Privacy, Security Archive

Java and .NET security

SUN Microsystems Java and Microsoft's .NET platforms are no more than programming languages that exploit network potential with the idea that the same software should function on different platforms. Both systems are centered around the principle of running software that doesn't reside on the client machine to provide greater functionality or faster execution, saving connection time and improving public perception of the server to which the client connects. Read Article

Security for Internet Users Deemed Weak

Home internet users are suffering from a variety of worms, viruses, and spyware on their machines, and though they are often aware that their computers are acting funny, they often don't have any idea why. Typical home users are not taking the necessary steps to protect themselves from these online threats. These are the findings of a recent study on internet security.

Automated Penetration Testing – False Sense of Security

The security industry has matured quickly over the past few years with penetration testing becoming one of the norms for organisations adopting best-practice processes. Loosely defined as the process of actively assessing an organisations security measures and completely reliant on consultancy services, security manufacturers have been eager to bridge the gap between product and service and more importantly to reap the benefits of additional profits. Story is here.

AdAxis Promises Network Control Over Spyware

While spyware protection on single home machines is quite easy using today's removal tools like AdAware or Spybot Search & Destroy, deploying and managing such tools in corporate networks is still a problem. AdAxis promises to ease both deployment and managability of AdAware in such environments. It provides a facility for pushing reference file updates to corporate network workstations, executing AdAware on workstations remotely without user interaction and monitor the spyware contamination degree of machines.

Data Integrity – The Unknown Threat

Much of the attention commanded by computer security issues focuses on threats from external sources. Firewalls and perimeter defense tools are deployed to deny unauthorised entry to the network. Experts look for vulnerabilities and ways to ensure that the perimeter cannot be breached. Administrators monitor network traffic for unusual activities and anomalies, and it is common for users to be warned against suspicious email attachments. Read more.

Web Security Threat Classification

This paper compiles and distills the known unique classes of attack, which have presented a threat to web sites in the past. Each class of attack will be given a standard name and explained with thorough documentation discussing the key points. The formation of a Web Security Threat Classification will be of exceptional value to application developers, security professionals, software vendors or anyone else with an interest in web security.