Attention: We are retiring the ASP.NET Community Blogs. Learn more >

Contents tagged with [Security]

  • [Security] Major Cryptographic Algorithms Broken by Quantum Bogodynamics

    No Comments

    It is definitely not April Fools' Day, but the article Crypto researchers abuzz over flaws will probably make you think it is.  As if all of the nasty viruses and worms and buffer overruns of late aren't enough, now MD4, MD5, HAVAL-128, RIPEMD, SHA-1, and other basic cryptographic algorithms currently in heavy production usage are under severe mathematical attack. 

    I think the only reasonable non-Occamian (Null-O) theory is that we must have recently experienced a serious rise in bogon flux density.  It's obvious (TM) that bogons and psytons have started poking their holes not only through electronic equipment but also even through basic theories and abstractions of all types.  Quantum bogodynamics has evolved into the abstract realm!  Start boning up on your quantum compudynamics or we are surely lost. Hmmmmmm?  Perhaps we're lost, anyway.

    "Caveat everybody!  She's gonna' blow!" 

    Read more...

  • [Security] Defensive Security Programming Resource

    No Comments

    Security conscious software developers, certainly including .NET developers, should take particular note of the Metasploit Framework released into the wild by Metasploit.  I have to stretch a bit to have faith that this information and toolkit will be used more for good than harm.  Still, with all sorts of very nasty new viruses appearing, ones that can even hop from Bluetooth to your Symbian-enabled cellphone (see SymbOS.Cabir), all of us serious software professionals had better educate ourselves on the tools and techniques being used against us by the denizens of the Dark Side.  Frankly, I think the virus wars have escalated beyond the coping ability of the normal anti-virus vendors and their products.  From what I see, most organizations are absolutely clueless as to the new hazards we face today!  If you care about your users, you will need to work very hard to protect them and your applications from the kinds of tactics demonstrated publicly by Metasploit and similar exploit information sources.  May the Force be with you!

    Read more...