http://www.analyticalengine.net Application Security, General Technology, and Geek Ramblings Thu, 04 Dec 2008 16:09:02 +0000 http://backend.userland.com/rss092 en In a recent conversation with a colleague on SSL and how it worked, it occurred to me that I really had no idea what extended verification certificates actually did, other than turn the address bar green and display the company name. What was the "extended verification" that made EV ... http://www.analyticalengine.net/archives/91 Hey Jim, MS fixed MSXML so that XHR can't be used as a work around to get the cookies when HTTPOnly is used. I think that makes IE first to have full HTTPOnly support. Now when HTTPOnly is used an attacker can't get the session at all via ... http://www.analyticalengine.net/archives/87 Giblets aren't just the disgusting parts of the turkey, the foul (or fowl if you are no stranger to puns) organs that your grandma likes to try to fool you into eating for her own perverse amusement. In certain parlance they also refer to the external code that your ... http://www.analyticalengine.net/archives/83 Well, the ASPROX worm has morphed to go after any page it finds ending with .cfm, which makes a good deal of sense. Much like .asp sites, a cold fusion site probably hasn't been worked on in several years, was probably developed prior to SQL Injection being much of a ... http://www.analyticalengine.net/archives/81 In my last post, on threat modeling, I had mentioned that there would be a follow up post would talk about the issues to authenticating the communication from the server. My cohort and fellow Josh has been working with me on some side projects with local small and mid-size ... http://www.analyticalengine.net/archives/78 A paper by Adam Shostack is circulating the blogosphere, and it is worth a read. I'd already left MS before Adam took over as the gatekeeper of threat modeling for SWI but it is nice to see that he basically agrees with the stripped down version that we regularly ... http://www.analyticalengine.net/archives/74 Well, you announce that you are going to post a whole bunch of information, including technical details, in a whitepaper through I Hack Charities so that a whole slew of AppSec folks and web hackers go register. Then you notice that the registration is page is in the clear. Now ... http://www.analyticalengine.net/archives/70 The HTML 5 spec lays out the details for cross domain XHR. I've written about my dislike of the idea before (details of the access control spec can be found here; I like how they justify sending cookies via XHR because you send them with img requests. In ... http://www.analyticalengine.net/archives/68 Jim Manico had a pretty good post on output encoding a couple weeks ago. Please don't take my comments in its thread to by any means imply that I am disagreeing with his general premise. Injection attacks are one of the most common severe attacks a website could ... http://www.analyticalengine.net/archives/58 At Blackhat this year Mark Dowd of IBM and Alexander Sotirov or VMware presented a paper concerning how to bypass Vista's Buffer Overflow Countermeasures. The paper is worth a read both because of the vulnerabilities, and because it does a great job detailing how much protection Microsoft has provided ... http://www.analyticalengine.net/archives/53