Security
Interactive Testing, Part 3 - Security
posted on 2/22/10 by Dave Dohmeier and Meghan Wilker
If you engineered a bridge you wouldn't leave the guardrails off and hope nobody goes near the edges; engineering security for software is the same. But while valuable and important, security is a difficult thing for many clients (or potential clients) to analyze, and a fairly thankless task for an interactive company to do well.
The LAMP stack
posted on 4/18/07 by Michael Koppelman
You are probably starting to hear people talk about "LAMP" or the "LAMP stack". This is an acronym that means Linux, Apache, MySQL and PHP. The P can also stand for Python and/or Perl.
Security for Mac OS X
posted on 2/17/06 by Michael Koppelman
Mac Geekery has an article about Mac OS X security. One cool thing they point out is that the Keychain Access application has a cool little password generator built into it. The days of Macs being immune to malware are over.
Continue Reading |
1 Comment
Form Mailer SPAM: Exploit, Example.
posted on 12/14/05 by Matt Gray
Mailing a form's fields to e-mail address(es) is a common problem; unfortunately, deploying single-script solutions can often create a vulnerable webserver. Read on for a quick case study of a single PHP script that was hijacked to send SPAM.
Continue Reading | Add a CommentNew 'sploit for IE
posted on 11/22/05 by Matt Gray
A new security vulnerability in Internet Explorer has now been successfully exploited. SANS recommends a switch to Firefox or Opera... and so do we.
Continue Reading | Add a Comment66 percent would choose to give up their passwords for a Starbucks coffee
posted on 5/6/05 by Michael Opperman
Security vendor VeriSign found 66 percent would choose to give up their passwords for a Starbucks coffee, during an informal on-the-street survey conducted Thursday in San Francisco. (even though the chain is banning the new Springsteen album . . .) Good thing I get free coffee at work. Continue Reading | Add a CommentFingerprint Faking HOWTO
posted on 4/28/05 by Matt Gray
Every day, I'm amazed by at least one thing I discover online. Today, it happens to be a brief guide to creating fake fingerprints from the Chaos Computer Club in Germany.
Why do this? According to BoingBoing, biometrics are required at Disneyworld, the Statue of Liberty, and even tanning salons in Arkansas. How effective is this technology? Should its users be concerned over privacy and identity theft issues? Absolutely.
Read the guide—in ten years, perhaps everyone will wear protective sheaths over their identifiable digits.
Continue Reading | Add a CommentBlaster scapegoat convicted
posted on 3/30/05 by Martin Grider
The Star Tribune reported today that Jeffrey Parson, (the Blaster virus scapegoat,) has been convicted and will serve prison time, 100 hours of community service, and three years of "supervised" release, (during which time, he'll be forbidden from using a computer for anything other than work or school). His crime was modifying the original blaster virus, which is estimated to have caused more than $525 million in damages. In contrast, Parson's variant of the virus (which he created in less than two days from the original) is estimated to have caused $1.22 million. Perhaps ironically, it was Microsoft that claimed the most damages in the suit, at somewhere around $600 thousand. Of course, the virus only affected computers running Windows software. The 19 year old Parson, a native of Hopkins MN, was tried and convicted in Seattle, Washington, home of Microsoft's corporate headquarters. Continue Reading | Add a CommentCell Phone Virus
posted on 3/8/05 by Martin Grider
Cell phones are are one of the few emergent technologies that have become so prevalent in society that I often can't imagine life without them. I got rid of my "home" phone over three years ago, and never looked back. Today I found that in recent news security experts have confirmed the existance of the first cell phone virus. As cell phones become more and more sophisticated, this type of risk will grow proportionally. But don't panic! It's reported that not only is this specific virus written poorly, it only works with one type of cell phone operating system. (The Symbian60, the same one that happens to power my phone.) Continue Reading | Add a CommentHack Your Mind
posted on 3/1/05 by Matt Gray
Neurohacking has crossed my mind many times. While the marriage of machine and gray matter is not complete yet, there are still interesting tricks and shortcuts with a human's default hardware. O'Reilly, publisher of many fine technical books, has expanded into wetware hacking with a new book.
Mind Hacks is the latest in the O'Reilly Hacks book series. Mind Hacks collects some interesting observations and thought experiments designed to help a person use their own "operating system"—the brain.
I saw an Mind Hacks blog entry on adaptation linked from BoingBoing—check it out. I think I need to buy the book. Has anyone read this?
Continue Reading | Add a Comment