You are here: silicon.com > Resources > White Papers > Software and Web Development > Software Development Tools > Programming Languages

Programming Languages White Papers

All Input Data Is Evil - So Make Sure You Handle It Correctly and With Due Care

Overview IT professionals agree that input is a big source of trouble. Input ultimately determines how applications work and wrong or malicious input may cause serious damage. It is extremely important that developers have this fact firmly in mind and consequently apply adequate countermeasures. Starting from the perspective that all input is evil is a good approach. Reasoning in terms of a whitelist instead of a blacklist is another excellent strategy. Working with strongly typed data is the third pillar of secure applications. This paper discusses the role of input data and related attacks in the context of ASP.NET applications.

Further White Paper Details
Publisher	Jupitermedia	File Format	HTML
Date Published	May 2007
Format	White Papers
Topics	Programming Languages, .NET, Application Development

Did you find this white paper useful? 1 out of 3 users found this white paper useful

Peter Cochrane's Uncommon Sense: Forget 'think different' - think 'non-linear'...

This column was typed on my G4 laptop flying Chicago to London on BA298 and despatched from my home on a super-fast high-speed connection a couple of weeks later. But should we go beyond ‘the elastic limit’ it will suffer damage and ultimately break.

Reliance on Microsoft makes firms vulnerable says Gartner

Monoculture" more cost-efficient but greater chance of major security damage. Exclusive reliance on Microsoft's Windows operating system could make companies vulnerable to greater damage during a cyberattack, according to an upcoming report from...

Channel:
Operating Systems

Leader: How to jail a cybercriminal

If we are to see a greater array of convictions for cybercrime we need to have in place a recognised means of quantifying and reporting the damage done and a way of conveying to a judge that £1m of malicious or wanton damage online is exactly the...

Trojans attacking the UK come from China

Sunner said these attacks always aim at a small number of organisations, and the terms "information warfare" and "industrial strength" were misleading in this context. Malicious programs the UK government has said are attacking key business and...

Channel:
Malware
Tags:
trojan,
messagelabs

Quocirca's Straight Talking: Say 'no' to walled gardens

The mobile incarnation of a fixed internet service, for example, will sometimes require a lot more in the way of sophisticated middleware to deal with limited and variable bandwidth, interrupted connections and the constrained display and input...

Microsoft beefs up Vista's buffer

The feature, which is called Address Space Layout Randomization (ASLR), loads key system files in different memory locations each time the PC starts, making it harder for malicious code to run, according to Microsoft.

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Programming Languages White Papers

All Input Data Is Evil - So Make Sure You Handle It Correctly and With Due Care

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific