Dr. Dobb's Security Blogs http://www.drdobbs.com//security Dr. Dobb's Copyright 2013, United Business Media. en-us Java SE 8 Beyond Lambdas: The Big Picture http://www.drdobbs.com/jvm/java-se-8-beyond-lambdas-the-big-picture/240166881 In addition to Lambdas, Java 8 features changes to the way annotations are handled, array processing, VM size, garbage collection, and so much more. Mon, 31 Mar 2014 08:33:00 -0400 BodyCom Development Kit http://www.drdobbs.com/security/bodycom-development-kit/240153458 Use your body's electric field to authenticate Tue, 23 Apr 2013 07:27:00 -0400 Arms in the Clouds http://www.drdobbs.com/embedded-systems/arms-in-the-clouds/240150440 Would you use a cloud-based IDE? Sat, 09 Mar 2013 08:30:00 -0500 Wall Street and the Mismanagement of Software http://www.drdobbs.com/architecture-and-design/wall-street-and-the-mismanagement-of-sof/240005196 How Knight Capital becomes a knight errant when it came to software design and delivery. Wed, 08 Aug 2012 09:47:00 -0400 Head in the Clouds http://www.drdobbs.com/web-development/head-in-the-clouds/229300666 For developers, programming for the cloud, especially public clouds, is no simple task Wed, 16 Mar 2011 10:53:45 -0400 Peepers, Terrorists, Doctors and Data Threats - Oh My! http://www.drdobbs.com/database/peepers-terrorists-doctors-and-data-thre/229300190 Recently there's been more evidence of employees disregarding privacy rights because of curiosity, opportunities to sell information, and assisting criminals and even terrorists. Wed, 19 Jan 2011 11:20:31 -0500 Government Seeking Comments on Cloud Security Proposal http://www.drdobbs.com/database/government-seeking-comments-on-cloud-sec/229300207 The US government has established the Federal Risk and Authorization Management Program (FedRAMP) to define the security environment in which those applications in the cloud must operate. Wed, 05 Jan 2011 07:28:00 -0500 Rush to the Cloud http://www.drdobbs.com/parallel/rush-to-the-cloud/229300215 The Kundra plan calls for each government agency to identify three services that must move to the cloud, enabling them to benefit from "commodity IT funding". There's an expectation that moving applic... Sat, 01 Jan 2011 12:49:38 -0500 SQL Injection Attacks and Data Theft http://www.drdobbs.com/database/sql-injection-attacks-and-data-theft/229300193 SQL databases are everywhere. Many are accessible from Internet connections, such as for use with web-facing applications. But even today not all database servers tied to the Internet are hardened and... Mon, 15 Nov 2010 21:14:12 -0500 Misuse of Computers: Shadowcrew and soupnazi http://www.drdobbs.com/security/misuse-of-computers-shadowcrew-and-soupn/228700198 Shadowcrew members used a combination of instant messaging, encryption, and anonymizers (virtual private networks, proxy servers, and rotating IP addresses) to hide their activity and they succeeded in operating for more than two years. Thu, 09 Sep 2010 10:48:35 -0400 The Misuse of Computers: A Rogue's Gallery http://www.drdobbs.com/security/the-misuse-of-computers-a-rogues-gallery/228700383 Methods have changed over the decades but today's criminal is often seeking the same pot at the end of the rainbow as his counterpart 25 years - financial systems, often debit and credit card payment systems. Tue, 31 Aug 2010 13:25:21 -0400 Annual Security Report Released: Threats On the Rise http://www.drdobbs.com/security/annual-security-report-released-threats/228700960 &nbsp;IBM has released its annual <a href="http://www.ibm.com/security/xforce">X-Force Trend and Risk Report</a> and, if you&#39;re a bit paranoid about computer security, the news isn&#39;t good. And if you aren&#39;t paranoid about security, well maybe you should be. </p> Sat, 27 Feb 2010 19:00:00 -0500 Terabytes to Petabytes: Reflections on 1999-2009 http://www.drdobbs.com/architecture-and-design/terabytes-to-petabytes-reflections-on-19/228701466 Sun, 03 Jan 2010 19:00:00 -0500 Data thieves exploiting flaws in retail systems and the public cloud http://www.drdobbs.com/architecture-and-design/data-thieves-exploiting-flaws-in-retail/228701197 Sun, 13 Dec 2009 19:00:00 -0500 Safe Systems from Unreliable Parts http://www.drdobbs.com/architecture-and-design/safe-systems-from-unreliable-parts/228701716 Wed, 28 Oct 2009 20:00:00 -0400 Commenting on Commenting http://www.drdobbs.com/security/commenting-on-commenting/228701772 If you look hard enough these days, you can still find reasonable -- and even valuable -- feedback provided by reasonable -- even intelligent -- people. Where? How about the <a href="http://www.nist.gov">National Institute of Standards and Technology</a> . That&#39;s right -- NIST, the non-regulatory federal agency within the U.S. Department of Commerce that promotes innovation by setting measurements for science, standards, and technology. But NIST doesn&#39;t do this in a vacuum. Rather, the agency relies on public comment by (hopefully) citizen experts. And for the most part, this makes for some fascinating reading. Mon, 24 Aug 2009 20:00:00 -0400 50 Ways to Inject Your SQL, In Harmony (Sort Of Anyway) http://www.drdobbs.com/security/50-ways-to-inject-your-sql-in-harmony-so/228701855 Paco, I love your creativity, but seriously dude, don&#39;t give up your day job. Paul Simon you aren&#39;t, although the melodious one does break through a time or two -- but nowhere near 50 times. For those of you wondering who Paco is and what I&#39;m talking about, well, Paco is, a Technical Manager at security firm Sun, 14 Jun 2009 20:00:00 -0400 Obama on Cybersecurity : "Who needs a law?" http://www.drdobbs.com/security/obama-on-cybersecurity-who-needs-a-law/228701440 <img src="http://upload.wikimedia.org/wikipedia/commons/thumb/2/23/GeoreOrwell.jpg/200px-GeoreOrwell.jpg" alt="The image &ldquo;http://upload.wikimedia.org/wikipedia/commons/thumb/2/23/GeoreOrwell.jpg/200px-GeoreOrwell.jpg&rdquo; cannot be displayed, because it contains errors." title="Eric Blair (George Orwell) author of &quot;1984&quot;" width="50" height="70" align="left" />In my article <a href="index.php?option=com_myblog&amp;show=Extraordinary-Government-Powers-over-the-Internet.html&amp;Itemid=29">Extraordinary Government Powers over the Internet</a> a few weeks ago, it was noted that the US Senate was considering <a href="http://www.opencongress.org/bill/111-s773/show">S.773</a> which would apparently give a shadowy government directorate full control over every computer in the universe. Now it appears that the Obama adminstration may not bother with the formality of a &quot;law&quot;. </p> Wed, 10 Jun 2009 20:00:00 -0400 Gray Hat Python Book Review http://www.drdobbs.com/security/gray-hat-python-book-review/228701591 Being a fan of the Python programming language, I immediately gravitate toward any new book title with Python in the title.&nbsp; Gray Hat Python explores the relatively easy security penetration testing and, in particular, Windows-centric hacking using Python and several free security testing libraries.&nbsp; Does it deliver the goods?&nbsp; Read on to find out.<br /> Mon, 25 May 2009 20:00:00 -0400 Stealing the Network: The Complete Series Collector's Edition Review http://www.drdobbs.com/security/stealing-the-network-the-complete-series/228700116 I have been a fan of the Stealing the Network series since the first book was released six years ago.&nbsp; The series finally concludes with the release of this special collector&#39;s edition.&nbsp; Did it go out with a bang or a wimper?&nbsp; Read on to find out.<br /> Thu, 07 May 2009 20:00:00 -0400 Extraordinary Government Powers over the Internet http://www.drdobbs.com/security/extraordinary-government-powers-over-the/228701735 <img src="http://upload.wikimedia.org/wikipedia/commons/thumb/2/23/GeoreOrwell.jpg/200px-GeoreOrwell.jpg" border="0" alt="Wikimedia Commons image of George Orwell" title="George Orwell" hspace="4" vspace="4" width="98" height="137" align="left" />As has been reported in and around the blogosphere, <a href="http://www.opencongress.org/bill/111-s773/show">Senate Bill S773</a> , the Cybersecurity Act of 2009 currently before the United States Congress, asserts extraordinary government powers over the Internet and sets the stage for all sorts of meddling in the name of national security.</p> Wed, 29 Apr 2009 20:00:00 -0400 In Honor of Ada...A Conversation with Eva http://www.drdobbs.com/security/in-honor-of-adaa-conversation-with-eva/228700933 Sun, 22 Mar 2009 20:00:00 -0400 Security Reminder, or Who's That Looking Over Your Shoulder? http://www.drdobbs.com/security/security-reminder-or-whos-that-looking-o/228701175 It doesn&#39;t matter which coffee shop -- Henry&#39;s, Z&#39;s, or the Bourgeois Pig -- I end up at, it&#39;s always the same ever since free WiFi came on the scene. There are more laptops than coffee mugs, and never enough places to sit. But I&#39;m as bad as the rest. What with free wireless Internet access and a cell phone, well, I haven&#39;t been in the office for year or so now, and even the concept of a home-office is becoming more remote. </p> &nbsp; Tue, 24 Feb 2009 19:00:00 -0500 Sharing Secrets Among Friends http://www.drdobbs.com/security/sharing-secrets-among-friends/228700820 <em>Originally published in </em><em><strong>Computer Language </strong>back in 1992, Bruce Schneier&#39;s essay on the proper way to share secrets still holds weight.</em></p> <strong>Sharing Secrets Among Friends</strong></p> Whether you&rsquo;re protecting a nuclear missile or your new recipe for burger sauce, polynomial encryption can prevent people from stealing your secrets.</p> Mon, 12 Jan 2009 19:00:00 -0500 A Conversation with Ron Rivest http://www.drdobbs.com/security/a-conversation-with-ron-rivest/228700228 <div class="Bspace15"><br /></div> <!-- teaser --> <div class="Bspace15"><span class="greenBlurb">Back in 1997, long before he invented the ThreeBallot voting system or was named a Marconi fellow, computer scientist and cryptography pioneer Ron Rivest chatted with <em>DDJ&#39;</em>s&nbsp; Jack Woehr about computer security, digital certificates, cryptography, and a variety of other subjects. Sun, 14 Dec 2008 19:00:00 -0500