Author: Tim's Bookmarks

On how to exploit a weakness in the Zeus botnet command and control software and pwn it.

Some dim awareness seems to have filtered beneath the hairspray of Virginia’s hack of a GOP governor.

Good review of young trumpeter’s most recent album.

Heh. LPs are passe. Wonder if the 78s are shellac? (Hope not; there will be a lot of broken product in the channel.)

A redshirt running back leaves the UVA football team–because he really wants to major in computer science. I love my alma mater.

The latest iteration of our report digs deeper into third party code, cloud applications, and metrics around PCI. It’s a scary world out there. But our remediation time findings suggest there is hope–once you find the bugs they can be surprisingly quick to fix.

To read: “Where Good Ideas Come From.”

The new opinion pages on nytimes.com are a prominent example of using web fonts for branding purposes. With those headline fonts I can almost smell the newsprint.

This is why physicists make such good product managers. Or maybe bad product managers.

When is an independent security audit not helpful for your code? When it’s not done. The total breakdown of Haystack after its security weaknesses were discovered in the wild, in a hostile regime, is a good reminder to get your code tested by a pro before engaging in risky behavior.

The interesting bit here, aside from the fact that women now serve as the Dean of the College of Arts and Sciences, the President, and the Rector of the University of Virginia, is this tidbit: “Plans changed, however, when Gov. Bob McDonnell chose not to re-appoint Abramson, who contributed to the political campaigns of Kaine, Mark Warner and other Democrats.”

Yup. McDonnell and his administration just can’t keep from trying to screw up the University.

Just as much evidence for the literal truth of the six-day creation story as for evolution? Why yes, I’ll have what she’s having.

Awesome illustration of what you can do with web fonts and modern HTML+CSS. I particularly dig the Atlantis example.

A few of these might catch on. (I suffer from an extreme, persistent case of “cover buzz.”)

Nice capsule overview of Nick Cave’s career in the context of a “Grinderman 2” review.

Just like Windows taking over from other corporate platforms on the basis of grass-roots employee preferences.

I remember that game too. Hard to believe that was 20 years ago. Only a few weeks into my first semester at UVa and the team was breaking barriers–and Clemson’s defense. No wonder the Groh years were so disappointing; there was nowhere to go from that season but down.

The 4’33” playlist has better brand recognition than the 2’13” playlist.

WhiteHat pulls the curtain aside to talk about their scanning infrastructure.

Interesting list of security issues from Unicode, including lookalike characters, the bidirectional feature, bad Unicode-to-other-charsets mangling, and more fun. From Chris Weber, who went to my high school before he started a security company.

HackIsWack.com, ironically, has multiple security flaws, including cross site scripting, cross site request forgery, directory listing enabled, arbitrary upload of Flash files, and more. Symantec, we expected more.

Album tacos!

Be sure to check out the large scale photos of the model. Simply staggering amounts of detail.

The lab formerly known as CEBAF, where I cut my teeth running cables and wiring data acquisition boards while in high school.

The toll for this unnecessary, dishonest war is too high.

The cries of "wealth distribution" from people who have made their fortunes redistributing wealth are disingenuous at best.

Nice. Now we need a “Strange Brew” cream ale.

His takeaway from playing football at Virginia: “…[be] a good person. A good character guy. A community guy. That goes way beyond the Xs and the Os. If you are a stand-up guy, if you are true to your word, if you are respectful, I feel like you can do a lot of good things on the football field.” If we can capture that spirit with Mike London, we’ll have come a long way back from Al Groh.

Making me rethink my pledge to never buy another VW.

That’s kind of awesome.

Another interesting acquisition graphic.

Fascinating coverage of a decade of Oracle acquisitions, and speculation on where it’s going next.