December 14, 2005

The Promise of Ajax and DOM: Simple Event-Driven Widget-Based Web Applications

As a Web developer, I have a confession to make: I prefer writting desktop applications.  In an enterprise-level Web application, just to get a usable display tier you need to perform gymnastics in JavaScript, CSS, HTML, JSP, Java, and Struts (a similar set of gymnastics…
September 14, 2005

Experiments in Rapid System Restoration using Tardiff

One great feature of Linux and other Unix variants is that you can quickly make a “bare metal” restoration or duplicate of a system provided you have a full backup of the original.  (With Windows, the registry requires special tools in order…
September 9, 2005

Running Linux Fedora Core 2 on VMWare 4.0.0

At TCG, many of our servers are running Fedora Core 2.  As an emergency restore technique, I wanted to be able to quickly recreate a server on a VMWare virtual machine running FC2.  In addition, virtual machines are a great way of quickly creating…
August 4, 2005

DefCon: Web Service Intrusion — Same Security Holes, New Technology

At DefCon 13, Alex Stamos of iSec Partners gave a very interesting talk entitled “Attacking Web Services”.  In summary, there are currently three known web service attack techniques: Injecting XML into an input box, overwriting tags set earlier in the SOAP…
July 30, 2005

DefCon: Google Ads Phishing Security Alert

DefCon (http://www.defcon.org) is a large annual hacking conference that attracts corporate security personnel, federal agents, and of course, hackers.  DefCon is significant since hackers use DefCon as a forum to unveil security vulnerabilities in tools and utilities we use daily.  The first…