This show is the redo of our lost security interview with Jason Dean and Peter Freitag. We talk all about security, and what that means. We talk about the good, the bad, and common misconceptions. We also talk about a blog post from Kevin Lynch , Adobe CTO that dove tails in to more talk on flash vs HTML5.
Jason and Peter are also doing a Pre-Conference Class at cf.Objective() on application security. If you are going you should check this class out. Building Secure CFML Applications by Jason Dean and Pete Freitag
Course Description
Hacking a website is one of the best ways to learn about web application security. In this one-day hands-on course you will learn about a wide range of security topics essential to every ColdFusion developer.
The course will begin by covering the principles and foundations of application security. Next you will learn about vulnerabilities by exploiting them in a vulnerable example application. As you hack each vulnerability you will also dig into the source code behind it, and fix it as we discuss countermeasures to prevent these vulnerabilities from showing up in your applications.
Show Topic Links:
Jason Dean's Blog http://www.12robots.com/
FuseGuard Web Application Firewall for ColdFusion
Kevin Lynch's Blog Post: Open Access to Content and Applications
Feb 6, 2010 at 4:35 PM Liked the interview with Seth Rogen... I mean Jason Dean. Seriously that dude sounds just like Seth Rogen.
Feb 10, 2010 at 7:16 AM Do I?
I always thought that I sounded terrible. But I suppose most people do.
Maybe I should head to Hollywood and be another funny, dumpy guy ;)
Awesome
Feb 12, 2010 at 1:37 AM Hi all, is anyone else having trouble with podcasts 40 and 40 via iTunes subscriptions or is just me ?
Feb 12, 2010 at 6:40 AM I'm having difficulty downloading show #40 and #41 from itunes. According to the errors, both show files are corrupted.
Feb 12, 2010 at 7:23 AM I just verified shows 40 and 41 via iTunes. Both played just fine.
Feb 12, 2010 at 8:02 AM @Simon, did you download the mp3 files from this site? If so, did you get a message about this site is being block by openDNS.com?
Feb 12, 2010 at 10:20 AM @Izzy and Dave - hi guys, i subscribed to the podcast a few months back now and the last two podcasts error out when I download them through iTunes. Im in the UK if that helps any ? Ill post the error I get in iTunes too later maybe that will help.
P.S. my company proxy wont let me download the mp3s via the site :0(
Feb 15, 2010 at 6:24 AM Hi all, hope you all had a good valentines weekend ! The error I get in iTunes is "The file might be corrupted, or a file type that iTunes can't play".
Feb 16, 2010 at 6:39 AM That's the same error I got on my desktop which is at work. I was able to download the older shows without any problems. I found out that openDNS.com is blocking cfhour and categorized them as "Adult Theme/Porno". LOL Anyway, I was able to download the two shows from my laptop without any problems.
Feb 16, 2010 at 6:59 AM Thanks Izzy, I'll just have to sort my podcasts from home then :0) Have a great day !
Mar 4, 2010 at 5:01 AM hi guys, has anyone had problems decrypting Blowfish encrypted data ? The dta is encrypted using a vb process on a sql server. I have been told the way its encrypted and applied the key to the decrypt tag in cf but keep getting the error "An error occurred while trying to encrypt or decrypt your input string: '' Can not decode string "21E3785894BD6A913860".. . " The last bit of the error is the key im passing and not the string im trying to decrypt. Any ideas ?