Universal Principle of Smoothness

This post is fundamentally about humans and how they achieve goals. It is about defeating our tendencies when solving hard problems and pushing the boundaries of our performance. I call it the Universal Principle of Smoothness, but it is really about the fundamental...
Implementing a Password Strength Indicator

Implementing a Password Strength Indicator

Passwords are a mostly necessary part of almost all web applications. A lot of research has gone into how applications should deal with passwords, from the UX of password creation, to the storage of passwords. Large password breaches have taught the security industry...
MiTM using Golang, meet Timmy

MiTM using Golang, meet Timmy

This post is an introduction to Timmy (Tiny evil man in the middle). There are a lot of MiTM tools used to assess software that communicates via TCP/IP. They all have a few basic ingredients, but often differ stylistically or in their intended use cases....

Securing M2M Gateways

There are a staggering number of M2M gateways on the market. In some cases, gateways are designed and marketed for specific use-cases, such as in-vehicle connectivity and fleet management, sensor data aggregation and telematics, and home automation and management....

Patching BL/BLX instructions in ARM

We are often looking at ARM binaries in our favorite disassembler as we work on mobile applications and “Internet of Things” devices. As we worked on this binary we discovered a particular branch instruction that we wanted to modify. If you are familiar...