Skip to content

{ Monthly Archives } October 2006

TWOCrowds.com flickr CAPTCHA test

Noticed on the web somewhere TWOCrowds.com is using the flickr api to create a CAPTCHA test. Looks like they are using the flickr api to pull up a photo tagged with a convention that says “this is a photo of a single letter: r”. Wouldn’t this be pretty easy to defeat? The JPG’s are being […]

SSL + Man-in-the-Middle

Spent some time reading up on SSL and how it defends against against the ‘man-in-the-middle‘ attack. All the pieces to the puzzle were there in my previous post – I just needed a good reference on the protocol. The best references I found were: Introduction to SSL An Overview of SSL (version 2) (Thanks Craig) […]

Charles Proxy

Checking out Charles Web Debugging Proxy while I’m having a bit of a look under of the hood of SSL-Explorer. Snooping on an a SSL session works straight out of the box. Must be using a ‘man-in-the-middle‘ method to sit between me an the SSL website. Yet, when I access https://www.amazon.com via Charles Proxy I […]

My SSL-Explorer Questions Answered

My previous post Remote Desktop + SSH/Putty covered one approach for accessing your home PC via a strong security, strong encryption SSH tunnel. SSL-Explorer from 3SP also looks like a very simple way to remotely access your PC. I first heard of this project when it was mentioned on Steve Gibson’s ‘Security Now!’ podcast (episode […]