Security

Just completed reading " The Tangled web: A guide to securing modern applications" by Michael Zalewski. The book is surprisingly small given the amount of information it covers about the interaction of web browsers, websites, and client-side web technologies. The book starts with a discussion of what a valid URL could look like (http://yahoo.com:80@google.com/microsoft.com - think which site is being connected to here) and then discusses several fundamental building blocks of the modern web (like cookies) as well as standard technologies (like Flash) in depth....

Came across a few interesting posts like this on my wall today.

This article illustrates some examples of how the Indian government deals with (Information) Technology. Some of these projects are unheard of while some generated unnecessary hype.

CERT-In is a low-profile (Indian) government organization. The Government of India established the Computer Emergency Response Team (“CERT-IN”) to ensure Internet security. Many institutions, including the Ministry of Home Affairs, courts, the intelligence services, the police, and the National Human Rights Commission, may call on it for specialist expertise. CERT-IN’s stated mission is “to enhance the security of India’s Communications and Information Infrastructure through proactive action and effective collaboration” [ Source] I had a chance to visit CERT-In last week. The experience was overall good, unlike the typical dirty government office with laid-back employees, I saw employees enthusiastic about their work (and a colorful office).

If you have visited a HTTPS site and got an error message which you do not understand, then this article is for you. Here I cover the common errors encountered while browsing HTTPS sites.

Indian Govt. has asked RIM (maker of the BlackBerry smartphone) to provide access to the data going through its servers for intelligence purposes and it appears that BlackBerry has accepted the demands. Due to the lack of understanding of encryption on the part of Indian media, misleading and ambiguous reports have been published on the same. This blog post is an effort to clarify the same.