CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Frequently Asked Questions - Secure IT Practices

Questions:

Q: Challenging Conventional Wisdom
A:

Q: A Common Theme
A:

Q: Purdue CERIAS Researchers Find Vulnerability in Google Protocol
A:

Q: Why We Don’t Have Secure Systems Yet, Introduction
A:

Q: Telling the Future, Looking at the Past: A Few Short Items
A:

Q: Happy Anniversary—Bang My Head Against A Wall
A:

Q: A Valuable Resource for Young People (limited time offer)
A:

Q: Just sayin
A:

Q: Some thoughts on “cybersecurity” professionalization and education
A:

Q: On Student Projects, Phoenix, and Improving Your IT Operations
A:

Q: More than passive defense
A:

Q: Bullies, Pirates and Lulz
A:

Q: A Cautionary Incident
A:

Q: Blast from the Past
A:

Q: Do we need a new Internet?
A:

Q: E-voting rears its head. Again.
A:

Q: Follow-up on the CA Hack
A:

Q: A Serious Threat to Online Trust
A:

Q: Word documents being used in new attacks
A:

Q: Failures in the Supply Chain
A:

Q: PHPSecInfo talk at OSCON 2008
A:

Q: Virtualization Is Successful Because Operating Systems Are Weak
A:

Q: Another Round on Passwords
A:

Q: What did you really expect?
A:

Q: Fun with Internet Video
A:

Q: Items In the news
A:

Q: Diversity
A:

Q: Optional Client-Side Input Validation That Matches Server-side Validation
A:

Q: Do you know where you’re going?
A:

Q: Think OpenOffice is the solution?  Think again.
A:

Q: Irony and DHS
A:

Q: This Week at CERIAS
A:

Q: “Verified by VISA” Issues
A:

Q: More on passwords
A:

Q: Quicktime flaw on Macs brings out the crazies
A:

Q: I told you so
A:

Q: The PHP App Insecurity Top 20
A:

Q: Do Open Source Devs Get Web App Security?  Does Anybody?
A:

Q: PHPSecInfo v0.2 now available
A:

Q: As if we needed more evidence that register_globals is bad
A:

Q: Vulnerability disclosure grace period needs to be short, too short for patches
A:

Q: Security Vigilantes Becoming Small-Time Terrorists
A:

Q: Are You Still E-mailing Word documents?
A:

Q: Community Comments & Feedback to Security Absurdity Article
A:

Q: Now THIS is how to have secure passwords!
A:

Q: Who do you trust?
A:

Q: A great example of how NOT to save passwords
A:

Q: Shiflett on the danger of cross-domain AJAX scripting
A:

Q: The biggest mistake of Myspace
A:

Q: Hacking the MacBook for Biometric Security
A:

Q: OSCON 2006: PHP Security BOF
A:

Q: Security expert recommends ‘Net diversity - Network World
A:

Q: More Useful Firefox Security Extensions
A:

Q: Reporting Vulnerabilities is for the Brave
A:

Q: Using mod_security to block PHP injection attacks
A:

Q: Passwords and human memory
A:

Q: Passwords and Myth
A:

Q: Security Myths and Passwords
A:

Q: What is Secure Software Engineering?
A:

Q: Illinois WiFi piggybacker busted
A:

Q: Web App Security - The New Battlefront
A:

Q: Useful Firefox Security Extensions
A:

Q: Securing wireless networks is far too difficult
A:

Q: Password Security: What Users Know and What They Actually Do
A:

Q: Using Virtual Machines to Defend Against Security and Trust Failures
A:

Q: Using DNS for first-level spam filtering
A:

Q: Didn’t we learn anything from WarGames?
A:

Q: Mambo worm highlights security problems in web app dev
A:

Q: An open source command-line Cassandra!
A:

Q: Managing Web Browser risks with the NoScript extension
A:

Get Your Degree with CERIAS