Tuesday, November 29, 2005
Well many people asked me of what is this blogging all about...
And this is how I can define for you all...
Comments are always welcome..!!
A blog is essentially a web application which contains periodic posts on a common webpage.
Blogging combines a personal web page with tools to allow comments to be left and to make linking to other pages and blogs and ‘trackbacks’ – a system that allows a blogger to see who has seen the original post and has written another entry concerning it.
Monday, November 28, 2005
The vast majority of public service websites in Europe are failing to meet international e-accessibility standards.
That's according to a report released by the UK EU presidency, which shows that a mere three per cent of public service websites are fully meeting the terms of the minimum accessibility requirements as stated by World Wide Web Consortium (W3C) guidelines.
Most of the websites fell down in the area of providing suitable text alternatives for images on their sites, with a large number of websites also failing to fully explain the relationship between frames on a website.
Seems, there is a trade-off somewhere ...
As a part of ISSAF, it's nice to tell you all that the ISSAF (Information System Security Assessment Framework) Draft 0.2 will be available to you soon.
Watch out at http://www.oissg.org
My contribution includes the Web Application Security Assessments....:)
Friday, November 25, 2005
The Free Software Foundation Europe (FSFE) has filed a request with the European Union asking to get involved in an EU antitrust suit against Microsoft.
The Linux and Samba developer group has filed its request for leave to intervene in the case saying Microsoft's fiscal might is skewing the fight unfairly.
Georg Greve, president of FSFE, said in a statement: "The more Microsoft is able to purchase its opponents' solidarity, the more important FSFE's commitment to freedom and interoperability is."
Conversely, Microsoft has also been lobbying for new supporters in the case, asking big business to intervene on its side. Several opponents of Redmond, including the Computer and Communications Industry Association and Novell, dropped their objections following payouts from Microsoft.
Friday, November 18, 2005
Sober can hijack a Windows-based computer and force it to send spam emails. The continuous emailing can lead to overloaded servers and reduced network performance.
Wednesday, November 16, 2005
Does it it make sense to release ad-supported versions of products such as Works, Money, or even the Windows operating system itself ?
Tuesday, November 15, 2005
Google Inc. plans to give away a set of analytic tools allowing Web developers, administrators and advertisers to fine-tune their sites including advertising.
The tools are intended to address a key aspect of successful Web sites, which is the ability to track user behaviour to determine which features keep visitors on the site and which ones make them click away.
Monday, November 14, 2005
ASP.NET's extremely popular __VIEWSTATE functionality provides an automatic, uniform method for storing current state of all webpage "controls" (including form fields, database views, etc), so that user-entered data auto-magically persists and is populated across newly rendered HTML, and so that current selections of displayed database records are cached and do not need to be looked up again after every operation.
The data is by "typically" stored on client side as base64-encoded, hidden POST form field. By default, the field is protected from tampering by being "signed" using SHA1 with machine-specific key and - although not discussed by Microsoft - presumably either target .aspx filename or other file ID parameter.
The ASP.NET's __VIEWSTATE field has been found to be prone to replay attacks as well as denial of service vulnerabilities.
Just over 60 per cent of Britons are now making use of the internet. While the UK beat the European average for internet usage, which stands at 47 per cent, it is far behind the Nordic digital leaders – both Iceland and Sweden boast an 82 per cent average.
Any idea what percentage of Indians use internet ?
Friday, November 11, 2005
The ISSAF is OISSG's flagship project. It is an effort to develop an end-to-end framework for security assessment. The ISSAF aims to provide a single point of reference for professionals involved in security assessment; it reflects and addresses the practical issues of security assessment.
Being a member of OWASP Mumbai, I decided to participate in OISSG also. And I am looking forward to contribute at my best.
Thursday, November 10, 2005
Rainbow Crack provide access to a huge db of hashes to common encryption and protocol functions (e.g. MD5, LANMAN etc) allowing the quicker retrival of plain text from hash values.
Im not too sure of its viability as a business model but what it does illustrate is the importance of salting hash values and considering 2 factor authentication.