Here we are, my friends. The 1000th post. Whew! It’s quite a load off to have finally made it. Hopefully this doesn’t come as a surprise to anyone since I’ve been announcing it for months, and if you have questions, hopefully the FAQ can answer them. I wrote and re-wrote [...]

FAQ

One post left… I know people have a few questions about the remaining fate of the site, so I decided to write a little FAQ prior to my last post: Q: Are you planning on keeping ha.ckers.org up for reference at least? Yes. There’s a very small chance (read near zero) that I will be making [...]

What’s Left?

2 posts left… As I wind down, I’ve gotten a lot of requests to talk about various things in my final posts. Everything from talking about what to study for newbies, how to keep up on WebAppSec when I’m gone, to talking about O2. But what I really want to talk about is what’s [...]

Mod_Security and Slowloris

3 posts left After all the press around Wong Onn Chee and Tom Brennan’s version of a HTTP DoS attack, I think people started taking HTTP DoS a tad more seriously. Yes, there are lots of variants of HTTP based DoS attack, and I’m sure more tools will surface over time. The really interesting [...]

Minimalistic UI Decisions in Browsers

4 posts left… I’ve tried to talk about this a few times to people over the last year or so, but I think it’s hard to explain without pictures. So I gathered a bunch of screen shots that should help explain why I’m not a huge fan of the minimalistic browser concept. More browsers [...]

Cheating Part 2

5 posts left… So my Wife decided that she loves to play that game “Words with Friends” on the iPhone. It’s basically just like Scrabble but probably for legal reasons it’s just slightly different (bonus placement, tile value, etc… are different). Unfortunately for me, my Wife is scary smart and knows the English language [...]

Cheating Part 1

6 posts left… I just thought I’d write a few vaguely amusing posts having just come back from Abu Dhabi (Blackhat) and Brazil (OWASP). A few weeks back my Wife was having a rather fancy soiree work party that also had a casino night attached to it. I was pretty annoyed about the whole [...]

FireSheep

7 posts left… I go back and forth on whether I think FireSheep is interesting or not. Clearly, it’s old technology re-hashed. But it is interesting not because it works, but that it surprises people that it works. We’ve been talking about these problems forever, and now companies are scrambling to protect themselves. [...]

Detecting Malice With ModSecurity

8 posts remaining Ryan Barnett has a new series he’s doing called Detecting Malice with ModSecurity that I wanted to spend a minute talking about. Firstly, it’s personally interesting, because he’s using the book and slicing and dicing a lot of the core ideas and figuring out how to implement them. But secondly, I [...]

Performance Primitives

11 more posts left… While I was out at Bluehat I ended up having some good meetings between Intel, Mozilla and Adobe. How are these companies related, you may ask? Well all of them care about performance. A year or so ago I was hanging out with the Intel guys and they informed [...]