FOSDEM

Each year in Brussels, Belgium there is a conference called FOSDEM. It is organized on the last weekend of February. There seem to be some interesting talks about security and program developement this year. The development track is almost fully dedicated to various CVSes. The choice of CVS is an object of faith like the choice of the editor so it doesn’t hurt to go and see what others use…
I’ll also attend the the talk about valgrind by Julian Seward. I loved the tool from the first time I used it.
See you there 🙂

FindCrypt2

I realized that it is quite easy to make FindCrypt work with big endian programs. For that we just need to know the size of each constant array element and swap them if required. So here is the second version of FindCrypt. It introduces the following improvements:

  1. it works with both little and big endian programs
  2. it knows to reuse old slots in the bookmarks if run repeatedly
  3. it is fully automatic and scans each new created database. manual scan is still available

Future possible improvement: a tool which would extract constant arrays from the source code of any project. This tool can be written on perl or python and will be quite simple (we only have to handle constant array definitions in C). More sophisticated tool could also take care of type definitions like “typedef long LONG”…
For your convenience, here are links to both versions: findcrypt.zip and findcrypt2.zip
Compare them to see the differences, there aren’t many!

Windows WMF Metafile Vulnerability HotFix

This week a new vulnerability was found in Windows:
http://www.microsoft.com/technet/security/advisory/912840.mspx
Browsing the web was not safe anymore, regardless of the browser. Microsoft will certainly come up with a thouroughly tested fix for it in the future, but meanwhile I developed a temporary fix – I badly needed it.

Continue reading Windows WMF Metafile Vulnerability HotFix