stacksmash.org

Of palms and faces:

I get the feeling there's a correct answer here, and mine isn't it.

Yesterday I saw this post by wishi: BinVis re-released – Visual Reverse Engineering and Forensics.  Though I’m a fan of Greg Conti’s rumint (and I wish he’d ever update it, dammit), I had never heard of BinVis.  I was intrigued by the title since I’m nothing more than a curious idiot when it comes to reversing.  I tried the old version of the tool – get it here – and while I haven’t a damned clue what it does, I can confidently say it creates lots of pretty pictures and colors.  And that’s what matters to me.

On a somewhat related note, NMAP 5.00 IS RELEASED! OMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMGOMG

I do wish Fyodor would have someone re-design or at least re-skin his site.  It looks hideous.

I’m a little late to this party.  If you’re late too, here’s what happened:

• A group called Sapheads competed in the Defcon 17 CTF.  They did writeups on some of the challenges they were able to solve.
• The latest of these writeups is a manga-style comic.  The new, more-politically-correct version is here.
• It’s new and more-politically-correct because the original version had the lone woman on the team as a hilariously stupid spectator.
• The anti-shazzzam was angry about sexism in the comic.  Here you can see the original panels from the comic.
• Nikita was very angry about sexism in general (really strong, NSFW-type language here).
• Rob Fuller of Room 362 was angry about any isms at all.
• Wesley McGrew gave a typically level-headed assessment.

Now we’re all up-to-date.  I disagree with Nikita that the portrayal wasn’t really that bad; I find it hard to imagine any of the other three characters in a “cheer-leader purpose” role.  On the other hand, the writing suggests to me that something might have been lost in translation.

No matter.  What I really wanted to do with this post is point out how hilarious I find the correction to be:

AND SHE PLAYS RIGHT TACKLE, RAWWWR.

Before, she’s set apart with an unrelated and subservient role.  After, she’s set apart with a few unrelated and over-the-top roles.  I say “unrelated” because it still doesn’t seem like she’s involved – the captions on the rest of the crew tell what they actually do; hers looks more like a few job titles.  This further leads me to think there’s loss in translation and the comic’s author just doesn’t quite understand the nuances of the worship of political correctness.

That said, I would like to glibly voice outrage because, while women were at least represented in the comic at all, my racial category is absent.  I do not see ONE SINGLE purebred German in the crew.  Let me propose a correction.

When he's not cooking Alpenschnitzel, of course.

Hell yes.  (Credit due to Andy Richter.)

The surreal quality of the offending material and the ensuing tiny poop-storm impels me to apply the FAIL tag here.  Now that I’ve made fun of both sides of the argument, it’s time to move on.

Even though I have no respect for it, I’m taking the CISSP exam soon so I can start putting letters after my name and get people to pay me more money because of it. I’m setting up a new account so I can pay them $600 to take their test. I’m filling out a form with the following required fields:

• First name
• Last name
• Title
• Email address

… title?  I don’t have a title, that I know of.  There’s an optional “Prefix” field to take care of something like “Mr.” or “Dr.” (or even “Father” … are a lot of priests taking the exam?).

So, I think I’m just gonna go with “Sovereign Lord.”

I was on Amazon.com yesterday and I noticed Firefox 3.5′s spiffy button in the address bar.  I clicked it, revealing this:

"amazon.com which is run by (unknown)." My guess is the Illuminati.

But at least it’s verified by VeriSign!  I sure feel way more securer now.

Yesterday I competed in the CIPHER 5 competition.  It was a fun challenge, but I wasn’t a big fan of the competition itself.  The scoring system was very unreliable, and we developed an exploit we were unable to use because the scorebot went down for a while.  Teams are supposed to get points for writing vulnerability advisories, but ours were rejected for vague reasons.

Not that any of that mattered, because the team affiliated with the host of the competition jumped straight to the top of the scoreboard and never left the #1 spot.  Nobody else even came close.  Big surprise there.

I had a lot more fun last year competing in the UCSB iCTF – that one was very smooth, functional, diverse, and interesting.  I haven’t heard if there’s another one this year, since (I think) that crew is doing the CTF for Blackhat, but I hope so.