Reveal TinyURL Links

Thursday, January 15th, 2009

TinyURL is a very handy service for shortening long URLs but it can also be used maliciously.  Anytime somebody wants to hide where they are sending you they can easily generate a TinyURL and you will not know where you will end up.  It could be a phishing site.  It ...

Encryption programs open to kernel hack

Thursday, January 15th, 2009

Many popular Windows encryption programs that hide files inside mounted volumes could be fatally compromised by a new type of attack uncovered by a German researcher. According to a paper published by Bern Roellgen, who also works for encryption software outfit PMC Ciphers, such OTFE (on-the-fly-encryption) programs typically pass the password ...

Symantec Gets Good Vibes From Virtualized Browser

Wednesday, January 14th, 2009

Security vendor Symantec is using new virtual machine technology to protect Web surfers from online attack. Called Vibes, the software bounces between three different virtual machine sessions, depending on what the user is doing on the Web. When Vibes spots the SSL (Secure Sockets Layer) protocol used for secure Web transactions, ...

TOP 25 Most Dangerous Programming Errors

Tuesday, January 13th, 2009

Today in Washington, DC, experts from more than 30 US and international cyber security organizations jointly released the consensus list of the 25 most dangerous programming errors that lead to security bugs and that enable cyber espionage and cyber crime. Shockingly, most of these errors are not well understood by ...

Foxmarks Uses Vulnerable MD5 Certificates

Tuesday, January 13th, 2009

I decided to try the ever popular Firefox plugin called Foxmarks that lets you sync and back up your bookmarks and passwords across multiple computers.  I didn't feel comfortable using the password sync quite yet because it will take me a while to trust a 3rd party with that kind ...