Why recursive Microsoft DNS servers should not be publicly reachable
US-Cert Alert (TA13-088A) DNS Amplification Attacks sums it up quite nicely.
Citrix NetScaler 10 TLS 1.2 support
Citrix NetScaler 10.0.72.5 seems to support TLS 1.2, or at least that is what the Qualys SSL Labs test suggests. […]
Securing Java Web Start for desktops
In a previous post I explained how to make sure only trusted Java applets can run outside of the Java […]
SplashID for iOS by @SplashData stores master password inside database: #security #fail
While at Black Hat Europe 2012 I attended an excellent talk by two Elcomsoft researchers. They investigated the security of […]
Ziggo and xs4all block of ThePirateBay.org technical details
The Dutch court ordered ISPs Ziggo and xs4all to block client’s access to thepiratebay.org and associated domain names and IP […]
Shanghai Jiaotong University probing for Chinese IPv6 users?
My server has had an IPv6 address for a few years now. I’ve just not gotten arround to properly advertise […]
Strong authentication for 2012
Not so long ago, strong authentication was equivalent to two-factor authentication. Unfortunately, things have changed quite a bit in 2011.
ING mobiel bankieren iPhone app
De ING Mobiel Bankieren iPhone app slaat slechts 1 configuratie bestand op: nl.ing.iphone.app.Bankieren.plist. Na het installeren bestaat het bestand nog […]
How I got my #28c3 tickets @ccc today
I preloaded my account with the tickets I needed, then at 15:59 I started this script:
ING mobiel bankieren Android app
De ING Mobiel Bankieren Android app slaat slechts 1 configuratie bestand op: IngMobilePrefs.xml. Na het installeren is dit bestand vrij […]