This content is in the process of being imported from a previous system, and may lack some formatting detail or imagery.

Powerful Cross Site Scripting Scanning Tool

Web developers today are increasingly aware of the number of ways that attackers can abuse their site. Not only do we have to worry about someone stealing data directly through our site or from our database, cross site scripting (XSS) attacks provide a mechanism for someone to run arbitrary code on another web site. During…

Read More »

Winning Against Linux The Smart Way

Microsoft have launched a web site that helps its partners identify Linux “Personas” (i.e. the types of people that use Linux). This list of five personas helps Microsoft partners identify and target these people with a view to forcing persuading them that Microsoft is better. For example, a Linux Experimenter is defined as “largely a…

Read More »

Access cards to protect personal identity

I heard a news article on a radio show this morning on the planned “health and social services access card”. The idea is this card will reduce the red tape involved with accessing government services such as Medicare and Centrelink. Interestingly, the government is planning to place a photo of the card holder on the…

Read More »

File sharing

The USPTO’s Office of International relations released a report in November 2006 titled Filesharing Programs and “Technological Features to Induce Users to Share”. Their view is that many peer-to-peer file sharing applications include technological features that make it easy for people to inadvertently share files they might not want to, such as copyrighted material and…

Read More »

GPG for Gmail, Yahoo! Mail, Hotmail and more

A colleague of mine just sent me this link to freenigma: freenigma uses one of the most famous and most widely used cryptographic software packages in the world: the GNU Privacy Guard (GnuPG) It runs as a Firefox extension with an IE version in the pipeline. It’s still early days yet – there’s no encryption…

Read More »

OWASPs PHP Top 5

OWASP have recently released their PHP Top 5 vulnerabilities based on the frequency they are used in attacks. The majority of the causes for these five vulnerabilities are poor input validation, configuration and permission settings.

Read More »