Security

Windows - The Most Secure OS

Scott Kuhl — Fri, 23 Mar 2007 02:03:00 GMT

Symantec found that Microsoft Windows is the most secure operating system. This is based on the number of patches found and the time to patch them.

Microsoft Windows
Red Hat Linux
Apple Mac OS X
Hewlett Packard HP-UX
Sun Solaris

Despite the latest TV ads ridiculing the security in Vista with a Matrix-like Agent playing the UAC in Vista, Apple (Quote) has nothing to brag about. Symantec found 43 vulnerabilities in Mac OS X and a 66 day turnaround on fixes.

Surprise, Microsoft Listed as Most Secure OS

New Storm Worm Spreading Via Blog Posts

Scott Kuhl — Wed, 28 Feb 2007 16:40:00 GMT

Heads up GWB posters and readers. Keep an eye on your posts and comments.

When a user with an infected system visits a bulletin board or posts to a blog, the worm inserts a malware into his or her comments. The line asks readers to look at a fun video and contains a link leading to a Web site where the malware is waiting to reinfect more users.

Read New Storm Worm Spreading Via Blog Posts

OpenID control for ASP.NET

Scott Kuhl — Tue, 27 Feb 2007 18:58:00 GMT

What is OpenID?

OpenID is an open, decentralized, free framework for user-centric digital identity.

How do you implement it in ASP.NET?

Add references.
Add two lines of code.

Get the ASP.NET control and library here.

5 Most Common Passwords

Scott Kuhl — Tue, 27 Feb 2007 14:29:00 GMT

The movie Hackers claimed the most used passwords were password, God and secret. Looks like they only got one right.

Here are the top 5 passwords according to Counterpane Internet Security:

password1
abc123
myspace1
password
blink182

3 and 5 really surprised me.

Source: Net users picking safer passwords

Portable AntiVirus (Clamwin)

Scott Kuhl — Sun, 23 Apr 2006 21:25:00 GMT

Clamwin anti-virus software has been made portable and added to PortableApps.com.

Download it to your usb drive and have it next time you are at your in-laws so you can prove to them they have a virus and that's why you keep getting all that spam from their e-mail address :)

Portable ClamWin

EncryptingCookieDatawithASPNET

Scott Kuhl — Tue, 18 Apr 2006 14:32:00 GMT

Cookies can provide a real convenience to both visitors and programmers of a Web-based application. However, cookies are problematic from a security point of view for two reasons. First, unless your site uses SSL, cookie data is passed in the clear in the header of both the HTTP request and response. That means anyone who is clever enough to sniff packets on a particular port of a particular IP address can read cookie data as plain as day. The second problem is that cookie data is stored in nice little unrestricted cookie files in a browser's cache directory. This means that anyone that has access to your hard drive can see and open your cookies.

Read Encrypting Cookie Data with ASP.NET

Why Windows Defender?

Scott Kuhl — Tue, 21 Feb 2006 13:09:00 GMT

Just a theory, but I think the reason Microsoft renamed AntiSpyware to Defender is to make the name more generic. This way they have the option of tossing anti-virus in if the paid anti-virus service they have does not pay off. Which it probably will not.

By starting with a paid service they can ease into the anti-virus market instead of crashing in. From the technical side, this will give them a smaller user base to work with until they are confident the service is solid.

KeePass

Scott Kuhl — Fri, 03 Feb 2006 15:15:00 GMT

I just started using KeePass with my USB drive and so far I really like it. My favorite feature is the Global AutoType.

Check out KeePass, the free, open-source password utility.

You Have Two Days To Update Your Anti-Virus Software

Scott Kuhl — Wed, 01 Feb 2006 15:52:00 GMT

Microsoft Joins 'Blackworm' D-Day Warning Chorus

Microsoft issued an official security advisory to back up a warning from its anti-malware researchers that the worm—known as Kama Sutra, Blackworm, MyWife.E, Nyxem.E—is programmed to "permanently corrupt a number of common document format files on the third day of every month.

When the worm activates, it destroys all Microsoft Word, Microsoft Excel, PowerPoint, PDF, ZIP and PSD files on all available drives.

Hopefully this will not be an issue for you. If you are one of the many users I have run into running expired trial versions of McAfee or Norton, you don't need to pay to protect. AVG has a free anti-virus product that works great. Get it here.

Internet Explorer is more secure than FireFox

Scott Kuhl — Tue, 20 Sep 2005 15:51:00 GMT

Yeah, you read the title right. According to Symantec, Microsoft is doing a better job at security than Mozilla.

The firm said that during the first six months of 2005, 25 vulnerabilities were discovered in Mozilla browsers like Firefox, 18 of which were rated as severe. Microsoft Internet Explorer, on the other hand, had just 13, of which 8 were considered severe.

However, even with more vulnerabilities, no major exploits of those vulnerabilities exists. Why? One is probably market share. You can nail more people by exposing a flaw in IE. Two may be pure hatred. It seems a lot more people hate IE than Firefox.

So, while IE may be more secure, it seems you are still at a greater risk. Hello, Irony!