News (13)

The boss's iPhone: Your worst security nightmare

As employee-owned portable devices become more sophisticated they become less secure, according to one analyst -- and the more senior an employee, the less compliant they are when it comes to protecting the information on those devices. Read more »

Debian and Ubuntu OpenSSL generates useless crypto keys

For almost two years the OpenSSL library used by Linux distribution Debian has been generating useless cryptographic keys — although Debian has issued a patch, experts warn that systems may still be exposed. Read more »

US Homeland Security still infected with Trojans?

The man in charge of IT security for the US Homeland Security department may lose his job after the revelations that his department's IT systems have misconfigured firewalls, suspicious botnet activity, trojans and virus infections. Read more »

Security spend triples, breaches fall 30 percent

A UK government-sponsored security survey reports that security breaches have fallen by a third in the past two years but spending on security has increased significantly. Read more »

Flaw in BGP net protocol

Security researchers have warned of an underlying security issue concerning the Border Gateway Protocol, the core internet routing protocol. Read more »

Play!
Is whitelisting the new blacklisting?

The IT security industry has come to a frank realisation that the current approach to preventing malware is simply not working. Is whitelisting, which is the reverse of our current approach, the answer? Read more »

Expert: Hold developers liable for flaws

Software developers should be held personally accountable for the security of the code they write, said Howard Schmidt, a former White House cybersecurity adviser. Read more »

Exposing software flaws -- no easy job

Security researcher Christopher Soghoian reflects on the hard work that comes after finding a vulnerability. Read more »

Visionary urges e-mail ID standard

Vint Cerf, one of the architects of the Internet, says making junk e-mailers identifiable is key to canning spam. Read more »

Psst...now it's Cisco source code up for sale

The Source Code Club has opened up shop again. Read more »

More Authentication, Encryption, Secure News Results

Features (41)

Master simple forms authentication in .NET

Using forms authentication, you can quickly build a simple, secure Web app. This walk-through shows you how to apply the strategy in your apps. Read more »

Secure connections to PostgreSQL

The PostgreSQL database server is arguably one of the best SQL servers available, but it's not as easy for beginners to get a handle on it as with other SQL databases, such as MySQL. Read more »

Tools for securing your XML documents

The W3C offers two specifications for securing your XML documents, XML Signature and XML Encryption. Find out which tools can help create secure XML documents that adhere to these standards. Read more »

Integrate Passport into ASP.NET apps

If you are looking for a secure means to transfer sensitive information in an ASP.NET application, try integrating Microsoft's Passport service. Read more »

Cookieless data persistence is possible

Cookies are a common way to store retrievable user information, such as authentication data. But what if you need a non-cookie solution? Read more »

Authenticate clients and e-transactions with SSL certificate authority

Secure Sockets Layer technology ensures that transactions are encrypted and safe from outside influences. Get the basics of setting up SSL Certificates of Authentication. Read more »

Hack proof your Web services

Web services promise to revolutionise your company's development practices by connecting your company seamlessly with customers and other companies worldwide. With this promise, however, come new threats from hackers and information thieves. Here are some tips for securing your Web Services. Read more »

Use SSL to secure your Apache-based e-commerce transactions

Secure Sockets Layer technology ensures that transactions are encrypted and safe from outside influences. Get the basics of setting up SSL on Apache in this overview. Read more »

Five steps to designing a secure system with TCB

Security must be a factor in system design from the beginning. It starts with defining the trusted computing base (TCB). Follow these steps to achieve a secure system. Read more »

Web application security frameworks (WASF), Part 1: Introduction

Often you will want parts of your Web application to be exclusive to certain users. This access distinction requires the use of Web application security frameworks. This first article in the series introduces you to the three most often used methods. Read more »

More Authentication, Encryption, Secure Features Results

Blog (1)

Assumption-based Hacking 101

Chris Duckett [blogs:betaliving] -- High-level thinking leads to assumptions, and assumptions are the mother of all mistakes -- consequently the best place to find a security hole is in a place where the programmer has made an incorrect assumption. Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Crying, mooning and leaving

    In this week's roundup we see that continuous whining can get results, Linux users get 64-bit Flash and Moonlight previews, the latest in the Yahoo/Microsoft relationship and Senator Conroy ducks and weave in Senate Question Time. Read more »

    -- posted by Staff

  • Brendon Chase Sun eye Web developers with Netbeans 6.5

    Despite the recent employment axe hitting Sun the company has pushed out a new release of its Netbeans open source IDE with an eye to appeal more to Web developers. Read more »

    -- posted by Brendon Chase

  • Renai LeMay BarCamp buzz: Let the hacking continue

    Attending last weekend's BarCamp in Sydney, it was hard to escape the conclusion that a certain "dot-com bust" flavour had seeped into the kool aid previously being drunk by Australia's web 2.0 and early stage start-up sector. Read more »

    -- posted by Renai LeMay

What's on?