Clik here to view.
Consumerist Catches Geek Squad Copying Porn and Pics from Their Computer
Based on a ten-page (!) confession by a former Geek Squad member in which he wrote that Geek Squad agents scour your computer for those porn and personal pictures and videos and copy them onto their...
View ArticleClik here to view.
Thoughts on the Facebook Leak, Part 1
By now, you’ve probably heard that for a brief period, a server configuration error caused some Facebook users to see its PHP code rather than the familiar Facebook pages that the code was supposed to...
View ArticleClik here to view.
SecTor Conference
If you’re interested in security and in the Toronto area on November 20 and 21st, the SecTor conference might be for you. Eldon Sprickerhoff tells me that it’s organized by TASK (Toronto Area Security...
View ArticleTop 10 Secure Coding Practices
Here’s a list of CERT’s Top 10 Secure Coding Practices. It comes with two bonus secure coding practices (making it an even dozen) and better still, a funny photo that shows that it’s often easier to...
View ArticleCasual Cryptography for Web Developers
The article Casual Cryptography for Web Developers is probably the nicest, most concise explanation of some of the important crypto principles and practices that web developers will need. Whether you...
View ArticleClik here to view.
An Illustrated Guide to the Kaminsky DNS Vulnerability
Steve Friedl has a number of excellent technical explanations on his site, and his latest one, An Illustrated Guide to the Kaminsky DNS Vulnerability, is a masterpiece that does a fine job of...
View ArticleClik here to view.
Taking IE8 Beta 2 for a Test Drive, Part 1: “Porn Mode” (a.k.a. InPrivate...
Last night, I attended a special sneak preview for Internet Explorer 8 Beta 2 organized by the folks at High Road Communications, who do the PR for Microsoft here in Toronto. Pete LePage, Product...
View ArticleClik here to view.
Sign of the Day
Yes, you could simply secure your wireless access point, but the truly paranoid like to back it up with a sign: Photo courtesy of ImagePoop.com
View ArticleClik here to view.
Windows Exploits Come from Third-Party Apps
According to Microsoft’s Security Intelligence Report (SIR), malware writers aren’t targeting Vista directly; they’re using holes in third-party apps to attack people’s systems instead. Microsoft’s...
View ArticleClik here to view.
My Afternoon at MeshU
This article also appears in Canadian Developer Connection. I caught the afternoon sessions of MeshU, the day of workshops that precedes the Mesh Conference. MeshU had three tracks – Design,...
View ArticleClik here to view.
Videos from the 2009 RSA Conference
This article also appears in Canadian Developer Connection. The 2009 edition of the RSA Conference, the biggest and best-known cryptography and information security conference, took place last month in...
View ArticleClik here to view.
Congrats, “Mudge”, on Landing the DARPA Gig!
I met Peter “Mudge” Zatko at the Cult of the Dead Cow’s hotel bungalow at DefCon 8, the 2000 edition of the notorious hacker conference. My coworker at OpenCola, Oxblood Ruffin, was a member of the the...
View ArticleClik here to view.
SQL Injection and the “Flintstones/Jetsons” Way to Deal with Licence Plate...
Click the photo to see it at full size. “Flintstones/Jetsons” is a term that Mark Mothersbaugh from Devo uses to describe technology solutions that are a combination of low- and high-tech. It’s...
View ArticleClik here to view.
The “500 Worst Passwords”
You’ve heard the stories about people choosing terribly obvious passwords for their various computer accounts, such as “password” and “12345”, but what are the other ones? In his book, Perfect...
View ArticleClik here to view.
ScottGu’s Workaround for the ASP.NET Security Vulnerability
The ASP.NET Security Vulnerability Chances are that you’ve seen the Microsoft Security Advisory, but in case you haven’t here’s the "tl;dr" version: There’s a vulnerability in ASP.NET that was...
View ArticleClik here to view.
Salmagundi for Thursday, December 15, 2011
Salmagundi? That’s the word for a seventeenth-century English dish made of an assortment of wildly varying ingredients. Typically, they include some cut-up hard-boiled egg, but then after that,...
View ArticleClik here to view.
BYOD Roundup: The “BYOD for You” Book, Liability, and Shadow IT
A New Book: BYOD for You Most BYOD guides we’ve seen cover BYOD from management’s or the IT department’s point of view; BYOD for You is the first we’ve seen that covers it from the rank-and-file...
View Article