Skip to main content


Showing posts from January, 2010

Flash, time for you to die

I've been reading a lot of hubbub about the new Apple iPad not having the capability of displaying Flash.  Of course!  It stands to reason that it can't, it has the same OS as the iPhone, which, also can't display Flash.  Which leads me to think, why do we need flash?

Answer is, we don't.  Not anymore.  90% of Flash usage is for audio or video on the Internet and HTML5 can handle <audio> and <video> tags.  It can do Canvas. (Oh and a TON more, I'm just illustrating a point.)  Some of the major browsers have adapted most of these technologies.  Webkit (Invented by Apple, powers Safari, Webkit, and Google Chrome [amongst others], and Presto (The rendering engine that powers Opera) have supported more than the other two majors (Gecko -- The engine that powers Firefox and all of it's kin), and Trident (The engine that powers Internet Explorer).  The last being the worst adopter.  Surprisingly.

I read somewhere (I can't find it now), about most browser…

One thing I forgot to mention about the iPad

People are already criticizing it because it doesn't have Flash on it (it runs the iPhone OS). I say to those people, GOOD.

Flash is, as the last year has shown us, a horrible piece of programming and it needs to die. HTML5 will kill it off for the most part, and it needs to stay dead. I don't think that Flash will be around much longer, and frankly, I'm not sad about it.

In the next few years, now that the iPhone is as big as it is, iPad will be all over the place (I think), flash will be dead, and developers will be rewriting their webpages to use things like H.264 and HTML5. There will still be things like the "Punch the monkey" banner ads that need to use flash (and various other games), but those people that develop those games, welp, looks like it may be time to move on.

iPad, why it's interesting

Yesterday, as everyone -- including me -- expected, Apple introduced their first big foray into the tablet computing market (if you don't count the iPhone as a tablet) called the iPad.

Which, even I, as an Apple fan, has to admit-- is a stupid name.  iSlate, or even "Tablet" would have been better, but, whatever.  (Plus, Fujitsu owns the "iPad" trademark, so we'll see what it winds up being -- remember "iTV" changed to "Apple TV" at launch.

Am I interested in one?  Yes.  I am interested because it's just enough for me to NOT have to carry around my laptop bag anymore.  Potentially eliminating the need to carry anything outside of a jacket. (Using a jacket like the Scottevest line: -- which is just handy, all those pockets.)  90% of my work could be done a device like this, and I'm just happy about that.

I don't think people are overwhelmed by it right now in this iteration because people feel it's …

This week was busy

This week, we at Sourcefire had our annual Sales Kickoff meeting. Basically a good look backwards at 2009, and what we did right and wrong, a look ahead and goals for 2010.

Obviously most of what we talked about is corporate confidential, but I think we all left with a good idea about where we are going this year. That we should be pumped up, because we are doing good things and will continue to do so.

Also this week I was placed on a list of people to call for radio stations about the Haiti relief scams, this has been quite an adventure as well.

I've done about 20 interviews, some live, some recorded, for all kinds of radio shows, morning, evening and day shows all around the United States.

All the interviews were about 5-10 minutes long, and I've been repeating myself a lot, but it's been fun. Hopefully that will wind down this week and things will get back to normal.

Haiti domain registrations on the rise

Over the past couple days I've been reporting over on the Internet Storm Center about the number of domains that have been registered (either legitimately for good use, or for malicious use) concerning the Haitian Earthquake disaster.  Read the original article here.

Like I said in that article, we're assuming that these domains are being registered for legitimate and helpful use, but we try and keep our eye out for the illegitimate ones, just in case someone wants to put some malware on a site, or try and trick you into giving up your credit card numbers or donating money via Paypal to a "cause" that never donates the money to Haiti on the backend.  We saw this with Hurricane Katrina, we saw it with the Tsunami disaster, and now, we are seeing it with the Haitian Earthquake.  (See the article here.)

But the number of registered domains is on the rise.  We saw 38 on Wednesday, 445 on Thursday, and today we saw 680.   (So, well over 1,000) It's practically impossibl…

Haitian earthquake news

Today, I posted an article on the Internet Storm Center about the fact that sometimes domains are parked and used for malicious use when a disaster occurs.

Domains like haitiearthquake2010 and haitiearthquakerelief and various names like that.

Well, because this is of such a large concern, I was contacted by no less than 5 news organizations today. Newsweek, ABC news, CBS news, SCMagazine, and All wanted comments and news about the Haitian disaster and the monitoring that we have taking place in order to protect people from getting scammed.

A couple of the articles I was mentioned in can be found above at my "in the media" link.

I think it's great that news organizations are taking an interest in protecting the World against these predators.

Always remember, the safe bet is to donate money via an outlet like

Please donate.

Article about Sourcefire's 4.9 release

Recently Sourcefire (the company I work for) released the newest version of our system.  Version 4.9.  While I have personally enjoyed working with it over the past few months (in beta, and now in production), it seems others out there have a great view of it as well.

Check out an article about it here.

Firefox 3.6rc1 is out

Mozilla has put out Firefox Release Candidate for version 3.6 of the browser, and as always, it's publicly available via their website.  Just a reminder that this is an RC, not a full version upgrade or anything, and it's essentially beta code, so your milage may vary.

The list of bugs that go into 3.6 that are fixed are pretty significant, even several security updates.

Which tells me that the release of 3.6 isn't far behind.

Firefox keeps up upgrading, and while it's by far the favorite browser of my blog readers, I can't help plugging Chrome, even in it's Mac Beta/Dev status, it's a great browser.  I am of the opinion that Chrome is much faster than Firefox.  Firefox still feels bloated and slow to me.

One of my favorite features is that Firefox will warn you of out of date plugins, while it did this pretty reliably…

PulledPork 0.3.4 released

I know plenty of you that read my blog are interested in Snort Rules, and are always open to the management of Snort rules in an easier fashion.  Often, in the past our (our being the 'Snort Professionals') recommendation has been "Oinkmaster".  Perl program, pretty stable, kept rules up to date and such.  Well, Oinkmaster kind of died in terms of support so one of our own guys at Sourcefire stepped up for the community and put out, for free, Pulled-Pork.  (Originally called "Baconator", but we asked him to change the same so that Wendy's didn't sue.)

Anyway, JJ, the author of Pulled-Pork, a fellow Sourcefire employee, and the guy that runs released version 0.3.4 of Pulled-Pork today.  It has some very significant updates that we hope Snort users will be keen on.

For some time, within the Sourcefire interface, you can start off the creation of your policies (and the further updating of your policies) from one of three "bases".…

iPhone compatability

When I moved to the current theme, I received a couple emails telling me that the theme is hard to read on an iPhone.  So I fixed that.  If you browse to the blog on an iPhone you will now receive a completely different screen and interface, one that is very iPhone compatible, user-friendly, and still allows you to use all the features of the site (commenting, emailing, etc) as you normally would.

So here's what it will look like now when you navigate to the site on an iPhone:

You notice the drop down at the top right of the screen?  This allows you to view the site via RSS, sort by category, even Email me directly from the blog.

If you don't like how the page looks on the iPhone, you can turn this feature off by scrolling down to the bottom of the page and flicking the switch, as seen below:

This is all made possible by the WPtouch theme.  Thanks Wordpress.

Reviewing ModSecurity 2.5, the book

Currently, I am reviewing a book for Packt Publishing, it's entitled "ModSecurity 2.5: Securing your Apache installation and web applications" by Magnus Mischel.

Consequently, I am playing with ModSecurity a bit, and I will try very hard to NOT break things on the blog.

So far it's a good book and it's been quite awhile since I've used ModSecurity (back in the 1.x days) and the configuration has completely changed.  So I'm on a quick learning curve as well.

Verizon Wireless's Fail

Several months ago I ditched my AT&T 3G Card that I was using for mobile Internet and bought a Mifi from Verizon.

A) Verizon has better connectivity in New York (I was spending a lot of time in New York)

B) Verizon has better connectivity on trains than AT&T.  (Not faster, just a more persistant connection.)

Well, in order to manage your account, you have to sign-up for a website called, which, in order to complete the sign-up, asks to text message you your pin/password to verify your identity.  So, I laugh to myself, as the Mifi doesn't have a screen or any way to receive a text.  So, I get a hold of Verizon, and they tell me that their VZwireless software allows you to see the txt's send to the Mifi, okay, fine..

I fire up the software, no "txt".  It's not in the Mac Software, it's only on the Windows VZWireless software.  Hilariously irritating, so the alternative is, they mail you a pin number.  Physically mail you, using snail mail, a p…

A friend of mine and fellow co-worker at Sourcefire started something pretty exciting this year.

Brad Pollard decided this past year to write 140 songs, each 140 seconds long (his inspiration was Twitter) in a year.  So far he's doing pretty good and I've been subscribed to the podcast on iTunes in order to grab them all.

If you like Indie music, or if you don't, either way, go check out Brad's stuff and give him some feedback.  Good job Brad.  Check out the website here.