Tags: code, security

RSS feed

News (535)

Old code in Windows is security threat

Microsoft will more quickly retire old code in its Windows operating system and other software as a result of the company's four-month-old "trustworthy computing" initiative, the company's lead bug basher said in an interview. Read more »

Linux guru argues against security liability

Alan Cox, one of the leading Linux kernel developers, has told a House of Lords hearing that neither open- nor closed-source developers should be liable for the security of the code they write. Read more »

Psst...now it's Cisco source code up for sale

The Source Code Club has opened up shop again. Read more »

Microsoft--forget PR, clean up the code

Have you noticed that Microsoft is on the offensive? After countless months of reading press clippings about the pathetic state of Windows security, the folks in Redmond have decided to fight back with one of their strongest weapons--public relations. Read more »

Microsoft fixes faulty security patch

Microsoft on Thursday in the United States issued a "hotfix" for a fault in a security patch designed to correct a flaw already being targeted by worms. Read more »

Software should defend itself: Oracle CSO

Applications will have to defend themselves from attack in the future, according to Oracle's chief security officer Mary Ann Davidson. Read more »

Patched Oracle database 'still vulnerable'

The latest update for Oracle 10g Release 2 does not plug a hole that allows published attack code to run, according to a security researcher. Read more »

Microsoft gives coders a bug finder

Web developers in need of another set of eyes to check their code for security holes should soon be able to add an application scanner to Microsoft's Visual Studio .Net. Read more »

Researcher denies Slammer worm accountability

Security researcher David Litchfield's 'proof of concept' code was probably used to build SQL Slammer, but that will not stop him publishing Read more »

Exploit code makes IE flaw more dangerous

The threat posed by a critical flaw in Internet Explorer has been ratcheted up by the release of a program designed to exploit the vulnerability, security researchers warned on Thursday. Read more »

More Code, Security News Results

Features (396)

Security through obscurity won't secure your code

Most applications use some form of security through obscurity, but you should avoid it when writing your apps. ZDNet Australia offers these tips on how to tighten up your code. Read more »

Make managed code work with .NET's CAS

Developers and administrators can set permission and trust levels with code access security (CAS), while allowing the code to execute effectively. Read more »

Go to jail

Have you ever written buggy code or code that is not 100 percent safe? Go directly to jail, do not pass go, do not collect $200. Read more »

Comprehend the SAP Authorisation concept with these code samples

Whether you're a developer, a consultant, or the user of a SAP system, you'll eventually come across issues related to authorisation. This article provides some handy code samples to help you get acquainted with authorisation in SAP. Read more »

Develop applications that prevent intrusion

Designing secure applications requires developers to look beyond their own code. Accessing APIs or COM objects or establishing system privileges can result in security vulnerabilities that can be prevented. Read more »

CGI wrappers for Apache-based apps can boost security

CGI scripts represent a big potential security risk in Web development, but using CGI wrappers can help insulate your servers from attack. Here's an outline of how to create CGI wrappers to protect an Apache Web server. Read more »

Protect your ActionScript

Protecting your Flash ActionScript can be a difficult task. Australian developer Jesse Stratford details methods than can help secure your intellectual property from code thieves. Read more »

File transfers between two applets

Security restrictions can make transferring files between two applets problematic. Find out how you can employ a middleman. Read more »

Case against open source

Australian Windows developer Andrew Parsons is sick of the open source movement decrying his involvement in commercial applications. He outlines his pro-Windows argument here. Read more »

Develop secure software at the application level

Protect your application from input overflow and underflow attacks, and from other common tactics with these development techniques. Read more »

More Code, Security Features Results

Video (2)

Play!
Tinfoil Time -- Club Builder

What does an ex-NSA scientist think about code reviews? Can Bill Gates predict the future? Will Windows 7 save Vista? All the answers in this week's Club Builder! Read more »

Play!
It's not lovely code, it's an ugly monkey

At the AusCERT 2008 conference in the Gold Coast, ex-NSA staffer Brian Snow, told ZDNet.com.au that software can be secure -- but only if vendors overhaul their development processes. Read more »

Blog (24)

Google destroys Security Through Obscurity

[blogs:betaliving] -- Google Labs' new Code Search makes it easier for hackers to find database username and password details by entering strings that are commonly used within configuration files. Read more »

2 comments

The 2008 Trends and Threats to Internet security

[blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

A new coat of varnish

[blogs:syslog] -- This week featured plenty of coverage from the various conferences occurring around the country. All the while Builder's design gnomes were busy give the site a touch-up. Read more »

Nokia starts trolling

[blogs:syslog] -- This week Builder AU is on the road at linux.conf.au 2008 in Melbourne -- but before we get into all that is happening here, there is the small matter of Trolltech. Read more »

QuickTime and Firefox combine for insecurity

[blogs:byteclub] -- A vulnerability in Apple Software's QuickTime media player can be exploited to execute remote javascript code, or by tapping into Firefox's chrome engine can execute remote code of any kind. Read more »

5 reasons restricting hacking is not like gun control

[blogs:byteclub] -- Let's get it out of the way: Guns don't kill people, people with guns kill people. People with hacking tools can steal your personal data, shut down your system and deface your web site -- but is that any reason to ban them? Read more »

12 comments

Log in

News and features

Latest
Popular
Features
Most Discussed

Why CIOs aren't nuts for Chrome (3 minutes ago)
Adobe defends CS4 pricing (5 minutes ago)
Mitnick cleared after customs scare
TCP flaw threatens Web servers
Microsoft to launch 'Windows Cloud' this month
Python 2.6 released, marches towards 3.0
More news »

Blogs

Microsoft prescribes more REST

Details have begun to emerge about the next versions of Visual Studio and Windows Server this week -- and the message from Redmond is to REST up Read more »

-- posted by Staff
.NET looks to REST

With news that REST will play a big part in the next version of the .NET Framework, it is timely to take a look at ADO.NET. Read more »

-- posted by Chris Duckett
Spellr.us needs a new dictionary

One of the only Australian start-ups to present at the recent round of conferences in the US was Sydney-based spellr.us, which has launched a Web-based tool to check and monitor websites for spelling mistakes. Read more »

-- posted by Renai LeMay

Videos

Five services to turn off in Windows XP

2008/10/01 13:25:41

Play the video
Apple drops iPhone NDA

2008/10/02 09:55:30

Play the video
Change the Windows XP product key

2008/10/01 12:52:20

Play the video

What's on?

Net Neutrality, Ballmer and bad dress -- Club Builder

Visting Club Builder this week: Steve Ballmer to speak in Australia, local ISPs say Net Neutrality is an American problem and we look at the best dressed from Tech.Ed.