On October 10 I attended Caltech Enterprise Forum and got an opportunity to listen to entrepreneurial journey of Jason Nazar who is the CEO and Co founder of Docstoc.com which according to Jason is the Youtube of Documents. He is local to Southern California and started his journey from SC itself. He has the karizma of a great leader.

Click here to see the entire video from the event.

 

ABSTRACT

Internet & Internet based web applications are becoming popular to perform various on-line tasks and so are web-based vulnerabilities. Web 2.0 is today’ new mantra and much of the new stuff coming up is based on recent advances in Web Technologies viz. XHTML, JavaScript, AJAX, SOAP, Web Services. All these technologies are fast becoming an integral part of new generation Web applications known as Web 2.0 applications. This evolution has led to new attack vectors coming into existence around these new technologies. To combat these new threats one needs to look at different strategies as well. In this paper we shall look at different approaches and tools to improve security at both, the server as well as browser ends. Web applications often make use of JavaScript code that is embedded into web pages to support dynamic client-side behavior. This script code is executed in the context of the user’s web browser. A Virtual Machine running within the browser limits the program to access only certain resources which are most associated with the domain. However if the user mistakenly downloads a compromised or malicious JavaScript code form another website then this code is granted full access to resources such as cookies. Such attacks are called cross-site scripting (XSS) attacks. [1]

This paper presents a brief explanation of various kinds of attacks like XML poisoning, RSS/ATOM Injection, SOAP Parameter Manipulation, XPATH injection and attacks exploiting "client-side" AJAX frameworks. This paper also suggests various ways to mitigate such attacks on Client & Server. Additionally this paper suggests secure coding practices and tips which help avoid majority of these attacks.

Continue reading »

 

I heard about xobni my friend Sam Deskin and read about it on techcrunch. I liked its features and decided to give it a try. I generally don’t like to install lots of plugins on my most used tools since it makes them slow. But Xobni made a huge difference. 

xobni make outlook like gmail. I love gmail for all the great features it has. But at work we use Microsoft Exchange, which is also a great tool for enterprise collaboration. My Blackberry Curve 8900 also works great with exchange and keeps everything in sync. I always wished for gmail like conversation view in outlook. Let me talk about how xobni made my life easier.

Likes:

  • Fast Seaching: xobni does its own indexing and make it really fast to search emails, contacts etc.

  • Email Conversations: xobni displays a small side bar on the right and lists all conversations with the selected contact. I like this feature a lot and don’t have to do lots of clicks to get a list of past emails for that user. Additionally it groups conversations like gmail and lists email text/replies like IM conversation.

  • Attachments: I love this feature. It displays all the files exchanged with a particular user. This features saves so much time for me.

  • Outlook Social: xobni has lots of more features like links to Facebook, LinkedIn, Hoovers. I didn’t find these features so useful yet.

Dislikes:

  • xobni does analytics which I never care about. Its ok not to have this feature and make xobni light-weight.
  • xobni runs a background process for indexing. Some of my friends have experienced their computer slowing down.

How to Install:

Download xobni from http://www.xobni.com and enjoy its features.

What’s Next:

I am eagerly waiting what they have to offer for my blackberry 🙂

I recommend xobni for people who use Outlook. It saves me a lot of time.

 

As a part of my MBA course at Marshall I have to interview a successful Entrepreneur. I was fortunate to get a chance to talk to Ray Galan of RG Pacific about his entrepreneurial journey.

Introduction

Ray Galan, founder of RG Pacific, is a skilled businesses man with excellent entrepreneurial spirit. RG Pacific is a software consulting company with specialization in online marketing and brand building. His creativity and strong passion to work has won him many hearts. Lot of his clients admire him and take his advice when it comes to strategic planning.

Continue reading »