Security
Why SSL alone will not solve the phishing problem
SSL-authenticated login pages certainly doesn’t _solve_ the phishing problem since phishing is partly psychological/sociological and makes use of technology as a means of improving the odds of …
Ajax Security Basics
AJAX security is no different than normal web application security, except that it can add lots of complexity to a site and make black-box auditing much more difficult. -—-Original …
Php Security Top 5 From Owasp
OWASP is pleased to announce the immediate availability of the OWASP PHP Top 5. The OWASP Top 5 is an education piece which provides up to date advice to PHP developers, hosters, and other PHP users. …
Airline Lt Strike Gt Security Lt Strike Gt-
A Dangerous Loophole in Airport Security - If Slate could discover it, the terrorists will too. By Andy Bowers More security window-dressing… More reason that ID checks and the watch list are …
The Phantom "Cyber" terrorism?
[IP] Govt Comp.News - Assessing “cyberterror” - couldn’t find any! >I’ve been working on the issue of how to build secure public networks >for about 7 years. I started …
Security Career Guide at ISC^2: sponsored by Microsoft
[infowarrior] - Microsoft sponsors security career guide Richard Forno Fri, 08 Jul 2005 22:39:04 -0700 Microsoft sponsors security career guide https://news.com.com/2060-10789_3-0.html?tag=nefd.bl A …
Pki Considered Harmful
PKI considered harmful Next time someone at your company says “we can’t do encryption until we get a PKI”, refer to this essay and collection of references. I’ll need to put …
SSH Filesystem
07:00 SSH Filesystem This is a filesystem client based on the SSH File Transfer Protocol. Since most SSH servers already support this protocol it is very easy to set up: i.e. on the server side …
Asinine Terrorist Detection At Western Union
Western Union blocks Arab cash deliveries - Yahoo! News DUBAI, United Arab Emirates - Money transfer agencies have delayed or blocked thousands of cash deliveries on suspicion of terrorist connections …
Sprint Wireless security SNAFU
cryocone: Identity leak with Sprint wireless Someone in their infinite wisdom at Sprint set up an IVR that you can call (intended for internal care reps for identity verification) and get …