Oh boy, so little time, so many things to do... Nevertheless, here's my catching up:
- Top Ten Cyber Security Menaces for 2008 http://www.sans.org/2008menaces/ 1) Web site attacks on browsers (...) 4) Mobile phone threats 5) Insider attacks (...) 9) Web application exploits (...) This is curious. I consider the insider attacks more harmful than any other. The weaklink is always human, not machine. - JavaScript-based injection attacks http://google-caja.googlecode.com/svn/changes/mikesamuel/string-interpolation-29-Jan-2008/trunk/src/js/com/google/caja/interp/index.html The document detail an injection attack against a SQL database and points another class of problems that are particularly problematic: HTML injection, by browser extensions, allowing web-based content to access privileged code in the browser. This reminds me of the times when we disabled javascript (dont we still do?) in our browser due to security problems. But now there's Ajax and all that fancy tech, still insecure. - When three times not enough http://www.arabianbusiness.com/510132-internet-problems-continue-with-fourth-cable-break?ln=en http://lists.paradigma.pt/pipermail/tce/2008-February/000193.html >From the recruting departement: - FizzBuzz http://tickletux.wordpress.com/2007/01/24/using-fizzbuzz-to-find-developers-who-grok-coding/ - How to hire the best people you've ever worked with http://blog.pmarca.com/2007/06/how_to_hire_the.html Brief points: 1) Criteria 2) Drive 3) Curiosity 4) Ethics -- //VD _______________________________________________ tce mailing list [email protected] http://lists.paradigma.pt/mailman/listinfo/tce
