Milw0rm…I miss you!

Le sigh. That is all I have to say about milw0rm being down for so long. I mean obviously I don’t really use it for exploits, as there really aren’t any viable ones (good in a crunch though if you DO find an unpatched system though) after patching and such, but I miss reading about the ones that they DO have.
I mean come on, this was like the first security-oriented website I REALLY started reading, and that was all because of a bookmark toolbar enclosed with backtrack 3 (or was it 2?).

At least I still have darkc0de.com, a great security oriented forum with programatic POC’s that are very helpful for learning both optimized coding and how many security exploits are actually written.

For me security is something that has fascinated me from the start. To me theres nothing better than finding a failure in a system that can be leveraged to do something proactive and offensive. Not offensive in the malicious sense per say, but failures are generally considered a shortcoming, something that the system is lacking. The ability to transmute this failure into something that accomplishes another task is damn near like alchemy.

I make no claim to be an expert in any sense. I am a student, and I always will be. I break things, but that is a natural path to take when trying to become intimately familiar with a system of any sort. I am just curious, and while this has gotten me in to trouble in the past, id rather have my curiosity then be oblivious to anything security related, because that is how bad administrators are made.

You can make any system secure enough that it isn’t worth a hackers time. That is the number one thing, even if your good, you need all the information before you can even remotely evaluate the most vulnerable spot. While its true in some sense that any system can be compromised given enough time, that also assumes that the system is static in nature. As computing grows more and more powerful, it also gets more dynamic. People are starting to write software with security in mind, and while there will always be bad sys admins and bad programmers failing miserably, we are seeing our world transition from a hacked together system full of bugs to a beautifully built juggernaut of entropy. All security is security by obscurity, but we’re talking about trying to find a needle, buried a mile in the earths crust, from a different galaxy.

On a different note, its getting way to dark way to quick. Its 6:00 and its pretty much black. An average day for me starts at 2:00, so needless to say I’m not going to be getting much sunlight so far up here. This is the part that kills me about being up here. It’s cold, lonely, and boring. Don’t get me wrong. I love cold weather and snow, but when it’s too cold for me to go snowboarding (one of the ONLY ways I can relieve stress up here), thats where I draw the line.

My freshmen year up here, we had 1 snow day, and thats all I’ve seen in the past 3 years. It got down to -35, and nobody’s car would start :-P

I have a feeling I’m going to be writing a lot more articles this winter.