If you like this, you can use flattr. ;)
- Quickpost: Inspiring Windows software profilers and checkers
- 0x41 - back to bugs
- low footprint/hardware assisted virtualization with Linux and GrSec
- Postfix troubleshooting - a security nightmare
- New content soon
- 0x41 - (weekly) exploitation matters - Vista Heap, scripting debuggers with debug libs and how to learn to use that knowledge
- 0x41 - weekly exploitation matters - Shellcode and frameworks
- Explicit and implicit security in software development - measures and change
- 0x41 - weekly exploitation matters - Heap overflow fundamentals
- 0x41 - weekly exploitation matters - About
- wishinet: http://www.godblock.com/#what "block sexual, and psychologically harmful material" like "holy texts". Protect "from being indoctrinated"
- wishinet: Load average: 23.69 20.11 14.95 - jepp, this is obviously bad.
- wishinet: http://img2.moonbuggy.org/imgstore/ethernet-killer.jpg
- wishinet: According to my 400d stats the most viewed page at my blog is phpids's xss warning. You can do better! :)
- wishinet: I'm super-hungry after some meditation... guess this isn't normal. :-) 0xf000000d
UnprotectedHex - about formal software verification
Sean's blog
Xecurity - a security feed collecter
Reddit RCE group
Freedom To Tinker
Emergent Chaos
Woodmann RCE forums
OpenRCE community forums
SecViz - security data visualization
DAVIX Live - for security metrics
Hex Live
Security Metrics
Immunity's Free Software
Core Security's OpenSouce research
Zynamics Blog
So fast - so weekly: cope with all the new infos out there
Tue, 05/26/2009 - 14:38 | wishi
txtBeing in information security requires to keep track on all sorts of technological developments - and the people behind it. Most stuff, that's hot and new out there, will be discussed and developed within the community, will be announced, explained and come to you in it's entire context - if you follow along.
You can win a lot out of this. In the following I just mention some MacOS or Windows tools - you find similar tools for any Unix, too. But there's KDE, Gnome, whatever X11 based GUI you have. You'll probably know better what to use than I do.
Organizing the feeds - getting a seeker
There're three things you need to have to be able to follow round about 2000 feeds successfully without wasting hours. Here's how to do that in ~30 minutes. Without superhuman reading speeds.
- a powerful feed-reader with a fast and open SQL DB backnend
- the option to sync your stuff with a public web-interface to read it everywhere - from your mobile, in the bus, from another PC somewhere
- tons of kewl feeds. The more the better.
For the latter: many people think of technologies like RSS or Atom like it's some kind of weird new thing that only web-addicted or crazy geeks need to use. I'm neither. Okay, I'm a little geeky... Anyhow: it's about managing information as fast and effective as possible. So if I gave you an OPML feed list... it'll probably hit you for six.
A recommendable reader for the Mac could be NetNewsWire. It's optionally syncing with the Newsgator service, which is freely available, too. Other people might want to mention the Google Reader, which is similar powerful and capable to make you cope with a huge amount of information. gRead or Readomatic could be interesting local front-ends. Together with Google Gears that's cross-plattform and storing some stuff locally.
I don't share my own OPML, because you'd need my associations to do something with it. Instead here's the Security Bloggers Network, which has got a ton of feeds, a list of podcasts, and you'll probably have tons of other interesting projects.
The next thing you need to do is to organize the feeds in interest levels from 1 - 7. In my case 1 means, read it one day a week, 2, two days, ... and so on. Feeds I read every day are in folder 7. The feed-readers have a modern combined view. That means: one site for all the different sources. Mark them all as "read" and see them like in a single website.
If you like an entry, you may like to have your own place for notes to copy the stuff into, to go through it later. There's a nifty app called Mental Case, which I use. It works based on associations and I love that. And there's a free tag-based note-app, Evernote, which is cross-plattform and lets you extract the best stuff into your own resources from everywhere. The ability to have open notebooks is just priceless.
Applications like Anthracite allow you to build your own feeds, combining AppleScript, Python... and even Unix commands to extract data out of multiple sources. You can define advanced RegEx filters in order to extract just the necessary information out of vulnerability feeds from SANS, SecurityFocus, PacketStrom or Milw0rm. Just for the products you currently use and whose vulnerabilities are of real interest.
Of course - even without this particular expensive application you're able to do that, by building your own search bots and spiders. Maybe I'll give that a tutorial this week, or next. If you're searching on Howto-documentation right now, use "Fravia" as the search-term in Google. You'll find everything immediately, but you may need years to cope with the knowledge. At least month.
Social Networks
How to use a social network? Just filling out everything and making it public doesn't help anyone. Not even you. Keep all people at arm's length. You don't need to give your real address or credentials to anyone... except me ;).
But that's another topic. How to win precious information out of it? I mean real information, not target information in case of foot-printing.
(done with this)
The point in following random 140 character notes, that are posted asynchronously is, that it's not as invasive as instant messaging. That means you're able to get into semi-direct contact. Just to grab some new infos. Most people announce themselves to a social network, giving their usernames (and passwords ;)). You'll find information there too, if you know how.
You need a Twitter client. Twitterific or something else. Maybe even EventBox (MacOS social network client, beta). Put all these social networks, link-sharing groups ... in there. Use the search functions. Put in into a background task. Let it work for you.
Getting the Twitter timeline with a simple script is easy as pie. And if you opened a link, that contains a huge article... just store it into your notes somewhere.
All the other Web 2.0 stuff
Works the same. It's like fishing without the "ph". Just pull the precious information out... and let the other stuff end up in /dev/null. Or your spam-folders... Using these networks for yourself while announcing your competences and making yourself well known is a whole other thing. That's not what this is about.
Mailing-lists and other pre-web2.0 stuff
Oldskool and plain, but essential to get into some of the discussions. If you have specific questions, while trying out a new tool or while programming... join a Mailinglist and read around. You may want to post your question. I guess now one needs to know how to use the mbox or Maildir format to parse information. Most clients have folders, message-filters, tags, highlight functions.
It's not important whether it's a Mail or an IRC log. Plaintext is plaintext.
I guess that's it pretty much. I'll try to add the Seeking tutorials this week. I hope. That'll be more concrete and support my ideas to bring the real useful information into the center of your daily "stay informed" workflow. Something as dynamic as IT just needs this.
It's simply a new era of media culture, in which you can dive deeply into by concentrating the mass of text automatically. A little known fact is, that auto-summary functions in MacOS work out of the services-menu (if you marked the text) and with AppleScript:
Even that reduces most eMails and other converstions by round about 30%. Even this Blog-entry.
Have fun,
wishi
Tags: 
Post new comment