BrunoDuarte.com » English Language

Top 25 Most Dangerous Programming Errors

Bruno Duarte — Tue, 13 Jan 2009 20:22:51 +0000

The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

In: MITRE

Practical attacks against - WEP and WPA

Bruno Duarte — Thu, 13 Nov 2008 00:09:31 +0000

..Yes. WPA was finally broken!

More information can be found here.

Chrome antics: did Google reverse-engineer Windows?

Bruno Duarte — Thu, 25 Sep 2008 23:07:21 +0000

Since its release a few weeks ago, curious developers have been sniffing through the source code for Google’s new Chrome web browser. Chrome’s source is interesting for a variety of reasons: there’s the new V8 JavaScript virtual machine with its boasts of near-native code performance, the WebKit rendering engine that does all the hard work of understanding and displaying web pages, and (last but not least), Chrome’s secure sandbox designed to minimize the impact of any security flaws that might exist in both the browser and plugins alike.

In: ars technica

Happy Security Experts

Bruno Duarte — Sat, 26 Jul 2008 16:57:53 +0000

First was the Crypto-1 cipher (used in stuff like the Oyster card), then the DNS flaws and now will be the Intel CPUs bug…

If you don’t have a pool, Google Earth helps you find the nearest one

Bruno Duarte — Sat, 28 Jun 2008 16:54:41 +0000

“Teens use technology to party in strangers’ pools. [...] Google Earth’s used to identify pool-equipped victims and then Facebook helps organise the crash…”

In: RegHardware

Effective Java…

Bruno Duarte — Tue, 13 May 2008 12:30:13 +0000

… Second Edition!

Maybe because he promised it in the last three JavaOnes, there isn’t a big buzz about the Effective Java Second Edition book… We have an official release date! You can pre-order yours now…

“Breaking VoIP security is really easy”

Bruno Duarte — Sat, 26 Apr 2008 09:22:52 +0000

While most IP-based communications technologies could use security improvements, Codenomicon’s chief technology officer Ari Takanen thinks that VOIP should be higher on the list than most. Takanen spends much of his time finding ways to break the security on such networks and finds that it’s really way too easy. As he explains here, however, securing VOIP is not without hope.

In: eWeek

Java Code Style

Bruno Duarte — Thu, 17 Apr 2008 12:10:35 +0000

Rob Lybarger, from developer.com did an updated to some articles about Java Code Style. Worth the reading here.

Security isn’t always about software

Bruno Duarte — Fri, 29 Feb 2008 02:39:26 +0000

“Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images.”

Even with the buzz the researchers want to create, it’s a good study to read!

In: Princeton University

What will the Future of Java Development Be?

Bruno Duarte — Wed, 20 Feb 2008 15:39:41 +0000

In this panel discussion from QCon San Francisco, several influential leaders of the software development community discussed and debated the future of the Java language and APIs based upon the lessons we have learned from the past. Topics included static versus dynamic languages, removing code from Java, forking the JVM, and the next big programming language.

In: InfoQ