February 2007 - Posts

Is anonymous read-only site immune to XSS?

Most folks know that cross-site scripting (XSS) bugs can be used to steal logon cookies, as this scenario is touted pretty often as a classic XSS exploit. How about an read-only site without requiring any logons, such as dictionary sites or some news Read More...

Posted 22 February 07 02:16 by esiu | 0 Comments   
Filed under Security

I am excited about EV Cert

I like the idea behind Extended Validation Cert a lot. It is designed to combat phishing problems. There are some well-known phishing victim sites, such as Paypal, Bank of America, EBay, etc, that would love this feature. Check out how IE7 green address Read More...

Posted 09 February 07 03:02 by esiu | 1 Comments   
Filed under Security

Why do browsers show cert warnings for Outlook Web Access 2007 by default?

You may wonder why OWA 2007 show cert warnings by default on most browsers. At the back of your mind, Microsoft has talked so much about trustworthy computing, and they must still do not get security. Exchange team has gone back and forth on this issue Read More...

Posted 03 February 07 05:51 by esiu | 0 Comments   
Filed under Security, Exchange server

Search

This Blog

• Home
• About
• Email

Tags

• <script>alert()</script>
• Developer Productivity
• Exchange server
• IIS
• Infoworker Productivity
• Mobile Phone
• Security

Archives

• November 2008 (2)
• October 2008 (3)
• March 2008 (1)
• November 2007 (1)
• October 2007 (8)
• September 2007 (6)
• May 2007 (2)
• April 2007 (1)
• March 2007 (1)
• February 2007 (3)
• January 2007 (2)
• July 2005 (1)
• March 2005 (2)
• February 2005 (1)
• January 2005 (2)
• December 2004 (1)
• November 2004 (3)

ACE Team

• ACE Team

Syndication

• RSS 2.0
• Atom 1.0