Browse by Tags

All Tags » Security
Jan 20 2010

POST from http to https: The hidden security

Most people think that the only way to have a secure login is to make your whole site use SSL. And while in order to have a sniffing-proof site it is indeed required, for most sites just performing a secure login is enough (to avoid sending your username...
Posted by Kartones | with no comments
Filed under: , ,
Nov 15 2009

The importance of having strong and varied passwords

Some of my friends say I’m mad because I usually have a different password for each website, service or system I register into. And while I understand that it is not easy, having at least different passwords for important sites, normal sites and crappy...
Posted by Kartones | with no comments
Filed under: ,
May 31 2009

Review: PasswordsPro

Time for another review, PasswordsPro . PasswordsPro is a “passwords safe” tool, similar to another application I use, Flexwallet/eWallet . It allows storing sensitive passwords (like website or email account ones) in an encrypted file. The interface...
Posted by Kartones | with no comments
Filed under: , ,
May 27 2008

IIRF: A decent URL rewriter ISAPI filter

IT's been a long time since my last security-related post, but from time to time I'm assigned small tasks related to it. Last one, just finished today, was doing some research and proof of concepts about ISAPI filters for a spanish company, to...
Posted by Kartones | 2 comment(s)
Filed under: , , , ,
Jan 21 2008

KB946932: Disabling UAC Prompt for certain apps. Not that useful...

When I found a reference earlier today to this interesting KB I thought " wow, maybe I can finally get rid of the UAC prompts on my gaming PC " (I won't remove them from the development PC under any circumnstance), so I've just finished...
Posted by Kartones | 2 comment(s)
Filed under: , , ,
Nov 06 2007

Protecting from SQL Injection in ASP.NET

Today a small post that I had in mind since some time... a quick-list of how to fortify against SQL Injection (and some more general best practices). You can do some javascript, client-side validations to avoid postbacks, but rembember: never, ever trust...
Posted by Kartones | with no comments
Filed under: , , , ,
Oct 06 2007

Saturday morning reading: Security

My dog woke me up a bit early so nothing better than a few security articles and slides to start the day. This is what I'm reading right now: - The Silverlight security model ( Parts I , II and III ) - MS Access SQL Injection Cheat Sheet - LDAP &...
Posted by Kartones | with no comments
Filed under: , , , , ,
Aug 15 2007

Vista vs XP security (for laptops) SANS Paper

The SANS Institute has published an interesting paper about Vista vs XP SP2 security features for laptop users. The paper compares existing (and improved) features and the new features added in vista (like Bitlocker or UAC). It is interesting to read...
Posted by Kartones | with no comments
Filed under: , ,
Jul 31 2007

Summer == Less posts

Lately my posting frecuency has decreased, but it'll never stop ;) The reasons are multiple: It's summer, and in Madrid it means hot, hot, hot (we're getting nearly 40 degrees celsius some days!). And what better to combat hot temperatures...
Posted by Kartones | 1 comment(s)
Filed under: , , , , , , ,
Jul 22 2007

New book review: Writing Secure code for Windows Vista

Getting to work again on computers related stuff, I've done a new book review, which you can read at the Book Reviews section .
Posted by Kartones | with no comments
Filed under: , ,
More Posts Next page »