Feeds

Moore's the modern Weegee

'Credit hole by HD Moore the famous'

Security for virtualized datacentres

One of the most interesting characters to live and thrive in New York City between the Depression and the end of World War II - a time when interesting characters seemed to make up the lion's share of dwellers in that great American city - was Weegee.

A photographer by trade, a dweller in the night by temperament, and a freelancer by design, Weegee (real name, Arthur Fellig) prowled about the city from dusk to dawn in his car. In it he kept a shortwave radio tuned to the channels used by the cops, a typewriter, his 4x5 Speed Graphic camera, and the chemicals needed to immediately develop photos, plenty of cigars, and fresh underwear, just in case.

Weegee had the almost uncanny ability to appear on the scene just after - or just as - something dramatic, crazy, violent, or catastrophic happened, even before the police arrived (hence the name: Weegee as in "Ouija," like the board game).

He'd hop out of his car, take the photos that brought him fame and cash, develop the film in his car's trunk slash darkroom, and then drive the fresh prints to the papers that bought his work: The Daily News, The Daily Mirror, and PM.

Weegee's photos still have an astonishing power today, well over half a century after they were taken. Murdered citizens and gangsters (this one's kinda graphic, so you've been warned), victims of fires and car accidents, folks sleeping on fire escapes to beat the sweltering heat, lovers kissing passionately while watching a 3D movie, overwhelming massess of humanity at Coney Island, an interesting mix of city dwellers on New Year's Eve, Harlem church-goers, bums.

And criminals. Always criminals. Criminals in the paddy wagon, getting booked, parading into the station, and sitting in the pokey.

For more Weegee, check out Naked City, Weegee's New York Photographs, 1935-1960, or Weegee's World. You won't be disappointed.

Weegee showed the world the New York of heat, sweat, crime, and death. His photos weren't always pretty, but they revealed the real city, and they told the truth. Sometimes people don't want to hear the truth - it's ugly, or it's unpleasant, or it damages the business interests of certain individuals. But that truth needs to be published, and people need to see it.

Which brings me to HD Moore and the Month of Browser Bugs Project. Moore is one of the brightest guys working in the security world right now, especially in the area of vulnerability research. He's responsible for the awesome Metasploit Project, an "advanced open-source exploit development platform...for legal penetration testing and research purposes" that currently contains 143 exploits and 75 different payloads (for more on the Metasploit Framework, check out previous SecurityFocus articles of interest).

After his interest was piqued by the work of others, Moore began creating his own fuzzers.

A fuzzer basically sends randomised data to a program's inputs. If something weird happens - a crash, for example - then the fuzzer has done its job. Moore's fuzzers first looked for flaws in Internet Explorer's implementation of ActiveX (unsurprisingly, a rich source of bugs and issues). From there he spread out to a fuzzer that tests various browsers' methods for DHTML.

On 2 July, Moore wrote the following in his blog:

Over the last few months, I have taken an interest in web browser security flaws. This interest has resulted in my collaboration on a few fuzzing tools...The vendors have been notified and the time has come to start publishing the results. I will publish one new vulnerability each day during the month of July as part of the Month of Browser Bugs project.

This information is being published to create awareness about the types of bugs that plague modern browsers and to demonstrate the techniques I used to discover them.

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.