because arshan’s too cheap to license OneNote

Browsing Posts in security

So I took the opportunity during the OWASP San Jose conference to throw some of the ideas I’ve had bouncing around in my head at people. One of the things I was talking about was how strangely inefficient I thought the current XSS attack vector discovery paradigm was. What led me to this revelation was […]

One of the things I always bitch about when teaching web application security is the fact that log4j (and all its implementations in other languages) don’t have a “security” log level. How can you have a plan for security auditing if your log messages are spread out across all the different security levels and among […]

December 21st, 2007. Everyone is invited. Here’s a copy of my Evite. To whom it should definitely concern, I am Chuck Norris. You may know me as the guy who can divide by zero, or the guy who can believe it’s not butter, or the guy who can touch MC Hammer. These are all known […]

I was basically afraid that no one would invite me to the cool parties unless I got a blog. So, here’s my blog. Once this whole Internet fad is over, those people at the parties are going to be embarrassed. Did you know the word “embarrassed” is roughly equivalent to the word “pregnant” in Spanish? […]