Security
Security Feature Articles
Keccak: The New SHA-3 Encryption Standard
After years of testing and analysis, the U.S. government selected the Keccak algorithm to be the new SHA-3 encryption standard. Here is how it works and how to use it.
Prevent Cross-Site Scripting in ASP.NET Web Apps
Cross-site scripting threats can be greatly minimized by proper encoding. On ASP.NET apps, the Microsoft AntiXSS Library is one of the easiest ways to do the encoding correctly.
The Crying Need To Punish Cyber Crime Fairly
Aaron Swartz's suicide is an indictment of the devastating effects of disproportionate punishment.
Malicious Work with the modify-function-return-value Hack
The modify-function-return-value hack is particularly dangerous because it can be used to intercept function calls in code, user libraries, and in runtime libraries. Knowing how it operates is essential to avoiding it.
Deploying Static Analysis
Static analysis is a cheap and easy way to find bugs, but it offers important challenges that tend to be more political than technical.
Security News
450 Million Lines Of Scanned Software Code Can’t Be Wrong
Defect density (defects per 1,000 lines of software code) measurement report released
Oracle Prioritizes Java 8 Lambda Security
Project Lambda with anonymous functions directed towards security engineering
Code Integrity + Code Security * IP Licensing = Monetization Happiness
SafeNet's Third-Gen Sentinel Envelope arrives
Analysis Nirvana Via Stripped Executables and Binaries?
CodeSonar for binaries identifies security vulnerabilities in third-party executables
The Best Way to Spend Your Security Budget
The amazing thing about SQL injection is that not only is it the most damaging of vulnerabilities, but we know a way to end it: parameterized queries.
GitHub Open Sources Boxen Automation Tool
Apple-focused developers handed faster route to immediate code hacking
Developer Encryption Without Manual Labor
CertiVox releases SkyKey hosted encryption key management service
How To Measure Developer Security Knowledge
Aspect Security launches free analytics tool to determine strengths and weaknesses
CollabNet TeamForge Strengthens Git Grrrr-Factor
Enterprise-grade distributed version control with centralized governance
SafeNet Announces Software Monetization Platform
Sentinel LDK pairs security and entitlement management
Events of Interest
May 28-31. Boston, MA. AnDevCon Android Developer Conference
May 28-30. San Francisco, CA. O'Reilly Fluent Conference
June 4-5, Santa Clara, CA. JAXConf 2013 (free)
June 10-14. New York, NY. QCon
June 12. Chicago, IL. Chicago Algorithmic Trading Conference: for Developers, by Developers
June 13. San Francisco, CA. HBaseCon
June 13-14. Santa Clara, CA. Gradle Summit 2013
June 17-19. Boston, MA. E2 Conference
June 18-20. Santa Clara, CA. O'Reilly Velocity Web Performance and Operations Conference
June 26-27. San Francisco, CA. Build 2013
July 22-26. Portland, OR. O'Reilly Open Source Convention 2013
July 29-31, 2013. Santa Clara, CA. JVM Language Summit
August 20-21. Raleigh, NC. Business and Technology Solutions Summit 2013: Cloud and Big Data Conference and Expo
September 16-19. Santa Clara, CA. Storage Developer Conference (SDC)
September 18-20. St. Louis, MO. Strange Loop 2013
October 1-3. San Francisco, CA. Atlassian Summit 2013
October 5-6. Los Altos Hills, CA. Silicon Valley Code Camp
Videos of Past Events
March 2013. GPU Technology Conference
September 2012. Strangeloop
September 2012. Intel Developer Forum
August 2012. VMWorld
July 2012. Java Language Summit
June 2012. Google I/O 2012
May 2012. Atlassian Summit
May 2012 (paid). Fluent Conference
March 2012. Multicore World
July 2011. JVM Language Summit
Best of the Web
First C Compiler Now on Github
The earliest known C compiler by the legendary Dennis Ritchie has been published on the repository.
HTML5 Mobile Development: Seven Good Ideas (and Three Bad Ones)
HTML5 Mobile Development: Seven Good Ideas (and Three Bad Ones)
Building Bare Metal ARM Systems with GNU
All you need to know to get up and running... and programming on ARM
Amazon's Vogels Challenges IT: Rethink App Dev
Amazon Web Services CTO says promised land of cloud computing requires a new generation of applications that follow different principles.
How to Select a PaaS Partner
Eventually, the vast majority of Web applications will run on a platform-as-a-service, or PaaS, vendor's infrastructure. To help sort out the options, we sent out a matrix with more than 70 decision points to a variety of PaaS providers.
