Security

If you have visited a HTTPS site and got an error message which you do not understand, then this article is for you. Here I cover the common errors encountered while browsing HTTPS sites.

So, today morning I received an email saying I received an Orkut scrap from a friend with contents “Bom Sabado”. Within a minute, I received the same scrap from another friend. Now getting the feeling that this must be some sort of worm, I decided to open Orkut with firebug logging enabled to see what was going on. It turns out that it’s a typical case of Cross-Site Scripting (XSS), the attacker can inject and execute its script from hxxp://tptools.org/worm.js and the contents of scrap are able to by-pass Orkut sanitization.

We all use HTTPS and vaguely understands it as a more secure form of communication. This article is aimed at better understanding of HTTPS and how secure it is.

Indian Govt. has asked RIM (maker of the BlackBerry smartphone) to provide access to the data going through its servers for intelligence purposes and it appears that BlackBerry has accepted the demands. Due to the lack of understanding of encryption on the part of Indian media, misleading and ambiguous reports have been published on the same. This blog post is an effort to clarify the same.