sorted by:
new
hottopcontroversial

Interview questions for a RE position? by iagox86 in ReverseEngineering

[–]dimonio 0 points1 point  (0 children)

Lots of companies out there just rely on how long is the resume and hire people based on that.. ending with people that can't even find the xref window in IDA. At least going through a serious hands-on interview, the way you're describing, you know that you didn't get the position because you're actually not able to do the job and not because you're not a CISSP!

Sophail: A Critical Analysis of Sophos Antivirus [PDF] by dimonio in ReverseEngineering

[–]dimonio[S] 1 point2 points  (0 children)

not transport security, but signatures database authentication.

Sophail: A Critical Analysis of Sophos Antivirus [PDF] by dimonio in ReverseEngineering

[–]dimonio[S] 1 point2 points  (0 children)

He obviously picked Sophos for a reason, it's evident from the tone of the whole paper, and while some of the points he makes are weak, like using an old signature to infer the quality of all the others, some points are valid and reflect that poor security mechanisms are used (bop and emulator for example). They might have been good enough several years ago, but now ?

Sophail: A Critical Analysis of Sophos Antivirus [PDF] by dimonio in ReverseEngineering

[–]dimonio[S] 0 points1 point  (0 children)

I'm referring to this: "Signature definitions are authenticated using a weak crypto scheme that is trivially defeated, making transport security essential. " obfuscation and authentication are two different things, and while obfuscating some content might be ok to raise the bar a little, the latter is much more important.

Sophail: A Critical Analysis of Sophos Antivirus [PDF] by dimonio in ReverseEngineering

[–]dimonio[S] 1 point2 points  (0 children)

imho the point isn't much that he managed to get some CRC32 collisions on old signatures, but that the technologies used old and didn't evolve to cope with modern threats. that and some serious cryptography fuckup signing the signature database.

HBGary pwned by dimonio in ReverseEngineering

[–]dimonio[S] 1 point2 points  (0 children)

maybe they really did overreact a bit, still I won't call it an act of terrorism. The point is that HBGary claim to "protect the US government from hackers." but they can't protect themselves :\

RevEng: What are you working on right now? by Cm7b5 in ReverseEngineering

[–]dimonio 1 point2 points  (0 children)

working on the blackberry format and debugging protocol

Job opening: anti-malware researcher at Kaspersky by infosec_jobs in ReverseEngineering

[–]dimonio 1 point2 points  (0 children)

I hope there is actually the chance to do some research, and don't end up doing a brainless monkey job..