Good post from Jeff Atwood about cross-site request forgery (CSRF) attacks. One thing that comes to mind is that this is an example of the best kind of security exploit – one where the exploit depends on the target system doing the right thing. A Web server is meant to respond to URL requests, and…
Read More CSRF, and a blegWhat have we here? Via Spencer Ackerman: David Wurmser, trying to sketch the wiring in his head on a really big piece of paper. The spider chart was meant “to create a strategic picture, and that strategic picture is the foundation of policy change,” Wurmser said. “It helped you visualize, because if you saw, say,…
Read More All day long I think of things but nothing seems to satisfyOh bloody fuck. He’s at it again. George Osborne is in his white coat, on the stage, flogging his snake oil. All he needs now is a gospel choir. I think we’ve pointed this out before, but here goes. The Bank of England was nationalised in 1946. It’s part of the State. The money in…
Read More The Conservative Party: Can’t Be Trusted With GlueI’m relatively laying off US presidential politics this year, unlike in 2004 (and aren’t you glad?), but this sticks out: John McCain gambling serious money, and apparently considering casino execs his “friends”. Long before the point that he gambles with them and apparently wins, which is bad enough, you’ve got to wonder, haven’t you? They’re…
Read More stupidity taxJust to note that one issue of the Sun this week managed to rehash the much debunked pirates will knifecrime our asylums!!! story, yet again. It’s still drivel, of course; after all, here are those excitingly amoral Frenchmen, about to wire their pirates up to the ship’s power bus….or not. The latest lot are heading…
Read More Piracy Drivel WatchOK, someone’s left an armed UAV in the changing rooms. Is it you, Harrowell? No? Speak up? America? Turkey? Italy? Well, it would be interesting to ask somebody how many Predators the RAF possesses at the moment, compared to a few weeks ago. Relatedly, this is wrong: Pakistan, Afghanistan, nuclear proliferation and trans-national Islamic terrorism…
Read More Mr 10% meets the 27%ers up townThis is sick, but perversely reassuring. With the great miscarriages of justice of the 70s, the first phase was that the judge, the cops, the Home Office, and all right-thinking people agreed, and nobody took seriously that the victims might be innocent. This lasted a long, long time; but then we passed into the second…
Read More Big miscarriage of justice of our times, phase 2I’ve been blogging longer than the Rude Pundit.
Read More The shock of the old25 years ago today I was a three year old boy, living in a village in the Yorkshire Dales, from where you could see the golfball aerials at the NSA’s Menwith Hill base. Later, people I knew well would protest it for ages, and a man who was supposedly an engineer for LockMart there lived…
Read More Petrov DayAh, MEND – everyone’s favourite dark-globalisation guerrilla gang, whose strategy is based on the world oil market as they career around Nigeria in RIBs with six or so huge outboards and silly numbers of heavy machine guns, while God knows where their leader/committee/nameless mobile phone number is. You can see why the defence establishment loves…
Read More kings and queens and generals learn your name