Google DashBoard: User-Privacy is Finally Configurable
After long lasting blames and concerns over Google Privacy, googl has an answer: Dashboard that lets users configure what is visible to Google.
Tweet 3 CommentsSave Tags: announcement, news, security, web services
Learning with Grails: Security, Extjs, REST, Spring Insight
Posting including a lot of good general information about using grails to explore authentication and authorization using the spring-security plugin... more »
Tweet 1 CommentsSave Tags: groovy, research, security, tools
Encrypting and Decrypting Data Using X.509 Certificates
Over the past few days, I've been working to change our build process and make it a little more flexible for our needs. As part of it, I was asked to... more »
101 on HTTPS Web Site Performance Impact
I recently analyzed a secure web page that took 20 seconds till the onLoad event triggered. The site had no fancy images, no animations or heavy... more »
Fundamental flaw with 3D Secure
3D Secure is the payment industries Internet authentication standard and is considered to be the online version of chip and pin. The change password... more »
Tweet 0 CommentsSave Tags: news, research, security
ldd arbitrary code executon
The `ldd` utility is more vulnerable than you think. It’s frequently used by programmers and system administrators to determine the dynamic library... more »
Tweet 0 CommentsSave Tags: research, security
Which Linux Distribution Is Suitable For Me?
This question is asked by many of us too often, well it depends upon your needs, requirement and expertise. In this post I will try to compare 9 top... more »
Tweet 0 CommentsSave Tags: security, server, unix-linux
DZone Daily Dose - 2009/10/23
Firefox 3.6 is delayed by Windows 7 bugs, a market survey shows many internet users still use IE6, Bing gets searches for Twitter and facebook... more »
Tweet 0 CommentsSave Tags: announcement, microsoft, news, security
SHA1 and MD5 checksums in Java
Simple code showing how to calculate SHA1 and MD5 checksums of a file in Java
Tweet 2 CommentsSave Tags: how-to, java, security
Web 2.0 Security Testing – Approach Note
Web 2.0 has been described as the “participatory Web.” For example blogs and photo sharing services enable consumers to add and update their own... more »
I’m amazed to see how we got to this point where upgrading from the current version of a software (Vista) is worth it, but that upgrading from an older version (XP) isn’t worth it!!
Windows 7 is praised to be such a enhancement from Windows Vista, but what about Windows XP? Well, I guess the guys at Redmond found a way to tax... more »
Sneaky Microsoft plug-in puts Firefox users at risk
While using Firefox today I got this notification http://tinypic.com/r/10cqayv/4 !
Tweet 0 CommentsSave Tags: security
Single Sign-On: What brings it for you?
Buzz word, we are all talking buzz word, SSO is one of them. What is Single Sign-On by the way? A brief description would say that Single Sign-on... more »
Tweet 1 CommentsSave Tags: frameworks, java, security, server
IPSec Tunneling Using FreeBSD
IPsec is a protocol which sits on top of the Internet Protocol (IP) layer. IPsec allows communication between hosts in a secure manner. The FreeBSD... more »
Tweet 1 CommentsSave Tags: security, unix-linux
Folk Complexity Theory
When people say an algorithm is O(n log n), they don't mean what textbooks of complexity theory would imply. So what's this Folk Complexity Theory... more »
Tweet 0 CommentsSave Tags: research, security
Google hacks
Google can be used to reveal web site vulnerabilities. Tweaking google searches can help reveal them. Learn how to secure your site to prevent google... more »
Tweet 0 CommentsSave Tags: security
Remembering Java platform security
Developers don't worry too much about Java platform security these days. This blog entry explains why it is still relevant, how it works and how to... more »
Tweet 1 CommentsSave Tags: java, security
How to exploit a back-office web application using CSRF
This article explains how an attacker could potentially exploit a back-office application that is not exposed on the Internet by using Cross Site... more »
Tweet 0 CommentsSave Tags: how-to, security
What Happened To CodeJustin?
Well the company which I bought my webhosting from ClanDrive was hacked (you might of seen that my blog had a landing page saying it was hacked the... more »
Tweet 6 CommentsSave Tags: announcement, news, opinion, security
.NET Version Penetration
I've run a quick analysis of the Question Writer website logs to try to determine the prevelance and progress of the different .NET runtimes. I've... more »
Tweet 0 CommentsSave Tags: .net, research, security
13 Things a Web Application Attacker Won't Tell You
I saw a great blog post the other day titled “13 Things a Burglar Won’t Tell You” and it got me thinking. Here at Denim Group we train a lot of folks... more »
Tweet 0 CommentsSave Tags: methodology, security, server
PHP HTTP Authentication
Occasionally you may wish to make certain pages of your site only viewable to a select few. you can do this by using PHPs built in HTTP Authentication
Tweet 0 CommentsSave Tags: how-to, php, security
OWASP Top 10 number 3: Malicious File Execution
Number 3 in the Top 10 most critical web application security vulnerabilities identified by the Open Web Application Security Project (OWASP) is... more »
Tweet 0 CommentsSave Tags: java, security
It’s Time To Take Personal Security More Seriously
As there is news that hackers have captured passwords of thousands of Windows Live Hotmail users, webmail services of Google and Yahoo have also been... more »
Tweet 0 CommentsSave Tags: security
Pentagon: Our cloud is better than Google's
The U.S. Defense Department is offering cloud computing services that military officials claim are safer and more reliable than commercial providers... more »
