everburning

The University of Washington has posted slides, notes and videos of the Winter 2006 Practical Aspects of Modern Cryptography course.

Security Compass released two beta tools in the Exploit-Me series. These tools, XSS-Me and SQL Inject-Me, are Firefox plugins to help test for security vulnerabilities.

XSS-Me does Cross Site Scripting (XSS) injection against the forms on a page. This will send a predefined set of attack strings against the website to see if the site reflects the content back to the user.

SQL Inject-Me is a tool to do some SQL injection tests against an application. It will send a series of SQL commands and attempt to make the database return an error message to the user.

Anyway, check out the Exploit-Me site and give the tools a try. If you find any issues you can report them to bugs at securitycompass.com.

Oh, and as an added bonus, the tools are being released under the GPL v3. We’re working on getting bug tracking, mailing lists and all that other infrastructure setup for the project.

Stumbled across, well, it showed up in my blogroll, an interesting article on the Cerias blog about problem solving and our tendency to try to cure the symptoms instead of solving underlying issues. Mostly computer stuff but nothing technical and maps to pretty much any culture.

As a result, we develop fragile monocultures that have a particular set of vulnerabilities, and then we need to spend a huge amount to protect them. ~ Solving Some of the Wrong Problems.

I stumbled across PeepCode last night. While it looks like a porn site it actually isn’t. Well, maybe geek porn. They sell programming videos on various topics. I watched a few of the free snippets and they were pretty good so I picked myself up a 10 pack.

I’ve got six of them downloaded at the moment:

• Rails From Scratch part I
• Rails From Scratch part II
• Test-First Development with Rails
• RESTful Rails
• TextMate for Rails
• RJS Templates

I watched the TextMate for Rails video last night. The production quality is really good and he gets through a lot of the TextMate commands and features. I’ll have to watch it again as there are so many different TextMate keyboard commands.

The videos come without DRM and they provide normal sized (I watched them fullscreen on my laptop and there was no pixelization) and iPod sized if you desire. I love the fact that I can download them and store them on my server at home. No need to watch them on the site every time. They all come with full source code used in the video and some have extra little PDFs and resource link collections to give you more information on the subject.

So far, really well done. I’m just waiting for a few more to come out as I’ve got 4 credits remaining. (Although I’m considering getting the JavaScript with Prototype.js video.

As a side note, while I was watching the video I noticed a text editing program, which I can’t remember the name of in the background. The website for that editor pointed me to Scrivener which looks kinda interesting if you’re a writer.

I’m finally, finally, back in Warcraft again. After umpteen patches and too many hours to count I can play again. As is my usual habit when coming back after not playing I’ve created a new character on a new server.

This time I’m Dalrei, the Night Elf Hunter on Ravenholdt.

I’ve played with a new character on the same servers as my other characters but I ended up mailing my new character the money and bags and stuff from the old character. I then used the old as a kind of bank to do all the auction house work.

This feels kind of, icky, to me. There is something you lose in the game when you start out with a couple 12 slot bags. You lose that sweet, I just found a 6 slot bag feeling. That decision on what to buy since you have no money.

I must have 12-15 characters scattered over a half dozen servers by now.

Anyway, we’ll see if I decide to renew my account. It expires on Tuesday (I cancelled it last week).

Or, maybe Bioshock will actually work when I try to play it tomorrow.