wwdevries | 10 years ago | on: Ask HN: Who is hiring? (September 2015)
wwdevries's comments
wwdevries | 11 years ago | on: Hosting Providers: Kill Malware and Fix Vulnerable Websites
We run scheduled scans and very soon we'll be hooking into Apache, FTP, etc. But Patchman is actually preventing malware from being uploaded in the first place by fixing vulnerabilities before they get exploited.
Also, most malware is not executed right after uploading. They usually wait for the weekends.
wwdevries | 11 years ago | on: Hosting Providers: Kill Malware and Fix Vulnerable Websites
Founder here, let me know if you have any questions! Upvotes would naturally be greatly appreciated to get the word out in the US :-) Right now we mostly have large (and small) hosting providers in the EU as customers.
wwdevries | 11 years ago | on: Patchman – Hosting Providers: Kill Malware and Fix Vulnerable Websites
E-mail me at wouter @ patchman . co
Would love to talk to you
wwdevries | 11 years ago | on: Patchman – Hosting Providers: Kill Malware and Fix Vulnerable Websites
@switch33 No, our detection method is hash based. We also have on our roadmap to to content based scanning, that would indeed require un-obfiscating the code.
wwdevries | 11 years ago | on: Patchman – Hosting Providers: Kill Malware and Fix Vulnerable Websites
Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed.
Regarding security vulnerabilities, we specifically patch only those vulnerabilities. This way you can be rest assured that your customer's websites continue to function properly.
wwdevries | 11 years ago | on: Patchman – Hosting Providers: Kill Malware and Fix Vulnerable Websites
Hi, founder of Patchman here! Patchman was built for hosting providers as a tool to stop the endless stream of abuse. I'm happy to answer your questions!
wwdevries | 11 years ago | on: Ask HN: Who is hiring? (March 2015)
Patchman (http://www.patchman.co) - Enschede, The Netherlands (or remote) - Full time
Hosting providers suffer on a daily basis from the consequences of the many security vulnerabilities found in commonly used PHP applications such as WordPress, Drupal and Joomla. It is a frequently used entry point to deface customer’s websites and upload/execute malware. Besides this being a significant security risk, it also causes an unstable hosting platform and unhappy customers.
Patchman patches vulnerabilities before they get exploited. Best of all, customers won't even notice! Patchman helps hosting providers to achieve substantial savings in operational costs, increase customer happiness and reduce their churn rate. To support Patchman’s rapid growth, we’re looking to expand its team.
Read more: http://patchman.co/downloads/software_engineer.pdf
wwdevries | 11 years ago | on: 28 Days After Drupal Exploit
Shameless plug: if you're a shared hosting provider you should check out http://www.patchman.co.
Approximately 30% of your hosting accounts run an outdated version of WordPress, Joomla or Drupal with serious security vulnerabilities. These vulnerabilities can be easily exploited to run malicious code. But you already know that, since you're getting sick of all the spam runs and DoS attacks that are continuously being launched this way from your platform. Not to mention the more serious attacks. Aren't you tired of cleaning up after your customers?
Patchman runs on your platform and automatically detects and patches vulnerabilities in WordPress, Joomla and Drupal core (without breaking the application!). It will also automatically remove malware. On top of that, it takes care of all communication with your customers. It integrates with all the popular control panels, such as cPanel, Plesk and DirectAdmin. Saves you a lot of headaches and puts you in control of this mess :)
wwdevries | 13 years ago | on: Hangouts for iOS
Now that Google is pushing Google+ even harder in everything new they launch.. I just wish Google would somehow make it possible to merge two Google Apps accounts into one public Google+ account. Now I have to manage multiple Google+ which makes me feel a little schizophrenic and it's confusing to other people who aren't sure on which account to connect with me. It's getting messy.
wwdevries | 13 years ago | on: Linux local privilege escalation 0day, 2.6.37 - 3.8.10
You get this error when you compile the exploit incorrectly.
Compile like this and it works:
gcc -O2 semtex.c && ./a.outwwdevries | 13 years ago | on: Linux local privilege escalation 0day, 2.6.37 - 3.8.10
You get this error when you compile the exploit incorrectly. Compile like this and it works:
gcc -O2 sheep.c && ./a.outwwdevries | 13 years ago | on: Linux local privilege escalation 0day, 2.6.37 - 3.8.10
Tested the exploit on CentOS:
Linux 2.6.32-358.6.1.el6.x86_64 #1 SMP Tue Apr 23 19:29:00 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux (latest CentOS kernel):
[user@centos ~]$ gcc -O2 exploit.c
[user@centos ~]$ ./a.out
2.6.37-3.x x86_64
[email protected] 2010
-sh-4.1#wwdevries | 13 years ago | on: Phusion Passenger 4.0 Release Candidate 2
Excellent product. Keep up the good work!
wwdevries | 13 years ago | on: Show HN: iOS app. Snooze this alarm clock and it will humiliate you on Facebook
What does the humiliation on Facebook look like?
wwdevries | 13 years ago | on: You cannot read this, but you can tell how it appeals to you
Within the Netherlands there are far more appealing solutions, such as MoneyBird. They've been rockin' at it for a few years now. To be honest, to me MoneyMonk looks like a limited clone of MoneyBird.
(I'm a happy customer of MoneyBird)
wwdevries | 13 years ago | on: Nexus 4 available from Google today starting at noon PST
According to the e-mail, this time around they will only sell in the U.S.
wwdevries | 13 years ago | on: Web hoster Antagonist automatically fixes vulnerabilities in customers' websites
I'm sorry, I think due to our lacking description of how the technology exactly works you're confusing it with existing technologies. What we announced today is not comparable with something like Installatron, they do just version updates. Those automatic updates usually breaks plugins. We only patch the vulnerabilities, without modifying any functionality.
wwdevries | 13 years ago | on: Web hoster Antagonist automatically fixes vulnerabilities in customers' websites
You're right many vulnerabilities exist in the plugins/themes. We do fix these as well.
wwdevries | 13 years ago | on: Web hoster Antagonist automatically fixes vulnerabilities in customers' websites
Thank you! :-) We think so too!
page 1
Our customers comprise of large web hosting providers all around the globe. Security is – obviously – extremely important to them. However, there’s one layer of the security stack they have little or no control over: the code of their end users. Most websites use standard software as a foundation. Did you know that about 30% of the web is running on WordPress, Joomla or Drupal? Hackers continuously exploit security vulnerabilities in these foundations to upload and execute malware. Effectively, this allows hackers to run any malicious code they want. For example: to send spam, launch DDoS attacks or inflict far worse damage.
Patchman comes to the rescue! We offer web hosting providers a fully automated SaaS solution to index security vulnerabilities/risks and resolve them by automatically applying safe backported patches and by defusing malware. On top of that, we offer a web app that helps all stakeholders (including security officers, system administrators, helpdesk employees and end users) to operate Patchman and keep the web secure.
We're currently hiring for three positions:
### Software Engineer: Threat Analysis & Response (PHP) ###
Info & apply: http://jobs.patchman.co/software-engineer-threat-analysis-re...
### Software Engineer: Back-end (Python/Django) ###
Info & apply: http://jobs.patchman.co/software-engineer-back-end
### Software Engineer: Linux Security R&D (C/C++) ###
Info & apply: http://jobs.patchman.co/software-engineer-linux-security-rd