Information Security
Random, unique error tags
Aug/14/11

Web attacks more damaging than insider attacks
Jan/15/11

Read More...
Top 10 Misunderstandings Regarding Information Security
Mar/01/08

- It's encrypted, so it's secure.
- Get it working, then make it secure.
- The more tests the better.
- Open source is more secure because more people have looked it.
- Algorithm X is better than algorithm Y.
- No one knows my algorithm, so it must be secure.
- Once a piece of code is deemed secure in one system, is secure for use everywhere.
- There are dozens of random number generators out there, all of them adequate.
- Red teams need access to the code to do their jobs.
- If it wasn't broken into, it must be safe.
Read More...
Browser Attack Using Javascript Timers
Jul/05/07

Read More...
On Bad Software and Cyberwar
Jul/05/07
All this time that I was complaining about my PC crashing, Blue Screens of Death, and various email bugs, I was looking at things all wrong. While I was busy complaining, engineers were actually busy saving us from the eventual Cyberwar. It's true. Read on, but I warn you, a sense of humor is required.
Read More...
Read More...
Hiding Your Email Address
Jun/23/07

Read More...
OWASP Feedback: Does Embedded = Secure?
Jun/22/07
I recently briefed the OWASP forum in NYC, and I received some great feedback that I'd like to address en mass.
1) Embedded = or ≠ Secure, which is it?
2) How is HYDRA's security posture transferred to the servers it protects?
Allow me to answer your questions, and take you on a journey exploring embedded systems security in general. But be warned, there's math involved...
1) Embedded = or ≠ Secure, which is it?
2) How is HYDRA's security posture transferred to the servers it protects?
Allow me to answer your questions, and take you on a journey exploring embedded systems security in general. But be warned, there's math involved...
Poison the Mangos
Apr/19/07

The short of my answer is that yes, it could. Although the operating systems run in different partitions (simplifying it here) of the hard drive, there is no theoretical reason why someone could not create a low-level piece of code on either side to access any random portions of the drive and thus impact the other.
So how safe is it? And is a Mac really more secure than a PC to begin with? Read More...
Password Branching
Mar/25/07
