Abstract Confusions

Complexity is not a cause of confusion. It is a result of it.

Tag Archives: Cryptography

Application Security: Most Dangerous Programming Errors

Last year and earlier this year we have seen serious security lapses which are exploited. Hackers were able to hack Twitter and TechCrunch. Over the years, applications are built, rebuilt and retired. Applications are becoming more and more a means of getting and storing data from database. In future, data will become costlier. Any security error means loss of creditability with your customers.

2010 CWE/SANS Top 25 Most Dangerous Programming Errors

A recent study published by Common Weakness Enumeration (CWE) and SANS (SysAdmin, Audit, Network, Security) institute lists a list of 25 most dangerous programming errors. The highest scored error was Cross Site Scripting (XSS, score 346), followed by the famous SQL injection (330) and Buffer overflow (273). It is evident the application developers are still doing the same error again and again.

I am listing a selected list of five most dangerous errors from them.

  1. Use of Hard coded credentials.
  2. Incorrect Permission Assignment / Authentication for Critical Resources.
  3. Missing Encryption of Sensitive Data / Broken or risky cryptographic algorithm.
  4. Un-restricted upload of file with dangerous type.
  5. Use of insufficiently Random values.

I have seen these errors.
Read more of this post

Advertisements

One Way Only…

This time around, some thing interesting from the world of mathematics.

All of us dealt with functions of different types. We are introduced to functions when very early in school. Single varriable, multi varriable, simple and complex functions. And in college, functions declared, defined and studied. In this post, one such function, known as “one way function” is used widely in computer science.

Wonderful functions from math

Mathematics is full of functions. These functions are applied far and wide else where. Few are used many times where as few others are used little. And very often functions and equations are interchanged. The most celebrated of them all is –

E=M \times C^2

Read more of this post