Security

Many people I speak with don’t have a security mindset, not because they aren’t aware of security, but rather that it doesn’t play a role in their life. As computers become more involved in our everyday lives, we all need to understand the security implications and defend against attacks. The only proper way to defend against something is to understand how it is attacked. I’ll paraphrase a tweet I saw on Twitter 1 about security, “An attacker uses maps, but defenders use lists.” To explain what this means in security terms, let’s look at the definition of those terms. ...

I am working with a client right now on their Web application. While creating an account to do testing, I noticed a glaring security issue that allows people to harvest usernames. This topic has been covered before, I am still surprised that it keeps popping up around the Web, but this time is a bit different. I should note that the client knows about the issue, but what I want to point out in this article is how insidious the issue becomes. ...