Some recent thought-provoking articles on security.
Instead of annoying CAPTCHAs, try "Design, Limit
and Trapdoor" to limit damage from problem users: DLT
is better than CAPTCHA
Roll your own middlebox: Low
power silent firewall (and maybe help fix the broken
DRM is not really security, but often
mixed up with it. Must-read from Charles Stross: More
on DRM and ebooks. Joe Brockmeier: Publishers
Starting to Reject e-Book DRM
Persona gains features: Streamlining
Pay attention to that Persona thing.
Doing passwords right is hard. Everything
you ever wanted to know about
building a secure password reset feature, How
Companies Can Beef Up Password Security
Steven M. Bellovin on government-backed malware: Flame
On! Two from Brian Krebs: EU
to Banks: Assume All PCs Are Infected and How
to Break Into Security, Schneier Edition.
This looks like a lot of work to
do within existing web frameworks: Database
level security in webapps (so do we need better
Syndicated 2012-07-19 23:58:51 from Don Marti