Happy Holidays

I’ve been trying to be more active on my blog now that I have made time for it.  But with the holidays upon us, I may skip a week or two. 😉 Above all, I wish everyone a happy holiday season and an excellent new year!


Follow-up from previous SQL Injection post.

So first off, Thank you to Jim Manico for his comment on my previous post which lead me to create this post. I will includes quotes from Jim’s comment for reference here. JM: “I think you are terribly wrong, and its important we clear this up.” No worries I appreciate your candour. Everyone is entitled…


“there is no bigger attach vector than with a parameterized sp” NOT!!

I recently posted an article on our ACE Team blog (you can read it here if you are interested) There were a few comments about the use of Dynamic SQL that made me realise that not everyone “get’s it” yet. Here are the comments that started the discussion: Alastair Upton said: Shouldn’t Rule #4 read…


Too much advertising, not enough value.

I’ve been noticing a disturbing trend lately. Everyone is so hard up to get on the Internet Advertising band wagon and make their millions that they have given up providing content. In fact when you look at a lot of “news sites” it seems that they don’t care about the content and are really there…


Rules to stop bad guys

I just posted an article to our team blog about simple development rules to stop the bad guys. Head over and have a read. You can find the post on the ACE Team blog. I know it’s a repost, but sometimes it beats re-writing. 😉


Bitlocker Broken/Cracked… NOT!

Ok, I’ve been trying to keep my cool on this whole thing but enough is enough. A few days ago ars technica ran a hype-story called “First commercial tool to crack BitLocker arrives” (no, I’m not going to link to it because they don’t deserve the traffic IMHO) The claim is that Passware has created…


Travel Woes.

You know if you travel a lot, the law of averages says that you have a higher chance of things going wrong on a trip. For example, getting a bag lost or a missed flight. Well that happened to me yesterday. I was on my way up to Brissie. My flight from home through Sydney…


Trusting Web 2.0 – NOT!

Yesterday, I did a presentation at a customer site for their lunch time security talks. It was about Web 2.0 and protecting yourself online. One of the things I mentioned in my talk was how much people are trusting, blindly, what they see on the social internet. For example, most of you reading this probably…


Firefox leads IE…in vulnerabilities

I was reading through the Cenzic Web Application Security Trends Report for Q1/Q2 2009. Very interesting results. Now, I define interesting a bit differently. People LOVE to throw mud at Microsoft. They think we are the only company who has vulnerabilities in their products. They say that we are terrible at security. But, facts are,…


Wow, Canberra Centre goes High Tech Parking

Well, Canberra isn’t exactly a huge city, and because of that, well that and the fact that it’s populated by politicians who go home on the weekends, it tends to lag behind in tech and modern conveniences.  Today when I met Jeffa36 at the Canberra Centre (Canberra’s down town Mall) I was amazed at the…