January 03, 2007

With all due respect

When people announce that they have found a vulnerability in something that should be really secure, it should always trigger interest with reservations. Yesterday, a contracting consultant currently working for...

January 02, 2007

Irresponsible Disclosure

Normally, hackers and vulnerability researchers are accused of irresponsible disclosure, namely the publication of vulnerability information before a fix is available from the vendor of the affected product. The discussions...

January 01, 2007

Silver and Gold (Humor)

A German proverb is: "Reden ist Silber, Schweigen ist Gold.", which could be translated as "Speaking is silver, silence is golden." It suggests that in most cases, keeping your mouth...

October 24, 2006

Random vs. coincidence

Some time ago, I discovered a pattern in the Transactionnumber (TAN) one-time pad given out by Citibank Germany to their customers. As the name suggests, a one-time pad should...

September 05, 2006

Logic Bomb - Red Button Missing

When asking the Internet about the definition of a logic bomb, statements, such as the following from Wikipedia, are returned: "A logic bomb is a piece of code intentionally inserted...