links for 2008-04-29

• Reiser Guilty of First Degree Murder | Threat Level from Wired.com
  Well that about wraps that up.
  (tags: linux)
• There is no spoon… | GNUCITIZEN
  Paul guest-blogs for gnucitizen. Essentially, the crunchy-outer-layer/chewy-center model of security is dead, has been dead for some time, and the sooner you realize it the better.
  (tags: security)
• Edge-Security – Metagoofil – Metadata analyzer – Information Gathering
  This is as much a note to myself to take a look at this later as it is a recommendation for forensics/recon geeks that read this blog.
  (tags: forensics security)
• PDF, Let Me Count the Ways… « Didier Stevens
  Polymorphism in PDFs to evade signature detection. Neat!
  (tags: Security)
• Seed Racing « Neohapsis Labs
  Problems with random number generators. According to the article, it’s mostly a problem with using non-cryptographically secure PRNGs, however I think at it’s core, the main problem is that you shouldn’t be seeding like this.
  (tags: security)
• ISC -Scripts in ASF files, (Tue, Apr 29th)
  Letting media files run embedded scripts… that makes a lot of sense… NOT
  (tags: security)
• WordPress › Download
  New version of WordPress is out, fixes security issues, as usual. Might want to upgrade, fellow bloggers.
  (tags: security blogging)
• ADD / XOR / ROL : There’s lots of hoopla in german media…
  Some thoughts and links from Halvar Flake on state/intelligence sponsored information ops.
  (tags: security)
• Matasano Chargen » Retsaot is Toaster, Reversed: Quick ‘n Dirty Firmware Reversing
  Eric Monti reverse engineers a *cough* “toaster” that is apparently running VxWorks
  (tags: security)