Attending whiskeyleaks on the 19th of september (organized by @WhatSecurity), I saw one of the talks will be about a special type of Rowhammer attack called Flip Feng Shui. It can be used to influence seperate virtual machines on the same hypervisor and was created by Kaveh Razavi, Ben Gras and Erik Bosman. While I heard about Rowhammer, I’ve never invested time into actually reading up on the how and why of it. Below is a tl;dr style writeup of what Rowhammer is and why it works. Personally I am hoping that with this information I will be able to understand the talk on Flip Feng Shui ;)Read More
WhatsApps nasty data sharing clause
WhatsApp dropped the bomb. After shouting down doomsayers that it will not share data with Facebook (wish I could find the link now but Google is all filled with the current articles), it
announced it will do just that anwyay. Thereafter the world erupted in how to disable this by a million articles and pages.
Organizing a meeting and filling the agenda
Last friday, 11th of December, was another episode of the loosely organised hacker-meetup called Fristileaks. Originally I had asked on twitter if there was another
meeting scheduled, and got told that if I wanted a meeting I should organise one.
Into the Twitterverse, number 2!
I’m an avid user of Twitter, mostly because it’s generally a great way to keep in touch about whats happening in the infosec world. You can’t keep an eye on everything yourself, but if you follow the right people there is hardly anything interesting that you will miss. Obviously following too many people just ends up in random noise, so I try avoid that.Read More
Before I start this rant I’ve got to say, I am not a pentester. In fact, I would make a horrible pentester. Once I have my foot in the front door I’m bored. I got in, I got the cake, and the rest is most likely possible too. Very few people or organizations protect their internal network better than the internet facing one.Read More