Display:
Sorted by Most Recent
28 OCT 08
How LinkedIn changed its security model in order to offer an API SAVE
PEOPLE
This talk also covered how LinkedIn retrofitted the security model chosen for the API into the mainstream website, which helped tremendously in the scalability of the website by allowing stateless front-end / single sign-on (SSO), and improved security by removing sessions entirely.
TAGS
27 OCT 08
Windows Live Dev : Windows Live ID Becomes an OpenID Provider SAVE
PEOPLE
Beginning today, Windows Live ID is publicly committing to support the OpenID digital identity framework with the announcement of the public availability of a Community Technology Preview (CTP) of the Windows Live ID OpenID Provider. You will soon be able to use your Windows Live ID account to sign in to any OpenID Web site!
TAGS
24 OCT 08
Security Flaw Is Revealed in T-Mobile's Google Phone - NYTimes.com SAVE
PEOPLE
Just days after the T-Mobile G1 smartphone went on the market, a group of security researchers have found what they call a serious flaw in the Android software from Google that runs it.
TAGS
13 AUG 08
keyczar: Toolkit for safe and simple cryptography - Google Code SAVE
PEOPLE
Keyczar is an open source cryptographic toolkit designed to make it easier and safer for devlopers to use cryptography in their applications. Keyczar supports authentication and encryption with both symmetric and asymmetric keys
TAGS
10 AUG 08
Electronista | Vista security gutted by new web exploit SAVE
PEOPLE
IBM Information Security Systems' Mark Dowd and VMware's Alexander Sotirov have found a method that uses scripting systems such as Java and elements of the .NET framework in Windows-based web browsers to arbitrarily run code on Vista systems. Internet Explorer is particularly vulnerable due to its use of ActiveX.
TAGS
09 AUG 08
The Deep End | Paul Venezia | InfoWorld | Some advice for Microsoft: Dump Windows | August 8, 2008 12:15 PM | Paul Venezia SAVE
PEOPLE
In light of the new Windows flaws announced yesterday, I think it's time to reiterate a point I made a long time ago: It's time for Microsoft to dump Windows.
TAGS
14 JUL 08
stevenf.com - Don't use FTP SAVE
PEOPLE
FTP has served us well, but it's time to move on. You wouldn't use a 23 year old computer to do your work, so don't use a protocol from the same vintage. Demand modern transfer protocols from your host.
TAGS
03 JUL 08
InfoQ: Google Releases Open Source Web Application Security Assessment Tool SAVE
PEOPLE
Google has announced the open source release of one of their internal security tools "ratproxy". The proxy analyzes problems such as cross-site script inclusion threats, insufficient...
TAGS
29 JUN 08
Google Code Blog: OAuth Available for Google Data APIs SAVE
PEOPLE
We love open standards, and we've just added support for a new one: OAuth is now supported on all of the APIs. OAuth is an open standard for authentication that allows applications to authenticate users without ever directly handling usernames/passwords
TAGS
12 JUN 08
Using Snort: Part 1: Installation and configuration SAVE
PEOPLE
Web sites are the most vulnerable, and therefore the most hacked, bits of technology on the Internet. Enter Snort, a free and open source Network Intrusion Prevention System (NIPS) and Network Intrusion Detection System (NIDS) tool for managing and preven
