For reference, if you’re using Mono and trying to use HttpWebRequest and friends to make a connection with a client certificate and you get an exception, it’s because you don’t have any trusted root certificates in the Mono certificate store (even if you are bypassing server certificate validation using the old trick of having a Validation handler returning true). You can fix this by doing
sudo mozroots --import --machine --sync
Forgot the Administrator’s Password? - Change Domain Admin Password in Windows Server 2003 AD
Some amazing tidbits of information on how to manipulate windows to do your bidding. It really shows how complex applications end up being almost impossible to secure… especially when they were not designed to be secure to begin with.
How to write Buffer Overflows in Assembly
Just as the author wrote the article as a reminder of how to do it, so I am putting this one here so I can remember where to find it! :p Wish I’d do as he did more often, I seem to keep losing code everywhere nowadays…
Further problems with SHA-1
So what is SHA-1?
From wikipedia: _The SHA (Secure Hash Algorithm) family is a set of related cryptographic hash functions. The most commonly used function in the family, SHA-1, is employed in a large variety of popular security applications and protocols, including TLS, SSL, PGP, SSH, S/MIME, and IPSec. SHA-1 is considered to be the successor to MD5, an earlier, widely-used hash function. The SHA algorithms were designed by the National Security Agency (NSA) and published as a US government standard.
Forensics
Not directly related to coding, but a very interesting topic on it’s own, is Computer Forensics and Incident Response. To relate this to coding, this field is so new that there’s a huge need for good solid reliable smart tools to analyze and extract information from systems. I mean, even the most basic of informations, like knowing the memory map of a running windows system, is still an unkown!