HTTP referer and phishing

HTTP referer passes sensitive information to untrusted parties, the information can be used to make malicious content seem trustworthy.



Reflection Scan

An off-path attack on TCP exploiting a shared routing queue. Ps, pdf and a proof of concept.



Speech Trainer

Speech Trainer for Android is released. Source code is on github.



Intercepting HTTP traffic in Firefox

nsITraceableChannel allows Firefox extensions to intercept HTTP and HTTPS traffic. Firebug is one of the users. Jan Odvarko's post has more details.



Firekeeper

An Intrusion Detection System for Firefox. The project is currently unmaintained.



Out of Kernel FileSystem

An experimental virtual filesystem for Linux that works entirely at the user level and does not require any kernel patch or module. Source code and documentation is on sourceforge. If you know Polish, you may be interested in a Master's Thesis about OKFS. It starts with high level explanation of how Linux file system works.



deNAT

A rule-based system that analyses traffic captured by tcpdump and detects computers using Network Address Translation. See documentation and source.



Mingetty autorelogin

A mingetty productivity enhancing patch for dinosaurs that still work in a plain text mode. It allows to automatically log in with a name of a user that is already logged on some other virtual console. The feature is currently used by about 0 users, but the number grows exponentially. See patched version, original is on sourceforge .


Created by Jan Wrobel
Subscribe to updates Atom feed.

Bored?
Visit calculating space.

You won't find me on Facebook.

still life