The Controversial Practice of SSL Inspection - A Betrayal of Trust?

There’s a thin line between safeguarding corporate assets and invading personal privacy. One of the practices that continually straddle this line is SSL Inspection, a controversial technique utilized by organizations in the name of security. While it might seem like a fair move to protect proprietary information, let’s dive into why this technique is often seen as intrusive and potentially damaging.

More …

Attaching Windbg to Managed Application

You may want time to time dig into the implementation detail of the code you are working with(e.g. how they are represented in RAM). Windbg with the help of SOS extension gives you lot of those implementation detail. But when the initial breakpoint is hit the CLR has not yet been loaded and Windbg doesn’t allow you to load SOS. What you can do here is that temporary set a Console.ReadLine() in your code and hit Ctrl + Break to break the debugger at your desired location.

More …

Transport Layer Security (TLS)

What is Transport Layer

In the Open Systems Interconnection(OSI) model the transport layer is most often referred to as Layer 4. It resides between network layer and session layer. Almost all modern authentication protocols rely heavily on transport layer security.

What is Transport Layer Security (TLS)

TLS is a protocol designed to provide communications security over a computer network. It is the successor of the SSL. The protocol is defined here. It can provide privacy and data integrity between two communicating applications.

Why it is important

It allows unprotected protocols like HTTP to travel across a secure tunnel and adds following features to the HTTP

More …

Security Fundamentals 1 - What is CIA

In computer security CIA is the abbreviation for following terms.

  • Confidentiality
  • Integrity
  • Availability

Confidentiality

This means keeping the information secure from unauthorized access. The technologies involved are encryption, authentication, and authorization(access control)

More …