Monday, July 30, 2007

denied entry to the US

One of the Top Security Experts outside of the US has been denied entry for BlackHat conference.

"It appears I can't attend Blackhat this year. I was denied entry to the US for carrying trainings materials for the Blackhat trainings, and intending to hold these trainings as a private citizen instead of as a company."

I totally agree this is pretty stupid. Business Travel Visa is given for 15 day. What happened if Flake had to say " I'm here to sale my business services at a trade conference". 

Would not this be in line with the US Trade sanction's with the EU's ??

via :Flake

Wednesday, July 11, 2007

Studio 08

Beginning community engagements on the MSDN CA blog zone areas as first steps.

 "Orcas" is important for term growth and high traction strategy build for a Gold Partner.  Lets see how this goes..





Sunday, July 08, 2007

Google/Orkut Authentication/Session Management Issue PoC

A session was created in Orkut at about Sat Jun 30
20:30 UTC 2007. Between June 30 and now many have
hijacked this session and logged out many times but
the session is alive today as verified on Sun Jul 8 at
09:43:10 UTC 2007. The cookie for this PoC session is
...

Name: orkut_state
Cookie:
ORKUTPREF=ID=11190574376736842
125:INF=0:SET=111236436:LNG=1:CNT=0:RM=0:USR=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:PHS=:TS=1183210062:LCL=en-US:NET=1:TOS=1:GC=DQAAAIMAAAArC-mJYqsrCOnv8uVQHdFUccRFQX8-ibRerEzrie5sOWNc06zs4z4fMNpovLUyRcNXHwxk8WzY6Z6SmvxcSmL1hAW4Mrdvazzkssq5VjSO70oE1HSFR4KOkSb3ZLg-U7k0x8c7ZuLHwu_qY2Umy8oobckg9UctWXYd1qoerXUTzsFSuLNXHdiAEVCSw7fUO00:PE=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:GTI=0:GID=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:VER=2:S=1Ah7VcA0JetHQ0Mgyfp4Jb6meXw=:
Domain: .www.orkut.com
Path: /
Send for: Any type of session
Expires: Expire at end of session


Google Authentication issues posted in the threads...

1.)
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064143.html
(Orkut Server Side Management Error by Susam Pal &
Vipul Agarwal)

2.)
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064300.html
(Google Re-authentication Bypass by Susam Pal)

New design for one of my FAv's

Waaaaaaaa.. After a long time of no trolling rule, I had to place myself in. I find that one of my favoratie site  Blogoscoped  Philipp has a new design for his blog and also a new domain. I wonder how his ranking looks in T'rati now.  I like the new design nothing  overdone. The true Less is more rule.

Way to go Phillipp, all the best with this new move of yours. 


Thursday, July 05, 2007

Scary Bugs !!

"that's da scary thing about this bug - it comes and goes" !!
 
Via : CJ