Tag: Chris Wysopal

  • NaClCON Talks I Am Excited For

    NaClCON Talks I Am Excited For

    Earlier this month, I published “My Unofficial NaClCON FAQ” talking about a new security conference (NaClCON) that I am excited for. It’s still a bit surprising to myself that I am interested in one at all. I fully thought I was done with them, but here we are! After participating on the Call For Papers…

  • Google VulnSearch?

    [This was originally published on the OSVDB blog.] Fall behind and someone will always beat you to the punch! Gadi Evron posted an entry over at Securiteam on the topic of using Google’s Codesearch to find vulns. Since he and others are writing about this, I don’t have to! However, i’ll post a few more…

  • No Exception for Symantec

    [This was originally published on the OSVDB blog.] Symantec posted a message to Bugtraq earlier this month announcing the availability of a new advisory. The advisory presumably covers a vulnerability or issue in Symantec On-Demand Protection. If you are reading this blog entry a year from now, that is all you may find on it.…

  • Microsoft’s Responsible Vulnerability Disclosure, The New Non-Issue

    [This was originally published on attrition.org] For almost a decade, a debate over the concept of Full Disclosure has reared its ugly head. Carried out on BBSs, newsgroups, security conferences, mail lists, parties, coffee shops and everywhere else, the Full Disclosure debate can be called “long standing” to say the least. As with everything in the computer…