Monthly Archives: August 2015

Paul’s Security Weekly #432

Jack’s Uplifting Rants, Stories of the Week – Episode 432 – August 27, 2015
In our first segment: No seriously, Jack was in rare form: Uplifting, sympathetic, offering help, and dare I say trying to be positive! After 45 minutes of this, we just wante…

Why DNS is awesome and why you should love it

It’s no secret that I love DNS. It’s an awesome protocol. It’s easy to understand and easy to implement. It’s also easy to get dangerously wrong, but that’s a story for last weeka few weeks ago. 🙂 I want to talk about interesting implication of DNS’s design decisions that benefit us, as penetration testers. It’s […]

Defcon 23: Let’s End Clickjacking

So, my Defcon talk, ultimately about ending clickjacking by design. TL:DR: The web is actually fantastic, and one of the cool things about it is the ability for mutually distrusting entities to share the same browser, or even the same web page. What’s not so cool is that embedded content has no idea what’s actually […]