Stay updated on FogMarks. More to come soon. Pinky-swear.
Ok ok, I know.
(TL;DR;- Me apologising for not being around this year. You can skip right ahead to the case-study)
No post has been made since January 2018. Not even one XSS has been triggered, not even one byte of data has been leaked from a DB and not even one line of arbitrary code has been remotely executed. I can continue with that all night.
But listen, before the beating, hear me out first.
FogMarks has started as a self-test. Somewhere around November 2015, I worked as a junior security researcher in some company. That place had terrible work manners: “Juniors are dumb, so they should not be writing code to the production products (i.e. add features, involve in development), nor conduct security research. They should first sit down and look at others work”. Honestly, I was never good at looking at others and doing nothing.
So, I offered my help and expressed my opinion in a lot of issues and active researches that were going on. And well, they didn’t like that.
They have complained about me to the “superiors” and I was (rudely) asked to pretty much mind some other boring-junior-business.
At that time I was fascinated about finding a way to disable the AdBlock chrome extension remotely (yes, not the nicest thing to do, I know:). I started to conduct my own private research at the evenings. I was coming back from work straight to my real work. Time passed and indeed I have found a way to crash AdBlock (on Chrome 47- Gosh I’m old!). But then, during my research that was involving a lot of digging, T&E and tears, I have exposed to how insecure modern platforms are. I’ve read lots of badly-implemented source code in some very sensitive and widely-used open-source products, and I was shocked at some very half-an-hour-to-find severe security vulnerability that were (and still are, and always will be) in the world’s most popular platforms.
I have decided to devote my time to help solve those issues, conduct white-hat security research and most importantly- share my experiences, thoughts, ideas and some of my work methods and ideologies – here.
This is the story of how FogMarks was born. By the way, if we are completely honest here, the name FogMarks popped-up in my head only around February 2016, while driving to the cinema during one of Israel’s heaviest fogs ever. The road had blinking warning marks on it, and at some point I told my girlfriend that I only see marks in the fog and I just follow them to safety. Fog Marks.
So what the hell happened in 2018?!
After 2 years of researching, I’ve came across some very interesting development opportunity. Not something crazy, but some very helpful set of utils that can ease the life of a lot of people.
The thing is that developing it took a lot of time and a lot of planning. So I wasn’t active at all since January.
So you missed and came back crawling.. ha?!
Yeah. You got it. Security researching is one of the funnest things I’ve done in my career life. I had to put it on some hold so I could focus on that other project. But this year, I hope that project has been staebliezied- so I’m back on baby!
Keep Your Friends Close and Your Domains Closer!
Edit [30/12/2018: This part will be published on January 1st, as I hope that company will allow me to disclose its name by then.
Edit [01/01/2019]: Post has been published.