Xanda's Blog !~!

Xanda’s Twitter Archive

xanda — Mon, 30 Aug 2010 03:17:15 +0000

Ok here is a quick update. Ive created Xanda’s Twitter Archive which allows me and you to search my previous tweets (reply tweets are excluded) for future use

DontPhishMe v0.3.2 released

xanda — Tue, 24 Aug 2010 09:44:16 +0000

Mozilla just approved the sandbox version of DontPhishMe and now it is public Get the latest version of DontPhishMe (v0.3.2) and feel free to comment and report bug

Most Secure Desktop Operating System

xanda — Tue, 13 Jul 2010 10:10:02 +0000

Mikko H. Hypponen: What do you consider to be the most secure desktop operating system at the moment in theory?

Charlie Miller: Probably Windows 7, although most are pretty comparable.

Source: Ekspress

IronFox

xanda — Tue, 15 Jun 2010 06:49:48 +0000

IronFox is firefox in a sandbox, or more correctly, an application shell script wrapper that starts firefox in a sandbox. The policy is bundled within the app, should there be any desire to inspect the policy before use.

The goal of the policy is to let the user browse the web without interfering, but still protect the users privacy and system integrity from vulnerabilities that may exist in firefox or its plugins. The only restrictions that Ironfox gives the user is that downloads and uploads may only recide in the users download directory, and that ironfox itself can not launch any other applications.

Yara Rule for CVE-2010-1297

xanda — Fri, 11 Jun 2010 10:50:46 +0000

rule FlashNewfunction: decodedPDF
{
   meta:  
      ref = "CVE-2010-1297"
      hide = true
      impact = 5 
   strings:
      $unescape = "unescape" fullword nocase
      $shellcode = /%u[A-Fa-f0-9]{4}/
      $shellcode5 = /(%u[A-Fa-f0-9]{4}){5}/
      $cve20101297 = /\/Subtype ?\/Flash/
   condition:
      ($unescape and $shellcode and $cve20101297) or ($shellcode5 and $cve20101297)
}