Thursday, September 25, 2008

Restroom.

Hey folks, about two or three days ago, I went to the RestRoom in the second floor (where my office is) and this is what I found in front of me.




As you might suppose in my University lots of people like MAC and Ubuntu, this is the vent of years of Microsoft contracts :)

Tuesday, September 23, 2008

Obfuscate Hello World ! (Funny)

Around the web you may find this funny code, don't worry it's not the Internet bug :), it's a simple well-obfuscate "Hello World" .
Very nice to show out !

#include
#define _ 1
#define __ +
#define ___ (
#define ____ )
#define _____ main
#define ______ {
#define _______ }
#define ________ putchar
#define _________ ;
_____ ___ ____ ______
________ ___ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ ____ _________ ________ ___ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ ____ _________ ________ ___ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ ____ _________ ________ ___ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
____ _________ ________ ___ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
____ _________ ________ ___ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ ____ _________ ________ ___ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ ____ _________ ________ ___ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ ____ _________ ________ ___ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ ____ _________ ________ ___ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _
__ _ __ _ __ _ ____ _________ ________ ___ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __ _ __
_ __ _ __ _ __ _ __ _ __ _ __ _ ____ _________ _______

Monday, September 22, 2008

Web Application Security Statistics

A very nice work powered by Web Application Security Consortium shows the most relevant security flaws in the web applications in 2007.



The goals of this study are very explicit:
1) Identify the prevalence and probability of different vulnerability classes
2) Compare testing methodologies against what types of vulnerabilities they are likely to identify.
The methodology and the results have been explained/shown here. Really nothing to say about it, just take a look to the above graph; still programmer's mistakes are relevant in 2007.

Friday, September 19, 2008

"Get a PC" :)

Hey folks look at that.



To me ?
This is the proof that Microsoft is ever in late.

Wednesday, September 17, 2008

iPhone GPRS-EDGE Modem

I know, lots of iPhone's news came out. Today I wont write about this repetitive news (New iPhone firmware, new PWNG tool, new cracked applications and so forth...) I wanna point out a very interesting work called iPhoneModem. During these days, some people mailed me asking why iPhone cannot be use as a modem. I dunno. I've never tried to use the iPhone as a modem, fortunately I got wifi access in my office and in my home, so I don't need GPRS/Edge connection during the way from home to office and vice versa.



Anyway, I've looked around and the only stuff I founded was "iPhone Tethering Kit" which is a good framework but it takes too much time to be operative. So after some other google research I've founded iPhone Modem that, it's not new works great. AppStore doesn't want it. Again, I dunno why, but this project is still alive and works fine. 
So, moral of the story: Do you need an iPhone Modem ? Try iPhoneModem application I 'm sure you'll be happy ! :)

Thursday, September 11, 2008

40 line IRC client.

Hi folks, today I wanna point out this awesome IRC client written in 40 raws shell code. It's wonderful, fast, minimal and so useful !
The Author wrote:

So I wrote my own IRC client in shell. The output is a little ugly, and
there's no line editing or multiple window support, but otherwise it's just like any other IRC client to use. Almost.


The code:



Monday, September 8, 2008

Security on eVonting

Thank to Marco Prandini I discovered this interesting paper. Just some sentences from the website :


Until now, it's been easy to dismiss cryptographic voting systems as academic exercises, but the fact that the new system is designed to work with optical scanning gives Chaum hope that it will catch on. "We're ready," he says. "There's no risk. If you add it on, it doesn't interfere with what you had, and if there's a problem with it, you can just ignore it."



How it works:
 

I'm very skeptical about that. The history taught us that nothing is safe and nothing is secure, I really think these words are too strong and maybe a "garden path" to the failure. For instance, what happens if the invisible code for BO on the ballot is "KQ" but then, after you vote KQ, the ballot posted on the web site is scored for JohnMc, but with the correct code KQ ? Again, what happens if the print fails to write the " hidden code" believing to write the correct one ? Again what happens if the counting machines counts whatever it wants chiseling about real code associations ?
Some researchers are working on it, it's still an open discussion on our research field, so actually we cannot say that exist an total secure way to vote, we need ever some basic assumptions which, maybe, could be false. Please don't believe to the "perfect secure and untouchable" voting machine, it's still a good dream. 

Some more Interesting reading:

Monday, September 1, 2008

Android and "AppStore"

It seems like "AppStore" (by Apple) but it's really the alternative Android Application "repository".



The news from MelaBlog says that also Android, like the antagonist iPhone, will have a nice installation tool opened to 3-party applications, called GoogleMarked. At the beginning, each application will be available for free, but MelaBlog says, it will be possible to find commercial contents in early future.
Moreover some blogs [1, 2, 3] say that AppStore and GoogleMarket will share functionality and applications. However the "AppStore" applications got a different license from "GoogleMarket" so it seems mandatory building different versions of applications.