I found this little gem waiting for me to approve. I get a bit of spam that Akismet doesn’t toss automatically, but this one struck me as an absolute failure to come across as human. It also struck me that Akismet didn’t toss this one automatically.. .:-\

Russ McRee over at HolisticInfoSec.org wrote a great article talking about Mandiant Highlighter that I and Jason Luttgens wrote. We just released a minor bug fix version, 1.1.3. Here’s the link.

holisticinfosec.blogspot.com/2011/10/toolsmith-log-analysis-with-highlighter.html

Here’s the link to the download:

www.mandiant.com/products/free_software/highlighter/

Here’s a link to the forums:

forums.mandiant.com/forum/highlighter

Highlighter v1.1.3 has been released. Check out the sweet blog post by yours truly over at blog.mandiant.com/.

Lately I’ve been doing some work in C# targeting the 3.5 .NET Framework (because that’s where LINQ — Language INtegrated Query — is introduced).  There are two forms for using LINQ: the query expression form and the method-based query form.  Each allows the exact same functionality and each has its own pros and cons.  I have found that I prefer the method-based form, perhaps because I’m trying to expand my skills with lambda functions and already know SQL well enough to get by. Here is an example of each technique.

First, here is the build-up to the interaction with LINQ:
using System.Linq;
List<string> names = new List<string> { "Alice", "Bob", "Cathy", "Eddie", "Frank", "Gary" };
Easy, right?  Even if you don’t know programming, you might be able to figure out what this means.  Moving on, the following is the query-expression form to show all names ending in the letter “y”. Then the results (in var y_endings) are printed to stdout.
var y_endings = from n in names
                where n.ToLower().EndsWith("y")
                select n;
foreach (string name in y_endings)
{
    System.Console.Out.WriteLine(name);
}
Got it?  Good.  Ok, now here’s a similar query using the method-based form to find all names of length 5 (also printed to stdout):
var fives = names.Where(n => n.Length == 5);
foreach (string name in fives)
{
    System.Console.Out.WriteLine(name);
}
That lambda function is pretty wacky, but it’s saying “Return all values which have a length of 5. I choose to refer to each tested value as ‘n’.”  They aren’t so hard in their simplest forms, but still gave me a little trouble because I’m not familiar with anonymous functions.  You can see how the query expression form is basically a lambda function and maybe that will help form your method-based queries (if you’re so disposed).  Anyway, I just wanted to share the two forms side-by-side.  For more, google LINQ and read.  Ugh.  Do it.

I recently had to get my iPhone restored at an Apple store because I was away from my home computer and my phone was stuck on the loading screen (with the pretty metal apple). I was a little pissed because I knew they were going to upgrade me to the newest firmware (3.1.3) and I didn’t know there was a jailbreak out for it, but I needed my phone!

When I got home, I started sniffing around for a 3.1.3 jailbreak and came across sn0wbreak (ih8sn0w.com/index.php/welcome.snow). I started the app and followed the instructions to get into DFU mode, but the app never moved on from there… always stayed at the DFU Starter Help screen. Realizing sn0wbreeze is not an “official” dev-team release, I went to their blog to see what was going on: that’s where I learned about the Spirit hack.

The Spirit hack (spiritjb.com/) is a small download and a simple screen. You run it with your iPhone attached (some stipulation if you’re using a 3GS) and when the process is over, you have a jailbroken iPhone. Done. The people rejoice.