by Jeremy Allen | Jun 22, 2018 | Techniques, Web
Passwords are a mostly necessary part of almost all web applications. A lot of research has gone into how applications should deal with passwords, from the UX of password creation, to the storage of passwords. Large password breaches have taught the security industry...
by Jeremy Allen | Nov 8, 2016 | Techniques, Tools
This post is an introduction to Timmy (Tiny evil man in the middle). There are a lot of MiTM tools used to assess software that communicates via TCP/IP. They all have a few basic ingredients, but often differ stylistically or in their intended use cases....
by Jeremy Allen | Jun 10, 2016 | Threat Modelling
There are a staggering number of M2M gateways on the market. In some cases, gateways are designed and marketed for specific use-cases, such as in-vehicle connectivity and fleet management, sensor data aggregation and telematics, and home automation and management....
by Jeremy Allen | Oct 15, 2015 | IOT, Labs, Techniques
We are often looking at ARM binaries in our favorite disassembler as we work on mobile applications and “Internet of Things” devices. As we worked on this binary we discovered a particular branch instruction that we wanted to modify. If you are familiar...
by Jeremy Allen | Aug 6, 2013 | News
Making small changes to complex high availability systems can have extreme consequences. When these systems provide critical services to the entire planet – like, say, the Domain Name System – even minor changes must be analyzed very carefully. That’s why ICANN hired...
