Dailydave mailing list archives
Getting your mojo back
From: "Dave Aitel" <dave.aitel () gmail com>
Date: Tue, 24 Jun 2008 20:25:58 -0400
So one thing I've noticed with hackers is they tend to occasionally lose their mojo. This might be because of random other life events, or because for whatever reason they've burnt out on a problem. Generally the only solution is to take on a series of easy problems for a while until the brain gets back in order. One thing I find, if not easy, then satisfying is teaching these how-to-hack classes. Over time, of course, you have to change your classes - Windows 2000 is a good learning tool, but there's going to be a time when the class has to be taught entirely with ActiveX controls and OS X remotes. For now though, it's Windows 2000. Gotta love it. Anyways, more posts this month than last month. I'm starting to feel the heart of darkness beat again. In the meantime I spent some time reading the IATAC newletters, to warm up, and you notice things like the paper by Wei Li, Lap-chung Lam, and Tzi-cker Chiueh about Win32 sandboxing [1] draws graphs by looking at the call stack. The call stack, of course, is data which is in user-space, under hacker control. Likewise you don't see a whole lot about threading in the paper - threading being the problem all system call graph algorithms blow up on. They claim that the false negative rate for their system is "miniscule". This is probably true for any system no one has ever attacked, but given a couple days and a hacker with some mojo, I'm sure that can be changed. :> -dave [1] http://iac.dtic.mil/iatac/IA_newsletter.jsp
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Getting your mojo back Dave Aitel (Jun 24)