Watcher version 1.1.0 is now available for download from Microsoft’s repository of open-source projects. The Redmond company is not the author of Watcher, but it is certainly recommending the tool via its online hotspot dedicated to the Security Development Lifecycle. Put together by Casaba Security, Watcher is designed to enhance Fiddler proxy, a tool developed by Eric Lawrence, IE program manager. In this context, the plug-in from Casaba Security complements Lawrence’s web debugging proxy, closely monitoring and analyzing HTTP traffic.
“Watcher is a plug-in for Eric Lawrence’s Fiddler proxy aimed at helping developers and testers find security issues in their web-apps fast and effortlessly. Because it works passively at runtime, you have to drive it by opening a browser and cruising through your web-app as an end user. For the developer, the tool can provide a quick sanity check, so you can find problems and hot-spots that warrant further attention. In the hands of a pen-tester it can assist in finding issues that lead to other attacks like XSS and CSRF,” revealed Chris Weber of Casaba Security. More »
It is recommend for you to have a secure connection network between your PC and the Gmail server. Let say if you login to Gmail using a public network like wireless or hotspot in Starbucks, someone can tamper or see the sensitive information transferred from your PC to the Gmail server. This is because the network you are using is not secure and is open to everybody.
Non-secure networks make it easier for someone to impersonate you and gain full access to your Google account, including any sensitive data it may contain like bank statements or online log-in credentials.
To check whether you are in a secure connection or not, check that the protocol that being used is https at the address bar. And also, there is a Lock icon at the bottom right corner of your browser (Firefox).
When you have both of them, that’s mean you are in a secure connection. No one can tamper or modify or spying on the data transferred between you and the Gmail server. You are now safe and secure to send emails, at least. More »
Gmail recently became more secure for users and now you can use the Gmail SSL (Secure Socket Layer) feature to enable HTTPS for a more secure connection online while accessing your email. But you have to enable the setting…
Secure Gmail Connection
How to enable default secure Gmail connection?
Login to Gmail > Go to Settings > General > Browser Connection
Browser Connection set to https will force a secure connection and is essential to keep your data safe and protect it from hijacking. It is essential particularly for those accessing Internet and gmail via public Wifi or non-encrypted networks. So if you routinely login via wireless internet at coffee shops, airports, college dorms, then you might need this additional layer of security.
But I see https when I login?
Gmail uses https to protect your password every time you log into Gmail, but they don’t use https once you’re in your mail unless you enable this setting. More »