Category: Application Security
Are SSL implementation Problems Policy Problems?
Another interesting article from ThreatPost, which highlights a problem faced by many of us. TLS/SSL implementation is something which often taken for granted. It is one of the most misunderstood aspects of security. Like firewalls, those who don’t fully understand security perceive SSL and Firewalls as magic pills, which will solve all the security problems.…
Don’t call me Shirley!
The other day someone came into my office and asked: “Why should I have to validate the web form input at the web server? Surely it better to do it in the browser!” *Humph!* “I can think of many reasons why you are wrong”, I said, “and don’t call me Shirley!” Firstly, and I can…