Wednesday, June 4th, 2008
Recently Arshan Dabirsiaghi, Director of Research of Aspect Security, published a white paper entitled “Bypassing URL Authentication and Authorization with HTTP Verb Tampering”. Initially there was a lot of confusion about what exactly was being explained or claimed. Including, is it real? Is it novel? Is it dangerous? What is ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, June 4th, 2008
Just over 4% of all Web sites are dangerous, according to a new report. But all bad sites aren’t created equal: Cyber bad guys are more likely to build their sites where it’s easy to do so.
The report out today from McAfee, a tech-security company that’s trying to position itself ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, June 4th, 2008
If you're a quasi-sophisticated Mac user and have been looking for advice on how to better safeguard your machine from hackers or local prying eyes, look no further: Apple has released a massive, 240-page guide that describes various methods for securing the operating system.
According to SecurityFocus.com, the manual includes an ...
Posted in Hardware, Internet, Networking, Privacy, Security, Software | No Comments
Tuesday, June 3rd, 2008
For a while now I’ve been using different web browsers to compartmentalize my risk. Most of my primary browsing is in one browser, but I use another for potentially risky activities I want to isolate more. Running different browsers for different sessions isolates certain types of attacks. For example, unless ...
Posted in General BS, Internet, Linux, Privacy, Security, Software | No Comments
Tuesday, June 3rd, 2008
Access-Me allows users to test their web applications for authentication vulnerabilities. With this first release the user will be able to:
Resubmit the current page without session tokens
Resubmit the current page using different HTTP verbs (HEAD/SECCOM)
View reports on how the application handled the requests.
Access-Me 0.1 is available ...
Posted in Privacy, Security | No Comments
