This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Podcast News"

From OWASP
Jump to: navigation, search
m
m (OWASP Podcast Roundtable)
 
(10 intermediate revisions by the same user not shown)
Line 5: Line 5:
 
== OWASP Podcast Roundtable  ==
 
== OWASP Podcast Roundtable  ==
  
'''Next Recording : February 16, 2010'''  
+
'''Next Recording : Week of August 30, 2010. Day and Time TBD'''
  
==== US Cybersecurity Bill ====
+
Suggested Topics:
  
[http://www.theregister.co.uk/2010/02/04/house_cybersecurity_bill/ http://www.theregister.co.uk/2010/02/04/house_cybersecurity_bill/]
+
# Is application security "a science" or a "hobby"?
 
+
# Do script kiddies, Ninjas, 3l1t3z, etc make a mockery of a serious business?
The US House of Representatives has overwhelmingly passed a bill that would direct almost $400m toward research designed to shore up the nation's cybersecurity defenses.
+
# Is AppSec becoming a commodity service, what disciplines require skill and experience?
 
+
# ?
The Cybersecurity Enhancement Act would authorize $108.7m over five years to establish a cybersecurity scholarship program. In return, students would serve in federal government posts upon graduation.
+
# ?
 
+
# ?
==== Microsoft's 1999 "Secure Windows Initiative" ====
 
 
 
Proof that Microsoft's 1999 "Secure Windows Initiative" and 2002 "Trustworthy Computing" have provided immutably secure software:
 
 
 
===== New IE zero-day : IE Flaw Allows File Access =====
 
(February 3 & 4, 2010)
 
 
 
Microsoft has issued a security advisory warning of a vulnerability in Internet Explorer (IE) that affects users running Windows XP or who have disabled IE Protected Mode.  The vulnerability essentially turns vulnerable computers into "public file server[s];" attackers can exploit the flaw to access files with known filenames and locations if they trick users into visiting specially-crafted websites.  The vulnerability is the result of incorrectly rendering local files in the browser.  It affects IE 5.01 and IE 6 on Windows 2000; IE 6 on Windows 2000 SP 4; and IE 6, 7 & 8 on Windows XP and Windows Server 2003.
 
http://www.microsoft.com/technet/security/advisory/980088.mspx
 
http://www.theregister.co.uk/2010/02/04/ms_browser_bug/
 
http://www.computerworld.com/s/article/9151838/IE_flaw_gives_hackers_access_to_user_files_Microsoft_says?taxonomyId=17
 
 
 
===== Google to Drop IE 6 Support =====
 
 
 
(February 3, 2010)
 
Google has announced that as of March 1, 2010, its applications will no longer support Internet Explorer 6 (IE 6).  Although Google did not say so directly, the decision may have been influenced by recently disclosed attacks against Google and other US companies that exploited a vulnerability in IE 6.  The attacks prompted public warnings in Germany, France and Australia against using IE 6.
 
http://www.msnbc.msn.com/id/35219388/ns/technology_and_science-security/
 

Latest revision as of 16:59, 26 August 2010

OWASP Podcast News

OWASP NEWS 2010

OWASP Podcast Roundtable

Next Recording : Week of August 30, 2010. Day and Time TBD

Suggested Topics:

  1. Is application security "a science" or a "hobby"?
  2. Do script kiddies, Ninjas, 3l1t3z, etc make a mockery of a serious business?
  3. Is AppSec becoming a commodity service, what disciplines require skill and experience?
  4.  ?
  5.  ?
  6.  ?