Help! I’m Somewhere Where I Don’t Know Where I Am!

Thomas Ptacek | December 9th, 2007 | Filed Under: Navel Gazing, Uncategorized

Holy crap.

Our last post was an entire month ago!

So, here’s what happened: we got slammed.

Let me sum it up for you: I am going to go out on a limb and predict that we’ll be posting screen shots of the product, in anticipation of its release, by the middle of January ‘08. We’d show it to you now, but then you’d get to draw an uncomfortable “before-and-after” conclusion about our design skills —- we’re waiting on a turn from our UI designers.

(January, oh-eight? What the hell is wrong with us? Oh, yeah, consulting. Worth it. But painful. I laughed at the guy who told me we’d have no problem shoving product out the door while keeping a full client workload; we were turning out more lines of code per day than my old employer! Turns out I forgot about a little thing called QA.)

Operating under the assumption that you don’t care about the machinations of Matasano, the company: here’s what happened with the blog:

Not posting became “a thing”. As in, “oh my god, it’s been three weeks since we posted!”. And I’m like, “I’ve got an awesome post queued up —- This Old Vulnerability: SSH CRC Compensator Attack!” And, so, it turns out: don’t do that. Obsessing over post quality delayed this post by at least two weeks, and you have this guy to blame.

And hence this insipid meandering post, because if I don’t write something, it could be 4 more weeks before you see us again.

Some things to expect in the next 2 weeks here:

And like 20 other things we’ve queued up in the meantime.

Thanks for your forebearance. Glad to be back.

6 Comments so far

  • dre

    December 9th, 2007 10:23 pm

    i haven’t read the wikipedia post yet, and i have no idea what you mean by an SSH-CRC Compensator attack (no time to google right now), but wanted to drop you notes on the others:

    Monti’s Exploring Protocol series could use some pre-work such as proxy fuzzing or client hooking. I want to see you guys talk more about the work you would do before starting protocol dissection, as well as the aftermath. Use the new uhooker scripts as examples, and some Mac OS X ktrace output would be very nice.

    Ptacek’s Ruby RT CG debugger framework sounds great and I’m really looking forward to him talking more about this and comparisons to Cody Pierce’s PyEmu

    Thanks for posting; good to have you back!

  • Ryan Russell

    December 10th, 2007 12:08 am

    Chpwnd!

  • Thomas Ptacek

    December 10th, 2007 2:30 am

    I will lose any head-to-head comparison between PyEmu and rasm/frasm. Rasm/frasm is a blog post; Cody’s is a big long research project. Also: Cody smarter than Thomas. Thomas sad now.

  • dre

    December 10th, 2007 6:10 pm

    @ Tom:

    jms wrote a Binary Protocol Dissector that also looks interesting.

    I think Cody Pierce is the only name I have in my Google Alerts, which is often annoying because there’s a lot more Cody Pierce’s out there than you would think.

  • required

    December 11th, 2007 2:56 pm

    Month off, well rather have a good blog, than cable crap.
    Anyway, I enjoy your blog.
    Sure would be interesting to read about your opinions about trusted computing, and what seems to be major pushes for that maybe in 2010, 2012?
    Peace.

  • sigsegv

    January 8th, 2008 9:41 am

    Are you sure that it had nothing to do with Gobbles’ new blog? :)

    • Leave a reply