-
I guess by now many would have head about the Microsoft Windows XP SP3 pushout. Many might ask, so what is this about? Is this another major fix that is going to break some other applications? The answer is NO! Before we begin describing why not, let's go ahead to look at what are the updates. Previously...
-
The Security Compliance Management toolkit provides customers with best practices from Microsoft about how to plan, set, get and remediate a security baseline, along with tools that you can use to verify the implementation of recommended securit y baselines from Microsoft for Windows Vista, Windows XP...
-
All web applications exposed on the Internet are vulnerable to brute-force password cracking, spammed posting, or denial of service attacks. The solution to prevent such attacks is to use CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) or HIP (Human Interactive Proof...
-
MEDC 2007 would be held in Singapore this year round, amoung other parts of the world. I'd be speaking on the Windows Mobile Application Security track. I would be posting out more info about this as I get them. So you might be guess, so what on earth is my technical focus now? Well, anything? Haha....
-
Well, I promised one of the attendees to my session at VSLIVE to blog something about Stagonography, a topic that I'm actively working on right now. So what exactly is Stagonography? If you've understood Cryptography, you'd know that cryptography is to make the plain text unreadable. So Stagonography...
-
Various Microsoft Windows Operating Systems support varieties of network authentication protocols, such as LM (LAN Manager), NTLM, NTLMv2 and Kerberos. The obvious thing is that the older OS won’t be able to use the newer and more secure authentication protocols such as NTLMv2 and Kerberos, unless...
-
If you are using Windows Vista as your primary operating system, you are likely to encounter problem in accessing some SSL enabled sites, which you have been surfing smoothly using Windows XP in the past. Internet Explorer 7 in Windows Vista will simply throw an error message saying "Internet Explorer...
-
The Government Security website at http://www.governmentsecurity.org has produced a nice list of IP address you should be aware of as a tester. They are mostly government agencies addresses and could quickly get you in trouble if you would scan them by mistake. --------------------------------------...
-
Recently, I've been working on quite a number of projects to do with enterprise web application development, and many a times, I got request to have all encryption strings encrypted. Of course, even if they didn't tell me to do so, I'd also do so as it's just too dangerous to keep it in plaintext. So...
-
I read it in MSDN Flash newsletter. Here is the extract. MSDN Flash Newsletter: Please Do Not Use the .NET 2.0 HMACSHA512 and HMACSHA384 Classes We've recently discovered a bug in the HMACSHA512 and HMACSHA384 classes that shipped in the .NET Framework 2.0. This bug will cause these algorithms to...