Feeds

Moore's the modern Weegee

'Credit hole by HD Moore the famous'

Beginner's guide to SSL certificates

One of the most interesting characters to live and thrive in New York City between the Depression and the end of World War II - a time when interesting characters seemed to make up the lion's share of dwellers in that great American city - was Weegee.

A photographer by trade, a dweller in the night by temperament, and a freelancer by design, Weegee (real name, Arthur Fellig) prowled about the city from dusk to dawn in his car. In it he kept a shortwave radio tuned to the channels used by the cops, a typewriter, his 4x5 Speed Graphic camera, and the chemicals needed to immediately develop photos, plenty of cigars, and fresh underwear, just in case.

Weegee had the almost uncanny ability to appear on the scene just after - or just as - something dramatic, crazy, violent, or catastrophic happened, even before the police arrived (hence the name: Weegee as in "Ouija," like the board game).

He'd hop out of his car, take the photos that brought him fame and cash, develop the film in his car's trunk slash darkroom, and then drive the fresh prints to the papers that bought his work: The Daily News, The Daily Mirror, and PM.

Weegee's photos still have an astonishing power today, well over half a century after they were taken. Murdered citizens and gangsters (this one's kinda graphic, so you've been warned), victims of fires and car accidents, folks sleeping on fire escapes to beat the sweltering heat, lovers kissing passionately while watching a 3D movie, overwhelming massess of humanity at Coney Island, an interesting mix of city dwellers on New Year's Eve, Harlem church-goers, bums.

And criminals. Always criminals. Criminals in the paddy wagon, getting booked, parading into the station, and sitting in the pokey.

For more Weegee, check out Naked City, Weegee's New York Photographs, 1935-1960, or Weegee's World. You won't be disappointed.

Weegee showed the world the New York of heat, sweat, crime, and death. His photos weren't always pretty, but they revealed the real city, and they told the truth. Sometimes people don't want to hear the truth - it's ugly, or it's unpleasant, or it damages the business interests of certain individuals. But that truth needs to be published, and people need to see it.

Which brings me to HD Moore and the Month of Browser Bugs Project. Moore is one of the brightest guys working in the security world right now, especially in the area of vulnerability research. He's responsible for the awesome Metasploit Project, an "advanced open-source exploit development platform...for legal penetration testing and research purposes" that currently contains 143 exploits and 75 different payloads (for more on the Metasploit Framework, check out previous SecurityFocus articles of interest).

After his interest was piqued by the work of others, Moore began creating his own fuzzers.

A fuzzer basically sends randomised data to a program's inputs. If something weird happens - a crash, for example - then the fuzzer has done its job. Moore's fuzzers first looked for flaws in Internet Explorer's implementation of ActiveX (unsurprisingly, a rich source of bugs and issues). From there he spread out to a fuzzer that tests various browsers' methods for DHTML.

On 2 July, Moore wrote the following in his blog:

Over the last few months, I have taken an interest in web browser security flaws. This interest has resulted in my collaboration on a few fuzzing tools...The vendors have been notified and the time has come to start publishing the results. I will publish one new vulnerability each day during the month of July as part of the Month of Browser Bugs project.

This information is being published to create awareness about the types of bugs that plague modern browsers and to demonstrate the techniques I used to discover them.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.