There is no substitute for detailed code reviews, more so if the code is related to security. Any changes to such code, however minor, should be reviewed. However, in addition, it also helps if the compiler, tools etc can help in flagging potential errors.
If you work in the computer security area, it is like drinking from the fire hose, what with the daily revelations about snooping and spying by the NSA. So much to talk, write and discuss. Comedians (and their writers) get excited when interesting politicians become newsmakers, as it makes their jobs much easier and more ... read more
If you are not using lastpass to manage your passwords, you should. I had written some blog articles on lastpass. Now lastpass has added support for using Google Authenticator as the second factor in multi-factor authentication. The first factor in the 2-factor authentication is “what you know” which is a password — the ... read more
About a year ago, I had sung praises of lastpass in my blog article. Yesterday, lastpass said that based on some traffic anomalies, they suspect that part of the encrypted database may have been retrieved by the bad guys. You may know about this as lastpass is asking every user to a) validate their ... read more