Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!
My question is: What are Slashdot readers' preferred tools for analyzing .NET and Java compiled libraries (not source code) for potential security vulnerabilities? Ideally, I would like to know if a library is a security liability before I code against it. For example, Microsoft used to have something called FxCop, but it hasn't been updated for current versions of the .NET framework."
In essence, my client performs a Man-In-The-Middle attack on all of their employees, interrupting HTTPS communications via a network coordinated reverse-proxy with false certificate generation. My assumption is that the client logs all HTTPS traffic this way, capturing banking records, passwords, and similar data on their employees.
My question: How common is it for employers to perform MITM attacks on their own employees?"
An Anonymous reader also wrote in that "Outgoing National Security Agency boss General Keith Alexander says reporters lack the ability to properly analyze the NSA's broad surveillance powers and that forthcoming responses to the spying revelations may include 'media leaks legislation.' 'I think we are going to make headway over the next few weeks on media leaks. I am an optimist. I think if we make the right steps on the media leaks legislation, then cyber legislation will be a lot easier,' Alexander said."
Here's another statement taken from the company's website: "QuintessenceLabs is the first in the world to exploit a new generation of quantum cryptographic technology which enables unbreakable, secure storage and communication of sensitive information through the generation of an ultra-secure cryptographic key." Unbreakable? That's a strong boast. Is it true? And even if it's only partly true, your upper management may call on you to explain (and possibly implement) laser-based quantum security, so you need to know what it is and how it works -- and whether it's something your company (or your client companies) need.