-
Desktop virtualization
By 2011, there could be more than 660 million virtualized desktops. John Whaley, CTO and Founder of MokaFive, talks about the issues surrounding current ...
-
Mobile virtualization
Mike Seashols, Chairman of VirtualLogix, talks about implementing virtualization technologies onto mobile platforms. He says there are many issues that mobile providers have to ...
-
Nurturing sales leads
Phil Fernandez, President and CEO of Marketo, says that many companies today are not managing sales leads effectively. He suggests ways to utilize the ...
-
Managing Internet growth
The Internet is growing by 1 zettabyte a year, fueled by images, videos, gaming, and peer to peer file sharing. Pieter Poll, CTO of ...
-
Online ad strategies
There are more than 300 ad networks that focus on monetizing Web sites, so having a strategy is key. Ren Chin, marketing vice president ...
-
What is semantic search?
Semantic search uses the science of meaning in languageinstead of just searching keywords, it checks the context of the words to return more relevant ...
-
Next generation of business intelligence
Data warehouses collect gigabytes of data everyday but the information is not always meaningful. Why? Angela Shen-Hsieh, President and CEO of Visual I/O, says ...
-
SIP trunking 101
Voice, instant messaging, and video no longer have to be islands of collaboration. Kenneth Kuenzel, founder and CTO of Covergence, shows how SIP trunking ...
-
Wireless inside the enterprise
With the rise of PDAs, Blackberries and mobile phones, the demand for wireless service inside large buildings is increasing every day. Leila Nouri, director ...
-
Intel® vPro™ technology and cost savings
Randy Nystrom, an IT systems engineer at Intel, shows how vPro saves time and money by diagnosing PC problems remotely. The content for this ...
-
Intel® vPro™ technology and manageability
Limited technical support hours and powered down PCs can make it difficult to manage large numbers of PCs. Randy Nystrom, an IT systems engineer ...
-
Application streaming
Updating applications can be time-consuming for both users and administrators. Christian Black, an IT systems engineer at Intel, explains why application streaming is a ...
-
OS streaming
Christian Black, an IT systems engineer for Intel, spells out the many benefits of hard-drive virtualization, or operating system streaming, including faster boot times ...
-
Enterprise 2.0
Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within ...
-
Secure file transfers
John Thielens, vice president of technology at Tumbleweed, talks about the need for managed file transfers that are not only secure, but auditable and ...
-
What is LEED?
"Going green" is becoming commonplace in the corporate world. Paul Holland, general partner at Foundation Capital, explains LEED, the metrics used to certify the ...
-
Unified communications
With desktops, laptops, PDAs and mobile phones, our communication systems have become fragmented. David Leach, senior public consultant for Siemens Enterprise Networks, explains how ...
-
Virtual business
Brent Arslaner, VP of marketing at Unisfair, explains how virtual environments can increase productivity in marketing, sales and human resources departments within a company.
-
Automating virtualization
Richard Whitehead, the director of product marketing at Novell, explains how automation can bridge the gap between physical and virtual machines.
-
Greening the data center
John O'Brien, CTO of Dataupia, explains how carbon footprints are calculated in the data center and discusses ways to tame these power-hungry machines.
-
What is SOA?
Service oriented architecture may be over-hyped, but it does offer lower-cost and easier integration.
-
What is a mashup?
Developers are getting creative, taking APIs from multiple Websites and merging them to form new, innovative applications. Frozenbear.com merges Google maps and Singles to let you know where the single people are in your neighborhood. Parkingcarma.com helps you track down parking spaces in the Bay Area. ZDNet Executive Editor David Berlind says mashups are the fastest growing ecosystem on the Web and that by 2007, there will be 10 new mashups per day.
-
Desktop virtualization
By 2011, there could be more than 660 million virtualized desktops. John Whaley, CTO and Founder of MokaFive, talks about the issues surrounding current infrastructures and says that organizations deploying new systems need to think about four things--management, offline use, cost, and the user experience.
-
Users-to-tech support ratio
How many employees should one tech support staff person oversee? CNET's Justine Nguyen explains the golden ratio of users to tech support staff, and what factors contribute to it.
-
What is virtualization?
Data centers are commonly filled with large numbers of servers that require a tremendous amount of time and money to maintain. Dan Chu of VMware shows how virtualization can optimize fewer servers to run at higher performance levels.
-
Energy-efficient transistors
Rob Willoner, a technology analyst at Intel, explains how smaller and more energy-efficient transistors are resulting in faster and more powerful CPUs.
-
Desktop vs. workstation: Introduction
Sponsored: Dave Buckley, product line manager of workstations at HP, explains the differences between desktops and workstations, and how these differences influence purchasing decisions. The content for this video was sponsored and provided by HP.
-
First steps to SOA
What does it really mean to introduce SOA into an organization? Ross Mason, CTO and co-founder of MuleSource, explains how an enterprise service bus allows different applications to communicate with each other.
-
A load of C.R.A.P.
ZDNet Executive Editor David Berlind suggests that CRAP or Content, Restriction, Annulment, and Protection, is a catchier phrase than DRM - Digital Rights Management. Why does he think this technology is crap? Once you've bought music or other content to play on one device, it won't play on any other device because of the proprietary layer of CRAP.
-
SEO 101
How do you get your Web pages to rank high on search results? CNET's Laura Lippay offers some guidelines for Search Engine Optimization, including how to structure your site, where to position content on your page, and how to increase traffic.
AJAX & security
AJAX is a new Web technology being used in sites like Google Maps and MySpace. Like every new technology, it has security risks. Brian Chess of Fortify Software urges developers to be mindful of these threats.
Hi, my name's Brian Chess. I'm Chief Scientist of Fortify Software, and today we're going to talk about AJAX and Security. AJAX stands for Asynchronous JavaScript And XML. It's a cool new web technology that people are using to build much, much more rich user interfaces on the web. Google Maps is a great example of AJAX at work.
So today we're going to talk about the security implications of using AJAX in your applications. So in order to tell the story, we've got to go back in time to 1988. We're going to talk about the very first worm that ever hit the internet. It was called the Morris Worm. Now in 1988, of course, programs on the internet were almost all written in the C programming language. And a big problem when you're writing in C is buffer overflows. So a program named Send Mail had a buffer overflow in it, and that buffer overflow took advantage of a function named Get S, which stands for Get String. So when you call Get S, a bad guy can actually end up injecting code into your program. And as security folks like to say, as soon as a bad guy can run their code on your computer, it really isn't your computer anymore.
So now we're going to move forward to 2005, when the internet met the MySpace worm. Now the problem with MySpace wasn't related to C because MySpace isn't written in C. The problem with MySpace was related to JavaScript. And in JavaScript you can't have a buffer overflow but you can have a problem known as cross-site scripting, sometimes abbreviated XSS. Now the issue here is that when you've got a cross-site scripting problem, an attacker can, again, inject code that will then get executed in the browser.
Does it sound familiar yet? It's actually exactly the same thing that happens when you run into a buffer overflow in a C program. So from 1988 to 2005, what have we learned? Well, we still have problems with worms. We don't have problems as much anymore with C programs, but we have problems with JavaScript now. We don't have problems with buffer overflow, we've got problems with cross-site scripting. So what the lesson programmers need to keep in mind is when they're doing cool and exciting new stuff like AJAX, it really doesn't matter whether they're programming in C or that they're programming in a language like JavaScript. You've got to keep security in mind.




























