Cheat And Win - Samsung SSD Contest

The "Fastest Game On Earth" contest is similar in concept to the SoC quiz. Every time you "catch an SSD", you get an additional chance to win an SSD. With unlimited entries, all we need to do is to replay the packet again and again. So what safeguards are in ...

New Form of DDoS

I was always hesitant to use pay-as-you-use services like Amazon AWS, Microsoft Azure and Google App Engine for fear that the cost might spiral out of control if I turn out to be the target of a DDos attack. I did eventually try out app engine, but only because it ...

Web Development in Singapore

In light of the recent fiasco over the NDP website, I thought it would be apt for me to share my thoughts on how I believe web development in Singapore has ended up in this dismal state today. This is definitely not an isolated case, the series of breaches by ...

How I (cheated and) won a quiz

The quiz in question. In case anyone is not familiar with it. (attractive?) prizes to be won. A quick packet capture revealed that the questions could be found here in JSON format. This is what is looked like. Interesting that the answers were included even through "marking" was done only ...

Immigration checks

Earlier today, some MD of a security firm on channel new asia commented that it is impossible to check every single passport against the list of stolen passports due to the time needed to search the database. Such stringent checks would result in massive holdups at checkpoints. Therefore, apart from ...

Encryption and blackmailing

Just read something quite interesting here. Apparently, all the research put into mathematical algorithms is a double edged sword. Encryption can be used to deny the rightful owner access to his data. Fortunately, the attacker in this case made a mistake resulting in a 128 bit key that was easily ...