by chris
7/9/2008 11:14:00 PM
If you have been following my blog you might have seen a previous post titled Secure Blogging… In this entry I talked about the changes I made to BlogEngine.DLL to support SSL connections for MetaWeblogAPI calls. These changes were proposed to Mads for inclusion in the next version of Bl...
[More]
by chris
5/21/2008 3:20:45 PM
An interesting article was posted on Technology Review that outlined a vulnerability with OpenSSL. Apparently a development group decided to make an "improvement" to the OpenSSL source code and the result was a severely degraded entropy to create the cryptographic keys used by OpenSSL applica...
[More]
by Chris
5/3/2008 10:18:40 PM
Working with my customer I ran into an interesting issue that I think is worth sharing with everyone (not to imply that everyone is reading my blog). I work with the government and we have been forced to configure our web servers with the FIPS compliant algorithms. If you aren't familiar...
[More]
by Chris
4/24/2008 11:15:00 AM
At a customer site this week I overheard the discussion "that password is base64 encrypted"... Ugh, my ears started burning. There is no such thing as base64 encryption, and the mere idea that some people even use this expression drives me crazy. Nothing like the illusion of ...
[More]
by Chris
4/23/2008 8:01:29 PM
Are you a BlogEngine.NET administrator? Worried about quickly knowing whenever a new vulnerability is discovered? Then please sign up for the BlogEngine.NET Alerts subscription and receive notifications of new vulnerabilities. Sign Up Today!
by Chris
4/13/2008 8:57:00 PM
It turns out that something very helpful can sometimes do some serious harm. I'm talking about the javascripthandler web handler included in BlogEngine.NET. This little gem of code helps compress and ccache javascript files serving up to your readers. Included in this code is...
[More]
by Chris
4/8/2008 1:56:05 PM
I have always been one to try different software products to see if the quality is better. This includes trying Firefox and Opera. I never really liked Opera but my initial feelings on Firefox were extremely positive. After a while it seemed that many things with Firefox felt unpol...
[More]
