Core Security has reported today that several VMware virtualization products allow hosts to be vulnerable to attack from guests if you’ve enabled folder sharing. This exploitation can take place whether or not the user has physical access to the machine. From my understanding, all operating systems for both hosts and guests are [...]
Archive for February, 2008
An interesting bit of information from the team at Princeton regarding the ability to defeat encryption tools such as dmcrypt, TrueCrypt, Vista Bitlocker and Apple’s File Vault.
The Princeton team’s premise is that RAM inside your machine is vulnerable if someone has physical access to your laptop while it’s still on, in sleep mode, or very [...]
Firestarter, the firewall utility provided through Ubuntu and several other Linux distributions, doesn’t allow for default connections with OpenVPN. I knew that, for some reason, OpenVPN didn’t work on my laptop’s wireless connection while it did fine with the standard wired one. Out of laziness, I never fully explored the reasons. [...]
The folks behind the TrueCrypt encryption tool has released the 5.0 version of the software. I haven’t had a chance to take a look at it yet, but I’ll let you know when I do. You can find it here.
A lot of people have heard about SSH port forwarding but don’t always get why it’s so cool. I ran into an example today and thought I’d share it with you.
I’m out of town on a project for a couple of months, so I set up residential broadband service with Qwest here in the [...]