When programming with bytes, a lot of your programming time is spent converting from hex format into byte format and then back again for debugging and testing. If your encryption package has the option, you may as well work consistently in hex format all the time. You then only need ...

For vendors of traditional signature based systems (most IDSs and IPSs), zero day protection is the ability to protect against zero day exploits. They rely on the fact that they know ahead of time of a particular vulnerability. This allows them to provide signatures for the mere attempt to take ...

A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known. Ordinarily, after someone detects that a software program contains a potential exposure to exploitation by a hacker, that person or company can notify the software company and sometimes ...

Lots of programs are written with the pervasive assumption that enough resources will be available. Many programs don't even think about what will happen if not enough resources are available, and sometimes they do the wrong thing. So look to see what happens if there's not enough memory and some allocations ...

A buffer overflow occurs when you write a string (usually a string of characters) into an array, and keep on writing past the end of the array, overwriting whatever happened to be after the array. Security-problem buffer-overflows can arise in several situations: when reading input directly into a buffer; when copying ...

If a program has a bug in it that manifests under extreme circumstances, then normally, it's a minor annoyance. Usually, you can just avoid the extreme circumstances, and the bug isn't a problem. You could duplicate the effect of tickling the bug by writing your own program, if ...

In computer security, social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. A social engineer runs what used to be called a "con game". For example, ...

is a project of the Business-Information-Workgroup at the Institute of Technical and Business Information Systems at the Otto-von-Guericke-University Magdeburg (Germany) in cooperation with AV-Test GmbH. In regular intervals we test anti-virus, anti-spyware and personal firewall software on behalf of the producers and for magazines. Within the ...

A posting on the MyITForum.com SMS discussion list reports that Symantec Antivirus 10.x and above may include a capicom.dll. MS07-028 says that third party applications that distribute the Software Development Kit version of capicom will need to be updated. CAPICOM is a new security technology from Microsoft that allows Microsoft Visual Basic, ...