Skip to content

Month: March 2017

Zero Days

RAND Corp study about Zero Day exploits is now available. About 200 Zero Days have been analyzed, and data has been collected on how many groups find them, or how long they stay undetected. Among the findings:

  • Zero-day exploits and their underlying vulnerabilities have a rather long average life expectancy (6.9 years). Only 25 percent of vulnerabilities do not survive to 1.51 years, and only 25 percent live more than 9.5 years.
  • For a given stockpile of zero-day vulnerabilities, after a year, approximately 5.7 percent have been publicly discovered and disclosed by another entity.

The reports highlights the importance of things like Google’s Project Zero: Systematically testing software products of all kinds for possible weaknesses and exploitable bugs, then getting them fixed.


“Breitband für alle” nominated for Bertelsmann Award

Breitband für alle provides FTTH in North Friesland, bluer is better

Because FTTH is a problem in Neuland, especially if you are dependent on German Telekom, a lot of people are taking it into their own hands, bypassing German Telekom.

One Organisation doing this is the Inititative “Breitband für alle” in North Friesland, which has been nominated (german) for the “Mein Gutes Beispiel” (My good example) by Bertelsmann. The awards are being passed out on March, 30. Let’s hope they make it (Bertelsmann Page in German)

Revisiting the UNIX Haters handbook…

Unix Haters Handbook (PDF)

Back in the day, when I was a very little Kris, trying to understand this Unix thing, there have been quite a number of pointers to the UNIX Haters Handbook (PDF, print) by Garfinkel et al.

The uninteresting part of the book complains about the world not adopting the Symbolics LISP machine and development environment as a standard (obviously a nonsensical and short-sighted idea), the other pointed to a number of shortcomings and inconsistencies in the Unix concept and implementation.