From Kim Cameron's Identity blog: Leaving a comment (with CardSpace / IdentityCards). The first time you do this it takes a whopping 11 steps! I fail to see how this is better than current systems or OpenID. (I'm talking about the user experience - from a security point of view Identity Cards are clearly superior to the old username/password type authentication).
From the Pythian group: Performance tuning: HugePages in Linux. Very interesting read. Machines with very much RAM (16/32GB) are getting pretty mainstream in the enterprise and design solutions from 20 years ago (ie 4kb pages) are not very ideal these days.
Got a webmaster-related question or suggestion that is not directly related to the topic of this entry? Instead of posting it here, your best bet is our official Google forum linked from http://www.google.com/webmasters/
From the MNIN Security Blog: two interesting posts - Recovering CoreFlood Binaries with Volatility and Locating Hidden Clampi DLLs (VAD-style). This just reinforces my opinion that there are many tricks you can play with the OS which can render investigate tools unusable. The moral: once the attacker ran code on your machine it is not your machine anymore (rule 1 of computer security). Also, generic tools won't do you any good if you want to investigate targeted attacks...
From Didier Stevens: Shoulder Surfing a Malicious PDF Author - cool. It is always fun to follow the digital trail.
From GNU Citizen comes a cool paper: Universal Website Hijacking by Exploiting Firewall Content Filtering Features. It boils down to the following: