IT Security
Today’s CEOs and management not only need to worry about profit margins, market analysis, and mergers and acquisitions; now they also need to step into a world of practicing security with due care, understanding and complying with new government privacy and information security regulations, risking civil and criminal liability for security failures (including the possibility … Read more
Since technology can be used by the good and bad guys, there is always a fine line that separates the two. For example, BitTorrent is a peer-to-peer file sharing protocol that al- lows individuals all over the world to share files whether they are the legal owners or not. One website will have the metadata … Read more
Look at the following two pieces of text: The text on the left side is a secret message. The message has been encrypted , or turned into a secret code. It will be completely unreadable to anyone who doesn’t know how to decrypt it (that is, turn it back into the plain English message.) The … Read more
Hypertext Markup Language (HTML) injection is also sometimes referred to as virtual defacement. This is really an attack made possible by a site allowing a malicious user to inject HTML into its web page(s) by not handling that user’s input properly. In other words, an HTML injection vulnerability is caused by receiving HTML, typically via … Read more
Even the strongest safe deposit box can be opened with the right key. Your valuables might be safe in the strongest, most fortified bank in the world, but if the key is sitting on the bar with your car keys, it only takes a simple and quick attack to defeat every layer of the bank’s … Read more
Your application might be the most secure application ever written, but unbeknownst to you, the operating system is unintentionally working against your security. I’ve tested many applications that were otherwise securely written, but leaked clear text copies of confidential information into the operating system’s caches. From web caches that store web page data, to keyboard … Read more
The answer is really quite simple. Microsoft’s products are designed for maximum ease-of-use, which drives their rampant popularity. What many fail to grasp is that security is a zero-sum game: the easier it is to use something, the more time and effort must go into securing it. Think of security as a continuum between the … Read more
With a mobile device, the trade-off between security and convenience of use is more noticeable than that of a desktop machine with a full keyboard. The device’s smaller on-screen keyboard combined with its mobile form factor make unlocking it a productivity nightmare for an enterprise. As a mobile device, an average user will work in … Read more
Apple has incorporated four layers of security in iOS to protect the user and their data. Device Security Techniques to prevent an unauthorized individual from using the device Data Security Techniques to protect the data stored on the device, even if the device is stolen Network Security Tools to encrypt data while it is in … Read more
A plethora of negative magazine articles and books have catalyzed a new kind of hypochondria among computer users: an unreasonable fear of computer viruses. This hypochondria is possible because a) computers are very complex machines which will often behave in ways which are not obvious to the average user, and b) computer viruses are still … Read more