Tejeddine Mouelhi
  • Home
  • My blog
  • My publications
  • About my research
  • Java programs
  • Pictures
  • pagex

Office 14 going into the cloud

2/26/2009

0 Comments

 

The next release of Office, which is expected in 2010 will be a cloud based apps, offering access to word, excel etc. from the internet.


0 Comments

Bespin, or how to rethink code editors

2/20/2009

1 Comment

 

Cloud apps are starting to be everywhere these days.
Mozilla is realeasing Bespin an online code editor based only on HTML 5 technologies (mainly Javascript).
You can play with it here or grab the code to see how it is done.

I think that this kind of software is very interesting.  I played with it a little bit and I think that it is well done and includes some very nice features (it is pretty fast, scales well etc...).

But still, from a security point of view, I remain pessimistic about the privacy issue. The files are stored and modified in the cloud.

1 Comment

Cloud-based Apps

2/19/2009

0 Comments

 

A very interesting post explains the security issues of Cloud-based apps.
It is the new emerging internet application architecture. Microsoft is one the main actor promoting cloud apps, with its new  Office Live online tools. Another good example of cloud app is the google apps.
The post explains the cloud computing security issues, discussing what are the security aspects applied to web application that cannot be applied to cloud apps.

It is interesting to see that cloud apps require a deep modification/adaptation of security tools and methods.
Another important problem is I think the privacy.  We will end up with having a 'big big brother', more than any other one before. Cloud apps allow the files (data) to be stored in server database, and the applications; like word or excel etc. to be launched from the internet.  i am not sure how much we are able to trust the servers storing all these information and able to monitor the user access to these apps.

I think that, privacy is a very important problem to tackle when discussing about cloud apps.

0 Comments

CWE/SANS Top 25 Most Dangerous Programming Errors

2/16/2009

0 Comments

 

CWE/SANS published a recent report on the most dangerous programming errors, that developers should be aware of. This report is very interesting, and worth reading.
Developers really lack knowledge about security.
In addition, I think that pointing out the most dangerous errors is a good step forward toward  informing the SE community about security issues.

About this subject, i put a comment on veracode security blog.
I argued about the methods security companies are using, which include only two diffrent solution; which are: automated tools for detecting flaws AND security expert manual code audit. Well, that will work to a certain degree but i thing that is not good enough.
I will not go further because my comment is available in their blog entry.

0 Comments

First post in my blog

2/16/2009

0 Comments

 

This is the first post in my blog.
This blog will not talk about my personal life or my daily activities. This, I am sure of it, is not going to be interesting for you.

This will be a security blog. I will try to comment, to point out security news. I will give my opinion and my input on how I see things from my point of view as a young researcher.

0 Comments

    Author

    Dr. Tejeddine Mouelhi
    Expert in IT security & security/software testing

    View my profile on LinkedIn

    Archives

    April 2020
    August 2018
    June 2016
    July 2015
    July 2013
    October 2012
    March 2012
    November 2011
    May 2011
    April 2011
    July 2010
    April 2010
    January 2010
    November 2009
    September 2009
    August 2009
    May 2009
    March 2009
    February 2009

    Categories

    All
    All
    Application Security
    Funny
    Research
    Security Blog
    Worth Reading

    RSS Feed

Powered by Create your own unique website with customizable templates.
  • Home
  • My blog
  • My publications
  • About my research
  • Java programs
  • Pictures
  • pagex