Author: Kaveh Mofidi
-
Why Folks Are Not Able to Secure Their Network?
The question simply is: Why we do not feel insecure even spending a lot, giant teams of professional and bunch of fancy tools? And the answer simply is: Wrong Direction! As long as one’s going wrong direction, we certainly cannot even imagine being able to reach the destination. How it is possible to reach the…
-
Is Whitelisting a Good Security Practice?
Whitelisting has been for sure a relatively standard and sometimes as a hardening security measure but it depends how we implement and maintain it and where it is initially enforced. Whitelisting could be against you if setup at the wrong spot or with inadequate supportive elements. I highly recommend whitelisting behavior rather than whitelisting elements…
-
Why Common Vulnerability Scanning Practice is Useless?
I hope you will find this so obvious but unfortunately security community is highly relied on vulnerability scanning in a way which makes it totally useless or even harmful! Vulnerability assessment is evaluating of a System against known and potential security flaws. A System is simply a collection of processes, workflows, people, nodes, software…but traditional…
-
Penetration Testing vs. Secure Code Review
What is the best way to make sure a software product is secure? The easiest way is to roll out to the market and see what is going to happen and hope everything does well…no kidding, that is what most software developers do! Let’s forget about what majority of software community do and see what…
-
Monitoring: The Forgotten Discipline
The Myth of “Proactive” Every company claims to be proactive. They buy dashboards, automate alerts, and call it visibility. But visibility without interpretation is just noise. And noise is the enemy of monitoring. These days, the market is full of tools that promise prediction. None deliver it. They only record symptoms faster. What You Actually…
-
Audio Fingerprinting: The Sound of Surveillance
The Invisible Signature Every sound you make online, a voice clip, a stream, a meeting, carries a fingerprint. Not the kind you leave on glass, but the kind you leave in frequency. It’s invisible, persistent, and mathematically unique. And once captured, it never forgets you. I believe audio fingerprinting is the quietest form of tracking.…
-
are we still coding, or just copy‑pasting?
this generation of developers has access to more tools than any other time in history. stackoverflow, github issues, reddit, dev.to, kite, tabnine, intellicode… the list keeps growing. and with every new “assistant,” we get further away from the one thing that actually matters in software development: originality. but let’s be honest — the problem is…
-
Learn security from internet but not just Google
if you learn cooking from fast‑food ads, don’t expect to become a chef.” the internet is bigger than your search bar people think “internet” means whatever shows up on the first page of a search engine. that is the first mistake. search engines are built for popularity, not accuracy. they show what is loud, not…
-
Privacy—Again, But in Different Words
Privacy: your online identity isn’t masked by using a VPN. A VPN simply redirects your traffic to a private sector—where targeting you becomes easier and more meaningful. Whatever we call a “privacy model” is baked into the nature of the system itself. It can’t be changed or avoided unless you opt out entirely. If you…
-
Abusing Internet Users: The Silent Cost Behind “Free” Online Services
There is a reason many of us hesitate to work on platforms like Facebook, Twitter, or any of these so‑called “free” online services. It is not because the technology is bad. It is because the model is bad. These services do not just host our content — they quietly learn from our experiences, our decisions,…