Hey there! jeremiahg is using Twitter.

Twitter is a free service that lets you keep in touch with people using the web, your phone, or IM. Join today to start receiving jeremiahg's updates.

Already using Twitter via SMS or IM? Finish signing up.

jeremiahg

@kuza55 Oh I definitely agree. Web security = broken. @jasonmoliver take up your video camera and disable your mic too. about 4 hours ago from twitterrific in reply to kuza55
http://tinyurl.com/453ljh about 4 hours ago from twitterrific
RSnake has a good summary up. about 4 hours ago from twitterrific
Welp with Clickjacking + Flash, Web pages can see and hear you, among other things. http://doiop.com/gja804 Does it get much worse? about 4 hours ago from twitterrific
@synopsi I'll be giving on at HiTB on the 29th and RSnake will deliver one I believe in Taiwan on the 28th. about 4 hours ago from twitterrific in reply to synopsi
@roncharette Clickjacking is still technically possible to perform without the aid of JavaScript, just makes it a little harder. about 4 hours ago from twitterrific in reply to roncharette
@kuza55 either way its a pain. Everyone is going to have to add a snippet of JS to everyone of their pages, or maybe just the importants one about 5 hours ago from twitterrific in reply to kuza55
@synopsi See here. http://doiop.com/8k3rbs about 8 hours ago from twitterrific in reply to synopsi
@synopsi framebusting code is best. That coupled with important "buttons" utilizing JS. Scary and strange I know. about 8 hours ago from twitterrific in reply to synopsi
@synopsi NoScript is the best option right now. You meant protect the "user" right? about 9 hours ago from twitterrific in reply to synopsi
@op24 1 week away from my time off as well. Sand, surf, sleep here I come. :) about 16 hours ago from twitterrific in reply to op24
Whenever I'm asked how many hours a week I work, the normal answer is "all of them". ;) 07:04 PM October 06, 2008 from twitterrific
@McGrewSecurity to make sure no one reads it I guess. 05:09 PM October 01, 2008 from twitterrific in reply to McGrewSecurity
@sarapeters two of the better clickjacking articles http://doiop.com/qw51fl http://doiop.com/2f5c01 04:13 PM September 30, 2008 from twitterrific in reply to sarapeters
@dakami so if I deny all TCP packets to my powerbook, I'm safe!? ;) 12:01 PM September 30, 2008 from twitterrific in reply to dakami
sockstress, let the disclosure games begin! http://tinyurl.com/46qnux 12:00 PM September 30, 2008 from twitterrific
@cykyc I won't pretend to understand the specifics, but that sounds about right to me. Robert E Lee could say for sure. 10:38 AM September 30, 2008 from twitterrific in reply to cykyc
@cory_scott some of them kinda do have that power though. I'm thinking if confirmed by enough people, the TCP session exhaustion could do it 10:37 AM September 30, 2008 from twitterrific in reply to cory_scott
Generic TCP related, "new attacks that will render a remote system unavailable using a very low bandwidth attack stream." 09:49 AM September 30, 2008 from twitterrific
I think @op24 is on the verge of disclosing another "break the internet" bug. http://doiop.com/ie8d5p 09:48 AM September 30, 2008 from twitterrific