Page: 0 - 1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10 - 11 - 12 - 13 - 14...43 NEXT>
Geeksinside.com >
Tech Blog
firewire posted on Wed. August 1st 2007 at 01:12 PM PST
For the past few days I have been looking into web security and the two most common attacks on a web application. Cross-Site scripting and SQL injection still top the list at numbers 1 and 2 respectively. Both of these malicious attacks can open up servers and data to damage and or the leakage of personal information.
Preventing these attacks is not as hard as one may think, but it is very easy to overlook many of the flaws in a web applications design. If you are a developer or just a hobbiest you may want to take a look into these two issues and make sure that your site is not open to these types of attacks.
If you have any questions or just want to talk web security feel free to contact me at firewire@geeksinside.com and I will see if I can answer them for you.
S1axter and I are going to be competing against each other in a contest to see who can make the most secure application. We have not yet defined the rules but if you want to jump in and throw out some ideas please post some comments. We are going to post after the rules before we start the contest and then post the results afterwards including the hacks that worked. Every site is different considering the style of the developer and the design of the application.
Here are some informative sites where you can find out more about these attacks and how to prevent them.
SQL Injection:
http://en.wikipedia.org/wiki/SQL_injection
http://www.securiteam.com/securityreviews/5DP0N1P76E.html
Cross-Site Scripting:
http://en.wikipedia.org/wiki/Cross-site_scripting
http://www.acunetix.com/websitesecurity/cross-site-scripting.htm
s1axter posted on Fri. July 27th 2007 at 09:46 AM PST
Toorcon is back for round '1001'. As of today the Toorcon website says
"ToorCon, now in its 9th year running, is San Diego's hacker conference bringing together the top security experts to present their new tricks of the trade and have fun in the sunny and beautiful city of San Diego. This year ToorCon will be taking place again at the Convention Center on October 19th-21st, 2007."
Firewire and I went to Toorcon last year and saw all sorts of cool stuff. If you didn't go you can catch up since videos from Toorcon 8 are posted on Google video http://video.google.com/videosearch?hl=en&q=toorcon.org
One of my favorites was the "Cheap Crack" talk about breaking Triple DES with an array of FPGAs.
Keep looking for updates on GI and the Toorcon site
firewire posted on Thu. July 26th 2007 at 07:09 PM PST
So I was surfing the net today when I got home and I found this cool modded keyboard. I have always been a fan of modded keyboards. One of these days I plan on making my own custom keyboard. Until then check out this cool keyboard project from the guys at steampunkworkshop.com. You can view the full article here http://steampunkworkshop.com/keyboard.shtml.. They made a custom brushed aluminum frame to house the keys and created typewriter style keys from buttons. Yeh buttons like the kind you put on a shirt. Looks good for a bunch of guys that apparently hung around in home ec to much.
firewire posted on Tue. July 24th 2007 at 04:46 PM PST
I am an avid fan of the Nintendo Wii just because of the gameplay. Truthfully the graphics arn't as good as a PS3 or the other new systems but at $700 less than the PS3 and way better gameplay who cares. Seriously if you don't have an HDTV does it really matter anyway. So back to the point. They are finally making Guitar Hero for the Nintendo Wii and the screens of what the guitar could look like are nice. It looks like you pop the Wii-mote into the Guitar Hero controller and your ready to go. Playing Guitar Hero on the Wii has another plus. ITS FREAKIN WIRELESS no need to pay extra cash for wireless controllers. If your a Guitar Hero fan check it out at URL http://wii.ign.com/articles/783/783421p1.html.
s1axter posted on Thu. July 19th 2007 at 09:51 PM PST
A few weeks ago I was browsing eBay for used lab equipment and stumbled upon Harlan Labs. Harlan Labs is based in San Diego California and sells used test equipment on their web site and eBay ( eBay page ).
I went down to their office today and they have a TON of old stuff. The beauty of old stuff is that if it did the job when it was new, it will do the same job now. Only a few years ago, designing a small embedded system running at 4Mhz was a huge task requiring tens of thousands of dollars in equipment. Today the test systems of yore just won't cut it, but those old systems are still useful. If you are a hobbyist or have a limited budget much of the 'old' stuff laying around with work fine for smaller projects.
So take a look and see what you can find on eBay or swing by the Harlan Labs site.
**Click here for a pic of my 'new' old logic analyzer from Harlan :-P
chip posted on Sun. July 15th 2007 at 04:45 PM PST
For those viewers who visited GI in the past, you might remember the 'Projects' section of the site with pics and files of cool stuff. Well in the last site overhaul I removed the projects to streamline the code. I really didn't want to but it just didn't fit and needed to be re-designed. Well today I added an 'Articles' section so I can add more technical content to GI.
Articles are going to be more technical than blog posts and not tied to a product like reviews. S1axter posted the first article today too, a How-To on getting Samba setup on a Slackware system. It's good so if you are looking to use Slackware give it a read.
Looks like R2D2 won the last poll with 14 votes, Johnny-5 was a close second at 13. I put up a new poll on Technical Interests, what do you search for on the net? Tell us, it's free, just click the button!
Also in this update I made it REALLY easy to add new blogs, so if you want a blog on Geeksinside.com just email me at chip@geeksinside.com or drop me a tip and ask. Shhh...we even let you host files!!!
That's it for now, back to reading system mail.
- Chip
s1axter posted on Fri. July 13th 2007 at 06:47 PM PST
Ever want to know how to interface with SmartCards? You know, the ones with the pins on the top that have 8-bit microprocessors on board. Well read this and get started hacking something. All you need to know about ISO SmartCards.
http://www.technick.net/public/cod...longurl
More info:
http://www.smartcardbasics.com/standards.html
Old smart card FAQ:
http://www.faqs.org/faqs/technology/smartcards/faq/
A circuit to emulate a smart card:
http://www.electronics-lab.com/projects/misc/003/index.html
Wikipedia:
http://en.wikipedia.org/wiki/Smart_card
Page: 0 - 1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10 - 11 - 12 - 13 - 14...43 NEXT>
Website Security
Firewire's Tech log
