Collaborate Disseminate
I work as a data recovery consultant and a surprisingly large number of my clients are individuals that caught a virus from “The Internet”.
A lot of people would browse dodgy websites, download all kinds of files and click o… Continue reading How to protect against simple web distributed viruses
First and foremost, I am sorry for posting anonymously for security reasons. Exposing my identity might mean exposing my vulnerability, which comes from the problem decribed below.
I have accounts in websites A1,A2,A3,…etc… Continue reading I accidentally entered password for a website as a username for another website
Public-key pinning is a proposal that allows sites to pin their keys in the browser to protect against Man In The Middle attacks that try to forge a site’s key. See
Internet Engineering Task Force (IETF)’s RFC 7469
My ques… Continue reading How are pinned keys stored in the browser? How about performance with large lists?
This code is for authentication routine for a customer’s Python web application.
import hashlib
def authenticate_user(username, password):
#retrieve user details from database
user = userm… Continue reading Can anyone identify any issues with this code? [on hold]
Why is the following database table not secure? Which encryption method is better for credit cards?
+————–+——————————-+———–+————–+
| customer_id | card_number |… Continue reading Why is this not a good way to store credit card data?
Background:
A few years ago, I asked this question about disclosing somewhat serious vulnerabilities found in my high school’s computer network.
More than two years later, the principal was made aware (by overhearing other… Continue reading Should I follow up on vulnerabilities that were disclosed over a year ago but have not been fixed?
Application development can be a key differentiator for your business, and the wizards who can whip up a market-leading mobile app or just the right custom code to make the business hum are well worth the investment. But the truth is, we developers aren’t always straight with you. We have a few secrets we like to keep for ourselves.
The fact that we don’t tell you everything is understandable. You’re the boss, after all. Do you tell your boss everything? If you’re the CEO, do you loop in the board on every decision? So don’t be so surprised when we do it.
Sometimes less knowledge on your part is more. You don’t need to know the directory where we stash the Java updates. Nor do you care about the password for the backups as long as they’re encrypted. You probably aren’t all that bothered if we switch to a different tool without asking every stakeholder’s approval.
To read this article in full or to leave a comment, please click here
Continue reading 9 developer secrets that could sink your business
Blog Post
Webinar: Stomp Out Malware from Encrypted Traffic with Cisco Stealthwatch and Cognitive Analytics
Jun 29, 2017
Did you know that more than 40% of malware is hiding in encrypted traffic … Continue reading Webinar: Stomp Out Malware from Encrypted Traffic with Cisco Stealthwatch and Cognitive Analytics
Blog Post
Upcoming Webinar: Network Device Classification – Focus on Network Segmentation
May 25, 2017
Which of these three network segmentation phases is your biggest IT challenge? First: Defini… Continue reading Upcoming Webinar: Network Device Classification – Focus on Network Segmentation
