Feeds

Moore's the modern Weegee

'Credit hole by HD Moore the famous'

The essential guide to IT transformation

One of the most interesting characters to live and thrive in New York City between the Depression and the end of World War II - a time when interesting characters seemed to make up the lion's share of dwellers in that great American city - was Weegee.

A photographer by trade, a dweller in the night by temperament, and a freelancer by design, Weegee (real name, Arthur Fellig) prowled about the city from dusk to dawn in his car. In it he kept a shortwave radio tuned to the channels used by the cops, a typewriter, his 4x5 Speed Graphic camera, and the chemicals needed to immediately develop photos, plenty of cigars, and fresh underwear, just in case.

Weegee had the almost uncanny ability to appear on the scene just after - or just as - something dramatic, crazy, violent, or catastrophic happened, even before the police arrived (hence the name: Weegee as in "Ouija," like the board game).

He'd hop out of his car, take the photos that brought him fame and cash, develop the film in his car's trunk slash darkroom, and then drive the fresh prints to the papers that bought his work: The Daily News, The Daily Mirror, and PM.

Weegee's photos still have an astonishing power today, well over half a century after they were taken. Murdered citizens and gangsters (this one's kinda graphic, so you've been warned), victims of fires and car accidents, folks sleeping on fire escapes to beat the sweltering heat, lovers kissing passionately while watching a 3D movie, overwhelming massess of humanity at Coney Island, an interesting mix of city dwellers on New Year's Eve, Harlem church-goers, bums.

And criminals. Always criminals. Criminals in the paddy wagon, getting booked, parading into the station, and sitting in the pokey.

For more Weegee, check out Naked City, Weegee's New York Photographs, 1935-1960, or Weegee's World. You won't be disappointed.

Weegee showed the world the New York of heat, sweat, crime, and death. His photos weren't always pretty, but they revealed the real city, and they told the truth. Sometimes people don't want to hear the truth - it's ugly, or it's unpleasant, or it damages the business interests of certain individuals. But that truth needs to be published, and people need to see it.

Which brings me to HD Moore and the Month of Browser Bugs Project. Moore is one of the brightest guys working in the security world right now, especially in the area of vulnerability research. He's responsible for the awesome Metasploit Project, an "advanced open-source exploit development platform...for legal penetration testing and research purposes" that currently contains 143 exploits and 75 different payloads (for more on the Metasploit Framework, check out previous SecurityFocus articles of interest).

After his interest was piqued by the work of others, Moore began creating his own fuzzers.

A fuzzer basically sends randomised data to a program's inputs. If something weird happens - a crash, for example - then the fuzzer has done its job. Moore's fuzzers first looked for flaws in Internet Explorer's implementation of ActiveX (unsurprisingly, a rich source of bugs and issues). From there he spread out to a fuzzer that tests various browsers' methods for DHTML.

On 2 July, Moore wrote the following in his blog:

Over the last few months, I have taken an interest in web browser security flaws. This interest has resulted in my collaboration on a few fuzzing tools...The vendors have been notified and the time has come to start publishing the results. I will publish one new vulnerability each day during the month of July as part of the Month of Browser Bugs project.

This information is being published to create awareness about the types of bugs that plague modern browsers and to demonstrate the techniques I used to discover them.

Next gen security for virtualised datacentres

More from The Register

next story
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.