Something I came across when I writing a PHP script that dynamically creates hyperlinks through JavaScript.

According to Microsoft, Internet Explorer will not send the Referer header in situations that may result in secure data being sent accidentally to unsecured sites.

You can’t rely on the referer header as a trustworthy check for tracking down the origin of your visitors but still …
Something in the same bulletin seems rather strange:

If a site is placing sensitive data in the URL then I sure hope it’s hashed and it’s use is limited in time and restricted to one browser session.

The video of the Dan Kaminsky presentation of the DNS cache bug is available on the Black Hat site. It’s a 100 MB download but it sure is worth it. There’s also an MP3-version.

These guys are crazy.

The Defcon 16 CD is available.

Blackhat 2008 slides are also published.

My employer recently gave me a HTC TYTN2 Smartphone.

This smartphone is HSDPA/3G enabled so in theory it should be possible to surf the net with your laptop connected to this smartphone. This is the procedure that I used with Ubuntu 8.

Before you start make sure that your phone is NOT connected via the USB-cable to your laptop.

Install subversion

Now download the the source code, compile and install it.

Create the config file.

Enter this in your editor (hit ‘i’ for Insert, Save with “:w”, Quit with “:q”) :

Make sure that you have Internet Sharing activated on your smartphone. “Connect” to the Internet with your smartphone. Now connect the USB-cable to your laptop. Your dmesg should look something like this:

You’ll notice the last name where it says “renamed network interface rndis0 to eth4″. The eth4 can vary on your system, it might be eth1, eth2 or something else but you should see a new interface.
Now try to get a DHCP lease from your phone.

You should get something like this :

That should be all.

Although I like the eyecandy of a Gnome desktop there’s nothing that can beat the strength of the command line. My desktop is often cluttered with a number of gnome terminals.

I’ve recently discovered Terminator, a terminal container that allows you to have all terminals “catched” in one window. Simply hitting Ctrl and Shift and O (or E) splits your current terminal and gives you a new terminal.

After my upgrade to Ubuntu 8 I was unable to start the VMware server console. I always go these errors :

If you look into the directory where the libraries of the server console are installed you’ll find a file libgcc_s.so.1/libgcc_s.so.1. Just remove and fire up the console again.

Op m’n werk moet ik vrij regelmatig meldingen in verband met malware doorsturen naar de abusedesk van Skynet / Belgacom. De meldingen bevatten altijd de url met de malware, ip-adres van de machine, ‘n timestamp en tijdzone en ‘t type van malware. Veel meer kan je moeilijk aanleveren dacht ik.

Wat krijg je dan na 7 dagen (je kan dan nog moeilijk van ‘n auto-responder spreken) :

“A logfile”. Van wat? Van de machine met de malware, euh, die door Belgacom / Skynet beheerd is? Je zou er kunnen meelachen … mocht’t niet zijn dat de malware er simpelweg wel blijft staan … Zucht.