• #security on software development security and web security, security best practices and discussions, break-ins and countermeasures. Everything you ever wanted to know about software security but were afraid to ask, for fear of not understanding the answer!

Heartbleed? That’s nothing. Here comes Microsoft SChannel!

Heartbleed? That’s nothing. Here comes Microsoft SChannel!

The lot of hype around the so-called “Heartbleed” vulnerability in open-source cryptographic library OpenSSL was not really justified. Yes, many servers were affected but the vulnerability was quickly patched and it was only an information disclosure vulnerability. It could not be used to break into the servers directly. Now we have Microsoft Secure Channel library ...

Read More

Visualization of world’s largest data breaches

I stumbled upon a very interesting infographic that portrays some of the world’s biggest data breaches in a running bubble diagram. Entertaining and potentially useful in presentations Have a look.

Read More

Crypto Wars 2.0: Let the Trolling Commence (and don’t trust your phone)

An excellent article by Sven Tuerpe argues that we pay excessive attention to the problems of encryption and insufficient – to the problems of system security. I wholeheartedly agree with that statement. Read the original article: Crypto Wars 2.0: Let the Trolling Commence (and don’t trust your phone). Security cannot be based solely on the ...

Read More

Facebook “joins” Tor – good-bye, privacy!

Multiple publications are touting the announcement by Facebook of a Tor-enabled version of the social networking website as nothing short of a breakthrough for anonymous access from “repressed nations”. They think that the people around the world who wish their identity and activity online to remain hidden will now have a great time of using ...

Read More