Feeds

Moore's the modern Weegee

'Credit hole by HD Moore the famous'

Choosing a cloud hosting partner with confidence

One of the most interesting characters to live and thrive in New York City between the Depression and the end of World War II - a time when interesting characters seemed to make up the lion's share of dwellers in that great American city - was Weegee.

A photographer by trade, a dweller in the night by temperament, and a freelancer by design, Weegee (real name, Arthur Fellig) prowled about the city from dusk to dawn in his car. In it he kept a shortwave radio tuned to the channels used by the cops, a typewriter, his 4x5 Speed Graphic camera, and the chemicals needed to immediately develop photos, plenty of cigars, and fresh underwear, just in case.

Weegee had the almost uncanny ability to appear on the scene just after - or just as - something dramatic, crazy, violent, or catastrophic happened, even before the police arrived (hence the name: Weegee as in "Ouija," like the board game).

He'd hop out of his car, take the photos that brought him fame and cash, develop the film in his car's trunk slash darkroom, and then drive the fresh prints to the papers that bought his work: The Daily News, The Daily Mirror, and PM.

Weegee's photos still have an astonishing power today, well over half a century after they were taken. Murdered citizens and gangsters (this one's kinda graphic, so you've been warned), victims of fires and car accidents, folks sleeping on fire escapes to beat the sweltering heat, lovers kissing passionately while watching a 3D movie, overwhelming massess of humanity at Coney Island, an interesting mix of city dwellers on New Year's Eve, Harlem church-goers, bums.

And criminals. Always criminals. Criminals in the paddy wagon, getting booked, parading into the station, and sitting in the pokey.

For more Weegee, check out Naked City, Weegee's New York Photographs, 1935-1960, or Weegee's World. You won't be disappointed.

Weegee showed the world the New York of heat, sweat, crime, and death. His photos weren't always pretty, but they revealed the real city, and they told the truth. Sometimes people don't want to hear the truth - it's ugly, or it's unpleasant, or it damages the business interests of certain individuals. But that truth needs to be published, and people need to see it.

Which brings me to HD Moore and the Month of Browser Bugs Project. Moore is one of the brightest guys working in the security world right now, especially in the area of vulnerability research. He's responsible for the awesome Metasploit Project, an "advanced open-source exploit development platform...for legal penetration testing and research purposes" that currently contains 143 exploits and 75 different payloads (for more on the Metasploit Framework, check out previous SecurityFocus articles of interest).

After his interest was piqued by the work of others, Moore began creating his own fuzzers.

A fuzzer basically sends randomised data to a program's inputs. If something weird happens - a crash, for example - then the fuzzer has done its job. Moore's fuzzers first looked for flaws in Internet Explorer's implementation of ActiveX (unsurprisingly, a rich source of bugs and issues). From there he spread out to a fuzzer that tests various browsers' methods for DHTML.

On 2 July, Moore wrote the following in his blog:

Over the last few months, I have taken an interest in web browser security flaws. This interest has resulted in my collaboration on a few fuzzing tools...The vendors have been notified and the time has come to start publishing the results. I will publish one new vulnerability each day during the month of July as part of the Month of Browser Bugs project.

This information is being published to create awareness about the types of bugs that plague modern browsers and to demonstrate the techniques I used to discover them.

Internet Security Threat Report 2014

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.