a few people that use it, because it’s the easiest single-user OpenID option available.
Unfortunately, the author didn’t follow best practices when building the software, and as a result multiple security flaws were introduced. In 2008, a XSS was identified and never fixed (CVE-2008-4730), in the years since then it seems the software has been below the radar.
On August 28th ElcomSoft announced that they had determined a method to extract Windows passwords from the registry for users of UPEK’s fingerprint readers and Protector Suite software (UPEK is now owned by AuthenTec, which is now owned by Apple). What they didn’t announce was the technical details of how they did it. Myself and Brandon Wilson have been working to recreate their research ā and we have.
We have not been in contact with ElcomSoft, so this is an independent re-discovery of this vulnerability.
