The push to HTTPSLast year, Google started giving websites that have an SSL cert a ranking boost. As part of that announcement they said it was…
How I Hacked Medium’s Top StoriesNote: This is being published with the permission of Medium under the responsible disclosure policy. The vulnerability is now fixed.If you’re familiar with Medium, you’ll know that any user can recommend a post as a way of “liking” it. Top…
I thought we were cool Facebook. I thought you had my back(end).Okay so that title might be a tad dramatic, but the truth is tons of developers, especially indie developers, really relied on Parse as a backend for their apps. While Facebook has announced that the service will remain…
The FBI has made us all vulnerable with its iPhone hackThis article originally appeared in Indepedent…
A Global Mission that Defines the Leading Edge of Technologyby: Wayne Ashbery, Deputy Assistant Secretary for Countermeasures Bureau of Diplomatic Security (DS) at the U.S. Department of State.
Safe Clearing of Private DataAuthor: Roman FomichevWe often need to store private data in programs, for example passwords, secret keys, and their derivatives, and we usually need to clear their traces in the memory after using them so that a potential intruder can’t gain access…
Just in case two-factor authentication isn’t geeky enough [CARTOON]Here at MIT we announced this week that students will soon be required to register for two-factor authentication (2FA) in order to…
The Real Danger in Your InboxOren J. Falkowitz — Area 1 Security — Co-Founder and CEOMost people conflate spam and phishing. There are similarities but the volumes, motivations, and damages are different. Spam has been clogging inboxes since AOL operated solely through dial-up…
