August 16, 2006

Interfaces and Security

Small incarnations are some times best to illustrate cognate larger issues. Today, I literally came across such a small incarnation while passing the building of the "Bundesrat", Germany's Federal Council....

May 07, 2006

Thanks to computer science

In Germany, we currently have a year of science. In this context, the federal department of education and research together with a company called "Wissenschaft im Dialog" (science in dialog)...

April 01, 2006

You are a software vendor

In computer security, the vendor of a software product is commonly seen as the entity responsible for fixing identified security issues with the product and proactively working towards better security...

March 13, 2006

The big Fuzz

In theory, theory and practice are the same; in practice they are not. While practice can bite fairly large pieces out of theory's proverbial butt, it does not mean that...

February 19, 2006

Security by PAL

While auditing commercial software for security issues, you often come across the pattern of proprietary authentication, authorization and object access control. The software designers, or, in case it wasn't...