Blog Archive 2012 CVSS – Vulnerability Scoring Gone Wrong Apr 25 2012 Ambiguous RFC leads to Cross Site Scripting Apr 12 2012 Keychain Dumper Updated for iOS 5 Jan 25 2012 2011 Updated iPhone Keychain Dumper May 06 2011 “Secure by Default” doesn’t seem to be ColdFusion’s motto Mar 31 2011 “Researchers steal iPhone passwords in 6 minutes”…true…but not the whole story Feb 28 2011 2010 How NOT to build your client-server security architecture Feb 26 2010 Even if You Don’t Invent Your Own Crypto….It’s Still Hard Jan 19 2010 2009 ViewStateViewer: A GUI Tool for deserializing/reserializing ViewState Aug 03 2009