Web application developers today need to be skilled in a multitude of disciplines. It’s necessary to build an application that is user friendly, highly performant, accessible and secure, all while executing partially in an untrusted environment that you, the developer, have no control over. I speak, of course, about the User Agent. Most commonly seen [...]
Archive for the ‘Security’ Category
WPA2 vulnerability found
Perhaps it was only a matter of time. But wireless security researchers say they have uncovered a vulnerability in the WPA2 security protocol, which is the strongest form of Wi-Fi encryption and authentication currently standardized and available. Malicious insiders can exploit the vulnerability, named “Hole 196″ by the researcher who discovered it at wireless security [...]
Employees Challenged To Crack Facebook Security, Succeed
Apparently Facebook noticed the slap down that the FTC gave Twitter in June because it “failed to prevent unauthorized administrative control of its system.” Shortly afterwards one of the senior engineers at Facebook responsible for SRE (site reliability engineering) challenged Facebook employees to try to compromise him and gain access to Facebook’s administrative system via [...]
Firefox add-on encrypts Facebook and Twitter
Firefox users worried about Internet eavesdropping are being offered a new way to encrypt their interaction with a range of popular websites, including Facebook and Twitter. Called HTTPS Everywhere, the free add-on is the result of a collaboration between the Electronic Frontier Foundation (EFF) and the Tor Project. Sites with which the software works include [...]
iPhone vulnerability leaves your data wide open, even when using a PIN
If you feel like going through the process of typing in your PIN every time you unlock your iPhone is worth it thanks to the unconquerable security it implies, you might want to read this report from Bernd Marienfeldt about the chosen one’s security model. Yes, a PIN will keep casual users from picking up [...]
Car hackers can kill brakes, engine, and more
University researchers have taken a close look at the computer systems used to run today’s cars and discovered new ways to hack into them, sometimes with frightening results. In a paper set to be presented at a security conference in Oakland, California, next week, the security researchers say that by connecting to a standard diagnostic [...]
Report: Google Hackers Stole Source Code of Global Password System
The hackers who breached Google’s network last year were able to nab the source code for the company’s global password system, according to The New York Times. The single sign-on password system, which Google referred to internally as “Gaia,” allows users to log into a constellation of services the company offers — Gmail, search, business [...]
Rethinking security
Ask any IT manager, business leader or regulator and they will tell you that IT security is important – that much goes without saying. As the chart below shows, for many professionals the role of security in IT is now seen to be a fundamental part of delivering day to day IT service to users, [...]
Symantec spends $370 mln on encryption companies
BOSTON, April 29 (Reuters) – Symantec Corp (SYMC.O), the world’s biggest maker of computer security software, has agreed to pay $370 million to buy two makers of technology that businesses use to scramble sensitive corporate data. The security giant said on Thursday that it would pay $300 million for privately held PGP Corp and $70 [...]
Fireshark plugin decodes the malicious Web
A computer security researcher has released a plugin for Firefox that provides a wealth of data on Web sites that may have been compromised with malicious code. The plugin, called Fireshark, was released on Wednesday at the Black Hat conference. The open-source free tool is designed to address the shortcomings in other programs used to [...]