Software Security Consultant
Areas of Expertise:
- Web Security
- Software Testing
- Online Gambling
- Security Testing
- Security Training
- consulting
- speaking
- training
Biography
Books
|
|
|
Blog
http://paco.to/
America rewards poor decisions
June 30 2009
If you are an American who makes poor decisions, fear not. Our government rewards you. In big ways and small, what was once the honorable virtue of forgiveness has been twisted into a pattern of taking the sting out of making bad decisions. This just fosters bad decision making and… read moreStuff my iPhone Still Doesn’t Do
June 29 2009
I got an iPhone 3GS recently. That, plus iPhone software 3.0, gives me a lot of new features. I’m still surprised at the things that Nokia had years ago, but Apple still hasn’t adopted. I had a Nokia phone for several years before I got my first iPhone. Now, don’t get… read moreJune 28 2009
If you check out Neuton Mowers, they’re these battery-powered lawn mowers. I get the whole non-polluting, lower noise thing. But their comparison chart leaves something to be desired on the honesty scale. Take a look at the graphic from their front page: Two things strike me as a bit odd. I currently… read moreJune 15 2009
I did a Parody of Paul Simon’s “50 Ways to Leave Your Lover.” It’s very geeky, though. It’s “50 Ways to Inject Your SQL.” Yes, that’s me singing. I got the idea after explaining some really crappy code to my wife and how it did a ridiculous job protecting against SQL… read moreThe suckage that is Dell Tech Support
May 28 2009
As you may know, I bought a Dell Mini 9 to hackint0sh it. I got it running Mac OS X with only a little difficulty (mainly around trying to shoehorn OS X onto a tiny SSD). Then the Wi-Fi card went out. Now, I’m stuck in Tech Support Hell. The TimeLine Thursday… read moreStar Trek boldly went where no one had gone before: good
May 14 2009
There are a gazillion reviews for the latest Star Trek movie out there. Here’s mine. The actors are A+. Unlike George Lucas, who only directs in clichés and can’t direct humans to save his life, JJ Abrams knows how to elicit amazing performances from a cast of great actors. None of… read moreEntourage Rule to Filter Russian Spam
May 08 2009
I’m starting to get a lot of Russian spam now. The good news is that I don’t understand it, so I can’t possibly fall for it. The bad news is that my junk email filters and even Postini are not catching it. I created a rule in Entourage that handles… read moreMay 07 2009
In English, “see” and “look” have very similar meanings, while “oversee” and “overlook” have almost opposite meanings. I find this amusing. It’s even more amusing when it shows up on a resume like the one I saw today: I overlooked a team of five doing blah, blah, blah… So, did this person… read morePoker Copilot: The only poker helper for Mac users?
May 01 2009
I’ve done a bunch of work in online poker lately (for Cigital), and so it’s important for me to improve my game to where I’m not just one of the fish. I was keen to try some of the software that’s out there, but I’m a Mac user. I’m not… read moreApril 24 2009
I recently read Ari Takanen’s Fuzzing for Software Security Testing and Quality Assurance. This is a valuable book on fuzz testing, and timely. Good Things He really puts fuzzing in context. Fuzz testing has been around for a long time, and this book gives you the full historical perspective, as well… read moreWhy is Facebook worse than TV?
April 24 2009
I was just reading “Five Clues That You Are Addicted to Facebook” on cnn.com and it occured to me that Facebook should really be considered in the same light as television.The 5 warning signs are: You lose sleep over Facebook You spend more than an hour a day on Facebook You become… read moreHackint0shing Dell Mini: it Works
April 24 2009
In my previous post I left off without telling you whether or not it worked. In the end, I bought a 32G SSD chip and installed it. (Installing is totally painless and trivial). After that, the Gizmodo instructions worked perfectly. Basically, I wasted a ton of time trying to shoehorn MacOS… read moreFive Reasons for Software Certifications
April 20 2009
Several people I respect (notably Gary McGraw) as well as others that I don’t really know (e.g., the author of this blog post “5 reasons why software certs suck”), have argued vehemently against certifications recently. I am a subject matter expert for the new Certified Secure Software Lifecycle Professional (CSSLP)… read moreHackint0shing Dell Mini 9 on the cheap
April 06 2009
When I read about getting a Dell Mini 9 for $200 and hackint0shing it to run Mac OS X, I was all over it. I ran out and got one. I was a bit frustrated that it required some stuff that would put my total cost over $200. (I got… read moreElfriede Dustin’s Test Automation book
March 13 2009
A colleague of mine has recently published a book Implementing Automated Software Testing. read more


