I’ve never seen SQL injection explained really well, until one of my coworkers did just that. I’m going to try to repeat his explanation here, because SQL injection is something that everyone seems to expect everyone else to just know.
SQL injection (sometimes abbreviated SQLi) is the technical term for getting a form in a web site to run SQL commands when it shouldn’t. Here’s what it is and how and why it works.
Continue reading SQL injection explained
New computer, old monitor: I see questions fairly frequently about using a new computer and older monitor together. More often than not, it’s possible to do, but you may need to know where to look for the cables and adapters you’ll need.
Here’s some help.
Continue reading New computer, old monitor
How do you compare the Commodore 64 vs VIC-20?
The Commodore 64 and its predecessor, the VIC-20, look a lot alike, and the VIC-20’s design certainly influenced the 64. The 64 is the best selling computer model of all time, and I argue the VIC-20 was the first really successful home computer.
But even though the two machines are closely related, there are significant differences between them. Let’s compare and contrast the two venerable machines.
Continue reading Commodore 64 vs VIC-20
I’ve covered event logging before, but the excellent site Malware Archaelogy has some cheat sheets that include Splunk queries you can use to find incidents or malware operating in your network, or even use to create dashboards so you can keep an eye on things. Malware Archaelogy’s list of events to log is a bit different from what I covered before, but there’s a considerable amount of overlap. You probably want what they recommend and what anyone else is recommending.
The key to corporate computer security is situational awareness, and I don’t think anyone sells a blinky box that provides enough of that. But you can build it with Splunk.
And, for what it’s worth, I do recommend Splunk. I’ve used Log Logic in the past, and its searches often take days to finish, which means Log Logic is so slow that by the time you find anything in it, it’s likely to be too late. Splunk isn’t quite real-time, but you can find stuff in a few minutes.
Fireeye runs a bunch of its processes as root, a practice that’s been a no-no since the late 1990s, and they’re more interested in litigation than they are in working with the guy who discovered it.
The attitude is all too common.
Continue reading Security flaws in security tools are all too common
I was at church on Sunday and the video projection wasn’t working. After a few minutes of watching everyone struggle, I volunteered to take a look, and working together, we were able to get the video working again using a simple, repeatable methodology: Using the OSI model to troubleshoot video.
I’m going to share that methodology now.
Continue reading Using the OSI model to troubleshoot video
Security-minded open source software has taken a beating in the last year, as numerous projects have had holes exposed, or, in the case of Truecrypt, got audited heavily. This fanned the flames of the old debate whether open or closed source software was more secure.
This past week I heard a plausible theory about the state of open source security: It’s all about the money.
Continue reading The problem with open source, especially security
You may have heard people like me talk about watering-hole attacks. It’s an indirect attack on someone by compromising a third party and using that to get in. Here’s a watering hole attack example from the real world.
In this case, back in November, attackers got a Forbes ad server, and from there, attacked visitors from government and bank networks.
Here’s the logic: Since ad servers tend to be much less secure than your target company, you compromise an ad server from a site someone on the target network is likely to visit, then infect them from there. The attackers jumped to the ad network first. That put them into position to jump onto government and bank networks.
Continue reading A watering hole attack example from the real world
The conventional wisdom is that computer viruses can wipe out your data, but they can’t do physical damage. The exception to that rule was, of course, Commodore, the king of cheap 1980s computers. Commodore’s earliest computer, the PET, had an infamous “poke of death” (POKE 59458,62) that would destroy its video display, but the Commodore 64’s sidekick, the 1541 disk drive, had a couple of little-known vulnerabilities as well. Continue reading Commodore hardware viruses–yes, they were possible
When Radio Shack announced its bankruptcy, I read more fears that the age of tinkering is dead than I read laments for the store.
I follow the logic, because Radio Shack was the only national store chain that ever tried to cater to tinkerers. But I don’t think people abandoning Radio Shack means tinkering is necessarily dead. I have plenty of indications that it’s still very much alive, but it’s also very different from how it used to be.
Continue reading Tinkering isn’t dead, but it is changing