Java secure programming course introduced

Having knowledge of computer security does not mean you can make secure programs. It's especially true for Java, as many have taken Java for granted, assuming the underlying JVM would be doing its magic all the time and keeping all these problems at bay.

Secure programming is a very practical skills which are essentially defined by good practices. And as usual, you have to learn new skills in order to master them. Recently, a Secure Programming Council emerged from the dark in response to that need. In the board, you can see the "most skilled Java programmers in the world". Its main goal is designing an exam framework, laying out the very most essential secure programming practices with Java. Good Java secure programmers are expected to know and master all these skills.

The draft is being out for comments. Once the comment period passed, it should be used to design exams and tests for Java secure programmers. The documents will also be publicly available. Exams for GSSP certificate will be in London next month, and questions based on this draft will amount for a few, without a doubt.

HMRC data loss raises concern to Facebook users ?

Couldn't possibly put into words how disappointed people are following the current blunder with the HMRC office. The media is doing every thing it could to blow the problem to a whole new scale, and literally tell the person who has these data how to "deal" with them. It seems England's failure to qualify Euro did not help divert the public's concern a single bit.

I stumbled in an excellent article that tells you how to avoid identity theft. At one point, they mention Facebook. Well, sounds interesting. If one had (full) profile of 25 millions people, what would one be able to do in Facebook. Loads ! He would create new accounts with the information he had (lots of them), inviting friends and steal their identities. Alternatively, for each profile, he would be able to get more information about that person by checking him/her out on Facebook, getting ready for even bigger crimes.

Should Facebook users were being lost and sleeping in their social network paradises and happened to disregard privacy issues, the damage would just be unimaginable.

Not so anonymous after all

Now i used to think that in Tor (The onion router) network, any server could act as either immediatary or exit nodes. But according to this exciting article, it's apparantly not the case. Even more interestingly, those exit nodes are being operated by the goverment (and hacker groups) to spy on un-encrypted traffic.

Blame it on the design of Tor, on the user's negelence (or ignorance) if you're willing to take it to a more abstract level. But the striking fact remains that there's *well-*organised group of people out there that could do anything to take our last bits of privacy away.