Introduction

The role of security devices is to mitigate and monitor actions deemed inappropriate and/or illegal. We use them to protect ourselves from those who do not morally or legally abide by the common laws intended to stop these attacks. Obviously, criminals are still here, so the risk must outweigh the consequences of being caught. Hence, we surround ourselves with technology in hopes that it will stop attacks on our persons and our information. To understand the methods employed by these criminals, we must, for a short time, think like them, hack like them, and almost become them.

We want to facilitate this thinking from all locations a criminal may use; hence, we discuss the security risks and solutions for all devices, whether network or standalone. A connection between a client and Web server, a peer-to-peer file sharing program, a cell phone, your cellular Internet service provider (ISP), your car alarm, your garage remote opener all carry the risks of information leakage and exposure. And criminals will use all possible methods to obtain access.

The new age of devices and technologies will use many building blocks, thus creating a system, and each component of these systems will offer a potential avenue of attack. Very few components of technology are single items anymore.

This book will show developers, quality assurance (QA) engineers, and security analysts what the problems are and ways to monitor and mitigate those exposures. We also discuss the design modifications and code-level fixes that you can apply to applications...