When dictating password policies to users, it is common for such policies to
require that users generate passwords that contain a combination of uppercase
and lowercase letters, as well as numbers and special characters. Moreover,
it is well established that the strengths of such passwords are further
enhanced if the passwords do not in any way resemble dictionary words, since
minor substitutions of dictionary words and names are often included in the
dictionaries used in dictionary-based attacks and in some rainbow table
variants. Thus "D3veloper" would be a less than ideal password since
potentially it's an easily guessed variant of the word "developer."
A common recommendation for dealing with this issue is to suggest the use of
randomly generated passwords such as "0Y=/S?tV". However, such passwords
often pose great difficulty for many users to remember, which ca... (more)
If you watch the news regularly, it is easy to notice that in almost any
given week some company seems to have experienced an electronic break-in or
in some other way experienced a form of computer or network compromise. While
computer security professionals can help to mitigate such risks via the
proper configuration of firewalls, careful crafting of Access Control Lists,
the application of updates, and the judicious application of file permission,
among other measures, it's important that one of the most fundamental ways of
improving the security of a computer or network resour... (more)
With the release of Visual Studio .NET and the structured error-handling
capabilities of the .NET Framework came significant improvements in the way
that VS programmers are able to capture and deal with programmatic errors.
Yet these more robust abilities do not lessen the importance of one of the
most time-tested means of error handling: prevention.
In this article I will highlight various methods of data validation that can
be used to eliminate potentially problematic errors before they have a chance
to occur. Data validation checks any inputted data for potential problems
pri... (more)
In late May 2004, Microsoft made the announcement that it was considering
entering the High-Performance Computing (HPC) Market, a market that has
traditionally been dominated by custom-engineered Unix-based machines. In
recent years, advances in technology have made possible the construction of
lower-cost computing clusters that utilize off-the-shelf hardware such as
Intel- and AMD-based processors. The operating system of choice for these
lower-end clusters has been Linux. In fact, this market is representative of
one of Linux's strongest footholds. Many in the Linux camp consid... (more)
Throughout the last decade, society has witnessed an explosion of network
connectivity among PCs and mobile devices as well as a vast proliferation of
networked applications, ranging from Web-based email to online banking. The
end result of this is that network connectivity has become an almost
indispensable resource for many individuals. Yet along with the convenience
and flexibility of anytime, anywhere network access, society has also seen an
increase in computer-related security and privacy concerns, with the most
dreaded being the possibility of identity theft.
While numero... (more)
Christopher Frenz is the author of "Visual Basic and Visual Basic .NET for Scientists and Engineers" (Apress) and "Pro Perl Parsing" (Apress). He is a faculty member in the Department of Computer Engineering at the New York City College of Technology (CUNY), where he performs computational biology and machine learning research.
Jim Shepherd
Marc Cohn
Walter Hinton
Walt Robertson
Akshat Singh
Chris Shaul
Esmeralda Swartz
