Update: see also the article Securing the Rails session secret . Rails SQL injection vulnerability: hold your horses, here are the facts – Phusion Corporate BlogPhusion Corporate Blog
cultofmac <img class="size-full wp-image-161324" title="UDID in iTunes" src="http://www.cultofmac.com/wp-content/uploads/2012/04/Screen-Shot-2012-04-17-at-11.43.29-AM.jpg" alt="What Is A UDID And Why Is Apple Killing Apps That Track Them?
StartSSL™ Certificates & Public Key Infrastructure -
Medicfusion has integrated Zoho Creator into their EMR (Electronic Medical Record) system to offer their customers the ability to design their own intake forms, questionnaires and basic patient surveys. Says Melisa Kirby Rottinghaus, Medicfusions's CEO, For the first time ever, fully custom intake, exam forms and patient research studies are integrated into an electronic medical record. Exciting "in the clouds" integration between Medicfusion EMR and Zoho Creator makes it possible. [...] Until now, integration of a physician’s proprietary forms into an EMR wasn’t possible. Not without many thousands of dollars in custom form development and even then, not fully integrated. Patient Information in the American Healthcare System: Zoho Creator Case Study | Zoho Creator Lounge
php - Which additional securities do you add to your open source cms installations
ARPFreeze: A tool for Windows to protect against ARP poisoning by setting up static ARP entries Download ARPFreezeNG 0.2 (Windows 7, Vista , Window 2008) Download ARPFreeze 0.1 (Windows XP) ARPFreeze: A tool for Windows to protect against ARP poisoning by setting up static ARP entries
Free Wi-Fi is available in many locations, from your local café or Starbucks to McDonald’s and many other restaurants. Using these mostly unsecured, public wireless networks puts your information at risk. It is important to employ several safeguards when surfing at a public hotspot. How to use Wireless Networks or Wi-Fi securely in Public | Safegadget.com
Darren Kitchen, 29, founder of Hak5 and creator of the WiFi Pineapple Mark IV honeypot. (Credit: Declan McCullagh/CNET) AUSTIN, Texas--Some funny things were happening at the South by Southwest conference here today. My virtual private network connection kept getting disabled, and even stranger, on a friend's laptop a window popped up showing an animated cartoon cat flying through the air with a rainbow in its wake. SXSW: 'Hot-spot honeypot' hacker's heaven | InSecurity Complex
Data Privacy - Trapit As the Obama administration and tech company lobbyists chip away at the European Union's attempts to protect online privacy, a new pro-industry coalition has popped up to join the fray.
How Companies Learn Your Secrets Antonio Bolfo/Reportage for The New York Times Pole has a master’s degree in statistics and another in economics, and has been obsessed with the intersection of data and human behavior most of his life. His parents were teachers in North Dakota, and while other kids were going to 4-H, Pole was doing algebra and writing computer programs. “The stereotype of a math nerd is true,” he told me when I spoke with him last year. “I kind of like going out and evangelizing analytics.”
How Paranoid Should I Be About Trusting Companies With My Personal Data? Dear Lifehacker, I understand that signing up for "free" services like Gmail and Facebook require that I put my trust in a company and provide them with quite a bit of personal data. I know that data is supposed to be kept private, but with the amount of information and web activity that's tracked every day I'm started to worry. How paranoid should I be, and is there any way I can ensure my data isn't being used in ways I don't want?
WSJ: Google caught circumventing iPhone security, tracking users who opted out of third-party cookies Google has been caught circumventing iOS's built-in anti-ad-tracking features in order to add Google Plus functionality within iPhone's Safari browser. The WSJ reports that Google overrode users' privacy settings in order to allow messages like "your friend Suzy +1'ed this ad about candy" to be relayed between Google's different domains, including google.com and doubleclick.net. This also meant that doubleclick.net was tracking every page you landed on with a Doubleclick ad, even if you'd opted out of its tracking. I believe that Google has created an enormous internal urgency about Google Plus integration, and that this pressure is leading the company to take steps to integrate G+ at the expense of the quality of its other services. Consider the Focus on the User critique of Google's "social ranking" in search results, for example.
Tracking the trackers: Mozilla's anti-Big Brother add-on
Cloud computing security guidance v. 2.1
ENISA, supported by a group of subject matter expert comprising representatives from Industries, Academia and Governmental Organizations, has conducted, in the context of the Emerging and Future Risk Framework project, an risks assessment on cloud computing business model and technologies. The result is an in-depth and independent analysis that outlines some of the information security benefits and key security risks of cloud computing. The report provide also a set of practical recommendations.Produced by ENISA with contributions from a group of subject matter expert comprising representatives from Industry, Academia and Governmental Organizations, a risk assessment of cloud computing business model and technologies. Cloud Computing Risk Assessment
Apple Co-Founder Steve Wozniak Thinks Cloud Computing Will Be 'Horrendous' Apple co-founder Steve Wozniak prefers to feel like he "owns" his digital data and feels uncomfortable uploading it to or downloading it from another company's cloud servers. That's why in a recent Q&A session held after Mike Daisey's play, "The Agony and the Ecstasy of Steve Jobs," Wozniak warned the audience of the dangers in cloud computing. "I really worry about everything going to the cloud," he said, per Agence France-Presse . "I think it's going to be horrendous. I think there are going to be a lot of horrible problems in the next five years." According to ZDNet , making a purchase via cloud often means consumers are not actually buying a product, but instead buying a license to use it.
Verisign seizes .com domain registered via foreign Registrar on behalf of US Authorities. » blog2.easydns.org - Happenings and observations Yesterday Forbes broke the news that Canadian Calvin Ayre and partners who operate the Bodog online gambling empire have been indicted in the U.S. , and in a blog post Calvin Ayre confirmed that their bodog.com domain had been seized by homeland security . As reported in Forbes ( hat tip to The Domains for the cite), According to the six-page indictment filed by Rosenstein, Ayre worked with Philip, Ferguson and Maloney to supervise an illegal gambling business from June 2005 to January 2012 in violation of Maryland law.