Welcome

Something Amazing Happened in Java Security Today

Today Jim Manico (Twitter:@manicode) was nominated and announced a Java Champion.  Jim is the founder and leader of Manicode, a software security training company.  So why do I think this is amazing?

TLS 1.3 Support Planned for Java

Earlier today Sean Mullan(Twitter: @seanmullan) on the Java team announced TLS 1.3 support on Twitter.   JEP 332: Transport Layer Security (TLS) 1.3 describes the current plans for support.

Using OWASP DeepViolet within OWASP ZAP

OWASP DeepViolet has been included and available in OWASP ZAP for awhile now as an additional add-on component.  Briefly the background is that DeepViolet is a TLS/SSL scanning API and set of tools.  OWASP ZAP is a Flagship application security scanner and includes some DeepViolet features for it’s TLS/SSL scanning.  I decided to post this … Continue reading “Using OWASP DeepViolet within OWASP ZAP”

Top Security Expert, IoT Security is a Market Failure

In a recent blog post, Security Economics of the Internet of Things on Schneier on Security, security expert and cryptologist Bruce Schneier describes economics related to securing IoT devices.  The post was written due to unprecedented DDOS attacks against investigative security journalist Brian Krebs and his web site krebsonsecurity.com.

OWASP Security Logging Project Explored

The OWASP Security Logging Project is a security logging API that extends popular logging technologies providing powerful security logging capabilities to your projects.  If your project already uses a popular logging API like log4j, logj2, logback, etc. then most of your work is done.  Even for legacy projects there are some benefits.  In this post I … Continue reading “OWASP Security Logging Project Explored”

BlueCoat has Intermediate CA signed by Symantec

Updated June 12, 2016 A digital certificate was created by Symantec for Blue Coat Systems Inc.  The digital certificate is a special type of certificate that allows Blue Coat to operate as a trusted Certificate Authority(CA).  The certificate allows Blue Coat to create new digital certificates for use on highly trusted web sites like those … Continue reading “BlueCoat has Intermediate CA signed by Symantec”

Cloud Act Law Passed

In case you missed it the, Clarifying Lawful Overseas Use of Data Act or better known the as CLOUD Act was recently passed.  The CLOUD Act expands the U.S. Governments reach of warrants and subpoenas to data stored by U.S. companies abroad.  The law was announced in the March 25, 2018 edition of the WSJ, U.S. … Continue reading “Cloud Act Law Passed”

Tracking Aircraft on Raspberry PI

Photo: Raspberry Pi RLT-SDR receiver What can you do with a RLT-SDR receiver, dump1090 software, and a Raspberry PI?  Easy, you can capture data like flight numbers, altitude, speed, and position information from ADS-B equipped aircraft in your area. Ever since I was a kid I always enjoyed listening to my Grandfather’s shortwave radio.  Every … Continue reading “Tracking Aircraft on Raspberry PI”