New Form of Touchscreen Displays Pioneered, Extremely Multi-Touch
You've heard of resistive touchscreens, and hopefully you've been fortunate enough to own a capacitive touchscreen phone. But have you heard of Interpolating Force-Sensitive Resistance, or I.F.S.R touchscreen technology? Touchco hopes you soon will. A bunch of scientists at New York Universit![DIY Moped Runs on Air [Air Powered]](http://gizmodo.com/assets/resources/2008/04/800_AirPropelVehicle09PlanetMechanics.JPG)
DIY Moped Runs on Air [Air Powered]
This Puch moped only has a range of about 7 miles and with a top speed of only 18 mph, it isn't going to break any land speed records, but there is definitely something special about it: it runs on air. Jim Stansfield, an aeronautics graduate outfitted his Puch with a pair of carbon-fiber air cylind
Broadcom Wi-Fi Chips to Have Skyhook Wi-Fi Positioning Built-In
Broadcom already makes a boatload of the GPS chips found in mobile phones and other location-aware gadgets, and now they're adding Skyhook's Wi-Fi positioning service to most of their mobile Wi-Fi chipsets, spreading the location-based love even without GPS. This is how iPhone regular finds you
Nokia C6 and C7 Touchscreen Phones Have 8MP Camera and New ClearBlack Displays
Describing the C6 as a "premium touchscreen," it has a new ClearBlack Display which they're trying to position as the Pioneer KURO of the phone world—blacker blacks, but also brighter colors. The C7 is an even skinnier version. Both Symbian^3 phones have 8MP cameras and shoot video at 720p reso
CCleaner 2.21.940
CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. But the best part is that it's fast (normal
12TB DVDs Could Be On The Way
A storage density of 51MB per square centimeter? Whatever, standard DVDs. Australian scientists developed a new multilayer optical storage medium that can house data at 1.1TB/cm3. Unlike existing DVD technology, the key to this data storage technique is the fact that multiple pieces of data can b
Sign Up Now to Test Google Wave in September
Yesterday we told you that Google Wave was opening to 100,000 regular folk at the end of September, but on closer examination, it looks like Google's already allowing users to get in line for their invite to the limited preview. Just head over to the Google Wave's sign up for updates page, enter iGoogle releases skipfish, an application security tool
Posted by AceNik on Mar 27, 2010•
Email This Post | |
As someone who manages web applications, skipfish is a really easy and quick way to run your website through a fairly comprehensive set of tests. Today, Google officially released the tool to the public in hopes to help make the web a safer place. On the flip side, a tool that does a good job of detecting vulnerabilities like this, will naturally be used by people looking to abuse it as well.
Skipfish runs through a set of tests which detect high, medium and low risk flaws. Some of the higher risk ones include:
Server-side SQL injection (including blind vectors, numerical parameters).
Explicit SQL-like syntax in GET or POST parameters.
Server-side shell command injection (including blind vectors).
Server-side XML / XPath injection (including blind vectors).
Format string vulnerabilities.
Integer overflow vulnerabilities.
These specific flaws can lead to system compromise — detecting them early, and proactively is surely something worth doing.
This isn’t the only tool of its kind though. There are several free and commercial tools available that can do the same job (like Nikto2 and Nessus) — in some cases better. In any case, it’s about time people started taking security seriously, and using a tool like this is a good step in the right direction.
Related posts
Other News:
Loading...
RSS
