Posts Tagged ‘Life’
WASWiki and my return.
I was going to originally post about ideas for learning grounds for web application security. But the sla.ckers IRC(#slackers on irc.irchighway.net), pointed me first to OWASP. I realized this was quite a goldmine of information already, but it doesn’t seem too newb friendly, plus much of it seems to be theory more than direct examples. So then kuza55 reminded me of webappsecwiki.com. It’s pretty bare, but I believe we can turn this site into a more practical learning site. It’s already going in the correct direction in my opinion.
Anyways, enough my my dreams of grandeur, I am going to start getting back into web application security. Aside from the trusted third party whitelisting issues(otherwise known as XSSing YouTube Mods) I talked about in the #slackers channel, I have not contributed much lately. Things are yet again more stable in my life so I have time to do research and whatnot now. I’m going to start using WordPress.com again for various reasons. First, it’s easier than hosting my own, although it may incur some security issues, I’m sure it will be nothing major. Secondly, it’s already linked to by several people. It has some PR. So I hope to be able to contribute more soon!
New Site
Quite simply, new site. Blog will be less technical, probably. But you should check out the rest of it anyways.
Coming to an internet near you.
I’ve set up a few things today. First off, a Ventrilo server. Connect to it using the default port and hostname ‘kypvp.servegame.com’. Since it’s the standard server and not the ‘pro’, it’s limited. I might change over to TS at a later point.
Also, I have setup e-mails using my domain and Custom Domains from Windows Live. So, if you want an e-mail@kyran.ca using the Windows Live Mail network, toss me a message.
I also have a Hamachi network set up. kynet and kynet2. If you want to come and play a few rounds of Starcraft or Warcraft, again, drop me a message. I’ll send you the password to the Hamachi networks.
Anyone have any ideas for other things I should setup?
Things ahead.
I won’t be blogging about security nearly as much for the next while. Instead, I’ll be taking the technology route as well as making the occasional more personal post. There will still be my opinions on major things in the security world, but I won’t really be contributing much(Have I ever? haha). I just think right now my time can be spent elsewhere. Nothing particularly interesting is going on right now. C’mon, even RSnake has resorted to reading a gigantic click fraud report and making comics.(Funny ones I might add. There are more on the forums.) I’m not sure if that’s because he’s bored or there really is nothing going on in webappsec, but regardless I’ve been looking for an excuse to drop some time consuming part of my life and security is going to be it for now.
Though it does seem there are interesting discussions about WAFs, even if it’s not particularly new, it sure is interesting. I’ve said it before and I’ll say it again, webappsec will and should follow the footsteps of network security. Although since a large portion of webappsec is probably social engineering, I don’t think it will all ever be solved. We can patch software, not humans.
Oh and it seems that Opera really is everywhere.
