Subscribe to this list via RSS Blog posts tagged in Security
CodeRage 5 - Five days until it starts - free programming conference There are only 5 days until the early morning start (Monday, October 4 at 5am PDT) of Embarcadero Technologies' CodeRage 5, our live, online and free totally technical developer conference. CodeRage is designed for you. It features both advanced and introductory education and training sessions from leading experts to help you with the latest thinking and tips on: Application and database development with Delphi, C++, PHP, Delphi Prism and JavaScript Multi-tier and Web application develo...
What is Homomorphic Encryption, and Why Should I Care? The March 2010 issue of the Communications of the ACM includes a technical paper with an introduction entitled "A First Glance of Cryptography's Holy Grail" (ACM subscription required). That's enough to catch my attention. The paper itself, Computing Arbitrary Functions of Encrypted Data, describes a relatively new algorithm for homomorphic encryption. Although these words may be unfamiliar to many, the subject matter is terribly important, because, like public-key encryption, which paved the...
On That Delphi 7 Virus and Ken Thompson's Turing Award Speech In 1984, Ken Thompson, the operating system and programming language pioneer, received the ACM's Turing Award. In his short, highly-readable Turing Award speech, he describes "the cutest program I ever wrote." He notes that because the C compiler is written in C, it is possible to alter the source code maliciously to produce a malicious compiler executable. The malicious code can then be removed from the C source, and the original code recompiled. The malicious code remains in the "new" executab...

Posted by on in Blogs
PHP interpreter can find vulnerabilities From Slashdot Developer: "A group of researchers from MIT, Stanford, and Syracuse has developed a new program, named 'Ardilla,' which can analyze PHP code for cross-site scripting (XSS) and SQL injection attack vulnerabilities. (Here is the paper, in PDF, and a table of results from scanning six PHP applications.) Ardilla uses a modified Zend interpreter to analyze the code, trace the data, and determine whether the threat is real or not, significantly decreasing false positives."...
Tags: PHP Security

Check out more tips and tricks in this development video: