Archive for the ‘Security’ Category
Saturday, December 25th, 2010
Last week I presented my research about "Adding ASLR to jailbroken iPhones" at the Power of Community 2010 (POC2010) security conference in Seoul. During my talk I explained how one can use a modified 'rebase' utility to rebase the dynamic linker dyld on the iPhone. Rebasing dyld is important because ...
Posted in Projects, Security, iPhone | No Comments »
Wednesday, December 1st, 2010
December has arrived and it is time to announce my talk for the Power of Community security conference in Seoul. This year I will not only return there for the 3rd time as speaker, but this time I will talk about something not related to PHP or web security at ...
Posted in Projects, Security, iPhone, korea | No Comments »
Sunday, May 2nd, 2010
In case you haven't noticed it through the other channels already...
The Month of PHP Security 2010 has finally begun.
During the Month of May 2010 we (SektionEins) will post every day at least one new vulnerabilities in PHP and one new vulnerability in a PHP applications. In addition to ...
Posted in PHP, Security | No Comments »
Monday, April 19th, 2010
At SyScan'10 Singapore I will give a two day workshop about "Advanced PHP Auditing at Source and Bytecode Level".
This course will teach students advanced methods and techniques for PHP application audits at source code and at bytecode level. The students will get to know the most common PHP security problems ...
Posted in PHP, Security | No Comments »
Friday, April 9th, 2010
The Month of PHP Security committee has decided to extend the CFP deadline from April 11, 2010 to April 18, 2010. The reason for that is very simple: so far we only got a few submissions from the PHP community and the security community. Even fewer submissions than we have ...
Posted in PHP, Security | No Comments »
Friday, April 9th, 2010
During the Month of PHP Security there will be a Zend Webinar about "Secure Application Development with the Zend Framework" by me. While this webinar is not directly connected to the MOPS and the time (5th of May) is just a coincident it fits nicely into the whole MOPS idea. ...
Posted in PHP, Security | 4 Comments »
Sunday, March 14th, 2010
Hier einmal ein Announcement in letzter Minute: in zwei Tagen halte ich für Zend ein Webinar über "Sichere Applikationen auf Basis des Zend Frameworks".
Immer mehr PHP-Entwickler setzen das Zend Framework bei der Programmierung neuer Applikationen ein. Für die Entwicklung bringt dies einige Veränderungen mit sich, da mehr ...
Posted in PHP, Security | 1 Comment »
Friday, March 5th, 2010
Together with the release of PHP 5.3.2 by the PHP team I have released Suhosin-Patch 0.9.9.1 which comes with bugfixes and new features. The changes are:
fixed some crashbugs for IA64 architecture
check return value of mprotect() to ensure that memory is read only - credits: PAX Team
fixed mprotect() call - encrypted ...
Posted in PHP, Security | 5 Comments »
Friday, March 5th, 2010
While going through the HTTP_REFERER log of the Month of PHP Security website I realised that there are more incoming refers from various blog posts about it than there are submissions to drawing@php-security.org. Like I previously announced we will honor 10 blog postings with 25 EUR amazon coupons. The winners ...
Posted in PHP, Security | 2 Comments »
Saturday, February 27th, 2010
Two days ago I installed a mail client on my reinstalled desktop system that was not doing anything for 2 month and checked mails of the hardened-php account that were not checked for 2 months. Usually noone uses this email account to contact me, but the Suhosin bug reports sometimes ...
Posted in PHP, Security | 40 Comments »