Recent blog entries for metaur

well...
!!
nrnrnrnr

<blog>
How governments have tried to block Tor (28C3)
N3A Theme [original motion picture soundtrack]
nr: Hemma hos Melker Andersson - snabblagat, tillagat, vällagat
</blog>

yeah!
nr: ola wikander - i döda språks sällskap
there is no open-source equivalent of powermta, so someone should write one
</blog>

Here is a little status report, for those who wonder where I went off to. I have worked at Secunia for a year and two months so far, and I have done tasks that hopefully were helpful to my beloved open source community:

• wrote hundreds of security advisories (many of them for open-source applications)
• performed my own security research and found vulnerabilities in evolution, sylpheed/sylpheed-claws/claws mail, vim and others

Recently I have visited The 24th Chaos Communication Congress (24C3) in Berlin, I have seen other things in Berlin for a few days, I have read non-fiction books about astronomy and the history of ideas, and listened to popular music performed by Friday Bridge and Evert Taube (which is nice to indulge in, since those fields of endeavour basically are my interests with some room for variation). After returning from Berlin, I have a really horrible cold (which is not one of my bigger interests).

Ulf kan läsa

"Hell is other people." -- Jean-Paul Sartre

• ELinks || bosserver in OpenBSD
• Speaking of which: Only two remote holes in the default install, in more than 10 years! (Great work, Core!)
• more than halfway through improving the Wikitravel entries for midsized Swedish towns (Helsingborg with its harbour and ferries is especially recommended)
• Veckans låt (enligt U.)

ELOG Multiple Vulnerabilities (my last security audit for Debian)
two new GnuPG vulns (found by other people), so make sure that you upgrade
$NEWJOB is good but takes most of my energy, some edits for Wikitravel though
Malmö is nice because it's different from Stockholm or Linköping
Hesse's "Steppenwolf" seems like a good and true novel so far

</blog>

(webbsurven) Apache modules non-security segfaults
mod_proxy_ftp: segfaults (NULL deref.) when FTP server sends back no spaces in LIST reply
mod_mime_magic: magic file with string and "%n" causes Apache child to crash

two requests from Debian
zabbix - streamripper

misc.
old job => new job
general elections 2006 - voted for these guys

Ulf's YouTube top 6 music video countdown, week 41 (lots of italodisco)
1. Digital Emotion - Go Go Yellow Screen
2. Lucia - Marinero
3. Squash Gang - I Want An Illusion
4. Plastic Bertrand - Ca Plane Pour Moi
5. Via Verdi - Diamond
6. Wish Key - Orient Express

osiris format string bugs ( s + f + nvd ) remote vulnerabilities in security-improving server, popular enough to have half a book written about it
old freshclam bug updated in Mac OS X + there is a US-CERT Vulnerability Note about it
Browser Fun (by HD Moore), Microsoft Excel fun (by lots of people) -- isn't it great how the security of really critical programs used by many millions of people world-wide daily suck horribly?
gimme gimme gimme the style police

Tokyo highlights: (I'm not going to write any descriptions, because I'm really not a travel writer, but these places and activities are heartily recommended)
Tokyo Metropolitan Government Office and nearby buildings - Fuji Television Japan Broadcast Center observatory (great architecture) - eating very fresh sushi in a restaurant next to Tsukiji Central Fish Market - Golden Gai - Ueno-koen with its various museums and a zoo - a live show in Roppongi with Piana and other artists (found here) - a live show in Shibuya with YMCK and other bands (found there as well) - Senso-ji and Asakusa-jinja - Love Hotel Hill - Takeshita st. and Harajuku st. - Design Festa - Roppongi Hills - Shibuya - Yoyogi-koen - National Museum of Emerging Science and Innovation - Imperial Palace East Garden - Yasukuni-jinja - Sony Building - Piss Alley - Akihabara (somewhat overrated) - and much more.
Kyoto: Nanzen-ji - Nijo-jo - Kyoto train station (huge and modern).

[CENSORSHIP] x2 :: (Re: Raf Coney. imtiredofsingingtroublelordhowlonghowlongmustwesingthissong. DECONSTRUCT.ME)

Buffer overflow in ClamAV's freshclam client (Securityfocus || ClamAV || Heise)
Not security related overflows in RRDtool (1, 2) and SoX (again)
Securiteam and OSVDB :: readable blogs about computer security

I've been playing around with ancient version control programs like SCCS (in the form of GNU CSSC) and RCS, and it's interesting to note how many of the not-so-obvious but still important features were present that early on. Do the current version control systems suffer slightly from creeping featurism? Discuss among yourselves. Rhetorical question - answer within.

The song "Laughter" by The Fine Arts Showcase is really, really beautiful.

Apart from that, I've mostly been carrying my briefcase to the office.

cURL 7.15.0, 7.15.1, 7.15.2 (SSAG#001) s + f
Helsinki ( Kiasma - Fazer Café - Stockmann - Tavastia/Semifinal - architecture - design ) -- might sound shallow but that's part of who I am
metamail again and again
Johnny Cash - Astrud Gilberto - The Ramones (taken over someone's record collection) - italodisco
full sentences = evil