Why the password "this is fun" is 10 times more secure than "J4fS!2"
Security companies and IT people constantly tells us that we should use complex and difficult passwords. This is bad advice, because you... more »
Tweet 4 Comments Save Tags: how-to , research , security
Apache Tomcat 7 has been released
A little under 18 months since work started on Tomcat 7 I am delighted to be able to say that the first Tomcat 7 release, Tomcat 7.0.0... more »
Tweet 2 Comments Save Tags: java , news , open source , security
Exploits of a Mom (cartoon)
Naming your child... Injection style! :D
Tweet 1 Comments Save Tags: database , humor , security
How I hacked Digg
An in depth article of how digg wouldn't respond to my bug reports, how I exploited a cross-site scripting vulnerability to force... more »
Tweet 2 Comments Save Tags: ajax , javascript , security
25 Best SSH Commands / Tricks
SSH is an awesome powerful tool, there are unlimited possibility when it comes to SSH, heres the top Voted SSH commands.
Tweet 1 Comments Save Tags: other languages , security , usability
The US Just Legalized Jailbreaking
One of the most significant changes U.S. Copyright Law relating to software was handed down today. The new rules make it legal to... more »
Tweet 1 Comments Save Tags: mobile , news , security , trends
Microsoft Update Quietly Installs Firefox Extension
A routine security update for a Microsoft Windows component installed on tens of millions of computers has quietly installed an extra... more »
Tweet 0 Comments Save Tags: microsoft , security
An amazing amount of new functionality with Linux release 2.6.28 and 2.6.29
Life's certainties include death and taxes but also the advancement of the GNU/Linux operating system, and the last two kernel releases... more »
Tweet 2 Comments Save Tags: how-to , open source , security , unix-linux
Most common passwords list from 3 databases
There has been three instances that I know of where a significant number of hacked account passwords have been publicly released. I have... more »
Tweet 7 Comments Save Tags: security
Pure Java™, Pure Evil™ Popups
This full-screen takeover applet was clearly not what Sun had in mind when they thought up "write once, run anywhere!" The demo is not... more »
Tweet 6 Comments Save Tags: ajax , java , security , web design
Google Employee Hacks Windows XP, Shows World How To Do The Same
A couple of weeks ago, a Google employee found a bug in Windows. Last week, he released it to the entire world.
Tweet 3 Comments Save Tags: microsoft , news , security , windows
Google OpenSocial: after the hype, the holes
Open standards always cause security problems and Google's OpenSocial API introduced last week is no exception...
Tweet 2 Comments Save Tags: frameworks , security , web 2.0
Protection and Methodologies of Security Vulnerabilities in Web Development
Security in web development. Review of possible hack attacks methods. Explanation of possible protection.
Tweet 0 Comments Save Tags: how-to , methodology , security
Stealing your browser history without Javascript!
This is a method of sniffing your browsing history without using Javascript.
Tweet 2 Comments Save Tags: css-html , research , security
Security is More Important than Usability (cartoon)
Dilbert meets the security consultant...
Tweet 0 Comments Save Tags: humor , security , usability
Top 25 Most Dangerous Programming Mistakes
I don't usually do news and current events here, but I'm making an exception for the CWE/SANS Top 25 Most Dangerous Programming Errors... more »
Tweet 0 Comments Save Tags: news , security
Securing an Ubuntu Server
Security is relative. Will these steps make your server “secure”? It will be more secure than it was before. And more secure than most... more »
Tweet 0 Comments Save Tags: security , unix-linux , usability
The Java Security Exploit in (Mostly) Plain English
While chatting with Simon Phipps, I read through the Java security exploit that got so much attention this week - and the patches to fix... more »
Tweet 2 Comments Save Tags: java , news , research , security
The Secret Government Surveillance Document Microsoft Doesn't Want You To See
Microsoft has a 22-page document which outlines how they store all your private data in their online servers. The document also tells... more »
Tweet 2 Comments Save Tags: microsoft , security , trends
FREE ebook - Linux 101 Hacks, 2nd Edition
There are total of 101 hacks in this book that will help you build a strong foundation in Linux. All the hacks in this book are explained... more »
Tweet 2 Comments Save Tags: books , security , tools , unix-linux
Script kiddies have awesome tools
About 10 years ago a friend of mine showed me an exploit. It was written in C and it tried to spawn a shell at a remote host. It seemed... more »
Tweet 3 Comments Save Tags: php , security
Google Chrome Native Client
Google has announced its new project Google Chrome Native Client. This is a mega news. It is in early production development phase. Now,... more »
Tweet 4 Comments Save Tags: announcement , research , security , tools
Please Give Us Your Email Password
A number of people whose opinions I greatly respect have turned me on to Yelp over the last six months or so. Yelp is a community review... more »
Tweet 1 Comments Save Tags: opinion , security , web 2.0
Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes
The socialbookmarkosphere is abuzz with talk of “rainbow tables”, what they mean for password security, and why they prove that Microsoft... more »
Tweet 2 Comments Save Tags: security
Secure Password Storage - Don'ts, dos and a Java example
As software developers, one of our most important responsibilities is the protection of our users' personal information.
Tweet 0 Comments Save Tags: java , security
