The Importance of Vulnerability Disclosure Programs and Bug Bounties
I’ve written before about how important responsible disclosure is for Security Researchers. That responsibility falls on both sides of the discussion. Of course it falls on the ...
Gmail Changes to Displays Images by Default
Gmail recently changed the way it displays images to you (Official Gmail Blog). From a user perspective this can be good, from a security perspective this might be good, from a ...
Why I Donated to Help Jailbreak iOS7 & You Should Too
There are almost always multiple sides to any debate in software security. For that reason I find myself saying “It depends” far more than I may expect. I came across isios7jail...
Email Strategy
I’ve seen a few different articles about people’s different e-mail strategies and they certainly seem to be a hot topic. With our ever reliance on e-mail as a primary mechanism ...
Anatomy of a Distributed Denial of Service (DDoS) Attack
The recent wave of DDoS attacks on banking web sites, and the Spamhaus DDoS attack (which was three to five times greater than the biggest attacks against U.S. banks) is reinfor...
NASA Forced to Suspend All Public Outreach & Education Programs
Yesterday was a sad day for NASA who were forced to halt all education and public outreach activities including public engagement out outreach events, programs, activities and p...
Joe_CMS Open Source!
I’m happy to say that tonight I’ll be publishing JoeCMS as a free and open source (GPL), as evidenced by the little “Fork me on GitHub” banner in the upper right corner of this ...
Mobile Application Security Testing FAQs: Post #1
A couple weeks ago I presented a webcast at Security Innovation that covered techniques for testing mobile applications. As usual I was long winded with stories and analogies an...
How Much Security Does Obfuscation Get You?
In November of last year engadget ran a story explaining how easy it was to decompile Windows Phone 7 applications. A lot of developers were surprised that their apps could be r...