In November 2009, the renegotiation vulnerability over SSL/TLS based protocols was published. SSL renegotiation is a new SSL handshake over an already established SSL connection.
The attacker sits between the client and the server and applies MITM attack. The idea of the attack is as follows:
Read the rest of this entry »
Two nice articles from Dinis Cruz (Chief Owasp Evangelist) regarding application security assessment by IBM:
For a customer project, we were asked a tool for database encryption. After some googling, I came across IBM Database Encryption Expert, which seems a great tool:
Here is a video showing the tool in interaction.
What I wonder is the performance of online encryption. Does anybody have any experience with this issue?
I often use Google advanced search parameters. It helps to find target information in shorter time. in addition, irrelevant information can be easily removed from the search results. Here are some examples:
“security” site:ibm.de (security relevant information from ibm.de domain)
“security” site:com (security relevan information from all .com domains)
inurl: To filter results according to certain keywords in url
inurl:security (all web pages which contain the keyword “security” in their urls )
inurl: security site:ibm.com (all web pages from ibm.com which contain the keyword “security” in their urls )
ext/filetype: To filter results according to file type
security ext:ppt (security presentations)
There are other parameters as well: intitle, intext, cache etc. For more details, see http://www.googleguide.com/advanced_operators.html
RT @oezcanacar: http://t.co/5rUGGmvh beta yayinina basladi. Son hatalari gidermek icin beta kullanicilarinin yardimini bekliyoruz. http://t.co/LKstV6wG
RT @huseyinkursun: MİT Yandex için Kurumları uyardu http://t.co/M9ceLDM9
http://t.co/37h9OAV3
It is a good idea to explain one's research focus in the past and future within a scientific paper. Here is such... http://t.co/hTO5IPro