comments (not for humans)
Found this a bit funny:
[...]
Using Windows Scripting host (Wscript) and ADSI objects you can actually setup ADAM from a script. This is really useful when deploying to different enviroments. I will give a quick walkthrough of some of the features in this script. The scripts are written in an idempotent way that will allow you to run them and implement changes incrementally.
[...]
One of the nifty features ADAM (Active Directory Application Mode) inherits from AD, is the ability to restrict permissions to different parts of the directory structure. In this blog entry I'll try to explain how to setup permissions for your web application membership provider user.
[...]
Vidar wrote an interesting article pointing me to HTTPOnly-cookies. Microsoft created this extension to the cookie standard, to allow servers to issue cookies with a special HttpOnly-flag. This flag makes the cookie inaccessible to javascript in supported browsers (currently only newer versions of IE supports this feature fully).
[...]
Test code and installation scripts should never be available on production servers. Here's an interesting story about a Poker forum that got hacked because some installation files were left on the server: Tyler Got Hacked![...]
I was reading through my RSS feeds, and found a really interesting article on Zombie computers: Attack of the Zombie Computers Is Growing Threat.
[...]
I can't say I'm a big fan of the software Acer ships with their laptops. A custom menubar in Windows taking 60 megabytes of memory? Encryption software that interferes when dragging and dropping files from explorer into MSN? No autoupdater? But last week I noticed some writing about an ActiveX control Acer ships with their software: Computer World Article (in norwegian). This ActiveX control called lunchapp.ocx is actually a backdoor.
[...]
Some security researchers or hackers have decided to publish one Apple bug each day this month: the Month of Apple Bugs. They say they're doing it not because they don't like Apple, but because they like to play with OS X.
[...]
Michael Sutton has written a good post on Extended Validation (EV) SSL certificates: Will EV SSL Certificates Work?. Definitely worth a read.[...]
Michael Sutton had a chat with Searchappsecurity.com about the security threats for 2007: Top Web application security threats for 2007.
[...]