Rodney Campbell's Blog

Here are the most recent interesting security related articles I can recommend you read.

Trojan Hides Itself as Firefox Extension
Security firm McAfee warned of a new trojan that installs itself as a Firefox extension on Tuesday, saying it had found Web sites linking to a virus known as FormSpy. Once loaded on the infected computer, the trojan begins sending personal information entered in the Web browser to a malicious site. 

IE7 to be Pushed to Users Via Windows Update
IE7 will be pushed to users via Windows Update. This has serious implications for e-commerce websites whose functionality might be affected by any bugs in the software. Also to have end users suddenly using a new browser right before the holiday shopping season could magnify the cost any bugs that might create a bad user experience on sites.

I work in the IT Security field and have been involved with this speciality for the past 15 years. My primary areas of expertise are in Unix system security, firewalls and application layer gateways. I've been the primary technical specialist for our organisations corporate Internet gateways for more than ten years. I try to keep abreast of recent IT security information available primarily on the Internet and as such I like to devote some time to reading good IT security articles from the web. In this section of the blog I'll post up links and information on some of the most interesting reads I come across.

PHP encryption for the common man
In this increasingly virtual online world, you have to be careful to protect your data. Learn the basics of encoding and encrypting important bits of information, such as passwords, credit card numbers, and even entire messages. Get an overview of what it means to encrypt and decrypt information, as well as some practical examples involving passwords and other data, using PHP's built-in functionality.

New Crypto Malware Nearly 'Uncrackable'
File-encrypting Trojans are becoming so complex that security companies could soon be powerless to reverse their effects, a new report from Kaspersky Lab has said. The report notes the rapid evolution of the public key encryption used by one family of crypto malware, Gpcode, which went from using 56-bit to 660-bit RSA in a matter of weeks.

A month of browser bugs
Scott Granneman looks at the virtues and pitfalls of browser fuzzing and the overwhelmingly positive impact it has on the security community.

Collection of Programming and Computer Cheatsheets
This website contains a large collection of quick reference materials ranging from HTML and CSS to Python and Perl.

The State of Spam
Nearly five billion pieces of spam are blocked every day between the efforts of AOL and Microsoft which represents 95 percent of SPAM traffic, but that still leaves about 5 percent that gets through. The Messaging Anti-Abuse Working Group says spam accounted for about 80 percent of all the e-mail traffic on the Internet during the first three months of 2006. IBM is reporting that phishing now accounts for one in every three hundred email messages.

Password Size Does Matter
Length is more important than complexity when it comes to secure passwords.