An exclusive gaming industry community targeted
to, and designed for Professionals, Businesses
and Students in the sectors and industries
of Gaming, New Media and the Web, all closely
related with it's Business and Industry.
A Rich content driven service including articles,
contributed discussion, news, reviews, networking, downloads,
and debate.
We strive to cater for cultural influencers,
technology decision makers, early adopters and business leaders in the gaming industry.
A medium to share your or contribute your ideas,
experiences, questions and point of view or network
with other colleagues here at iVirtua Community.
I took Web Design in College and I learned about hacking in my downtime so I can make my websites hack proof. I desided to do this after my own website got hacked and I lost everything. I think it's a good idea if it's for the right reasons. But all you need to do is buy the many books on hacking...it's cheaper than a class....
It has to keep Hotmail as the name, 'Live' is a poor name. Look how quickly names like 'Google' and 'Yahoo' have now become common terms for searching on the web. I believe you need to have a quirky but easy to spell word or words rather than common single syllable word.
that is a good technique for updating many pages at once, but for a larger web site i would use something like joomla or wordpress so you don't have to develop all the code for yourself.
it looks awesome, I think I will test my web sites using it, I don't know if I will get any trouble with my hosting provider, maybe they will think I am trying to hack my own web sites. lol
The US National Security Agency has helped put together a list of the world's most dangerous coding mistakes. The 25 entry list contains errors that can lead to security holes or vulnerable areas that can be targeted by cyber criminals.
Experts say many of these errors are not well understood by programmers.
According to the SANS Institute in Maryland, just two of theerrors led to more than 1.5m web site security breaches during 2008.<!-- E SF -->
It is thought that this is the first time theindustry has reached agreement on the worst things that can creep intosoftware as it is being written.
More than 30 organisations, including the US National SecurityAgency, the Department of Homeland Security, Microsoft, and Symantecpublished the document.<!-- S IBOX -->
[TABLE] [TR] [TD][/TD] [TD]
THE TOP 25 MOST DANGEROUS PROGRAMMING ERRORS
CWE-20:Improper Input Validation
CWE-116:Improper Encoding or Escaping of Output
CWE-89:Failure to Preserve SQL Query Structure
CWE-79:Failure to Preserve Web Page Structure
CWE-78:Failure to Preserve OS Command Structure
CWE-319:Cleartext Transmission of Sensitive Information
CWE-352:Cross-Site Request Forgery
CWE-362:Race Condition
CWE-209:Error Message Information Leak
CWE-119:Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-642:External Control of Critical State Data
CWE-73:External Control of File Name or Path
CWE-426:Untrusted Search Path
CWE-94:Failure to Control Generation of Code
CWE-494:Download of Code Without Integrity Check
CWE-404:Improper Resource Shutdown or Release
CWE-665:Improper Initialization
CWE-682:Incorrect Calculation
CWE-285:Improper Access Control
CWE-327:Use of a Broken or Risky Cryptographic Algorithm
CWE-259:Hard-Coded Password
CWE-732:Insecure Permission Assignment for Critical Resource
CWE-330:Use of Insufficiently Random Values
CWE-250:Execution with Unnecessary Privileges
CWE-602:Client-Side Enforcement of Server-Side Security
Source: SANS Institute
[/TD] [/TR] [/TABLE] <!-- E IBOX -->
"The top 25 list gives developers a minimum set of coding errorsthat must be eradicated before software is used by customers," saidChris Wysopal, chief technology officer with Veracode.
"There appears to be broad agreement on the programming errors," says SANS director, Mason Brown, "Now it is time to fix them."
"We need to make sure every programmer knows how to write code that is free of the top 25 errors."
"Then we need to make sure every programming team has processesin place to find and fix these problems [in existing code] and has thetools needed to verify their code is as free of these errors," he said.
Patrick Lincoln, director of the Computer Science Laboratory atSRI International, told the BBC that if programmers prevented theseerrors appearing in their code, it would deter the majority of hackers.
"This list is primarily for people who have firstresponsibility for designing a system. Veteran programmers haveprobably learnt the hard way whereas a brand new programmer will bemaking more basic errors."
"The real dedicated serial attacker will probably find a way ineven if all these errors were removed. But a high school hacker withmalicious intent - ankle-biters if you will - would be deterred frombreaking in."
Previously, most advice has focused on vulnerabilities that canresult from programming errors. The top 25 list examines the actualprogramming errors themselves.
The US Office of the Director of National Intelligence, theprincipal adviser to the President, the National Security Council andthe Homeland Security Council also lent their support to the list.
In a statement, they said: "We believe that integrity of hardware and software products is a critical for cyber security. "
"Creating more secure software is a fundamental aspect of systemand network security, given that the federal government and thenation's critical infrastructure depend on commercial products forbusiness operations."
"The top 25 is an important component of an overall securityinitiative for our country. We applaud this effort and encourage theutility of this tool through other venues such as cyber education."<!-- E BO -->
http://www.sans.org/top25errors/
Get the Windows 7 Developer Guide Build applications on a solid foundation, enable richer application experiences for users, and integrate the best of Windows and Web services with this guide to the features and technologies of the Windows 7 operating system.
Publish Date: Thu, 13 Nov 2008 21:00:00 GMT Read more...
Windows 7 Guide for Developers Build applications on a solid foundation, enable richer application experiences for users, and integrate the best of Windows and Web services. This guide covers the features and technologies of the Windows 7 operating system that enable you to build the next generation of software applications, and includes screenshots from the pre-Beta version released at PDC.
Publish Date: Fri, 31 Oct 2008 07:35:00 GMT Read more...
Microsoft Releases the Web Platform Installer Beta The Microsoft Web Platform Installer (beta) is a free tool that makes it simple to download and install the latest components of the Microsoft Web Platform, including IIS7 and Extensions, SQL Server Express, .NET Framework, and Visual Web Developer. The installer includes the software you need to build and run Web applications on Windows.
Publish Date: Mon, 06 Oct 2008 18:35:00 GMT Read more...