Proper Case for Names using ColdFusion REReplace

Format a string so that it appears like a properly formatted name. For example: "jaMes" becomes "James" or "dr. spock" becomes "Dr. Spock".

The code uses a single line of semi-complex Regex through the REReplace() function.

First it changes the input string to lower case, then it searches for all instances of:

• a character at the beginning of the string
• a character preceded by a blank (tab or space) ..and replaces the match with it's uppercase equivalent..

Associated Code :
<CFPARAM name="fullName" default="dr. spock">

<CFSETformattedName = REReplace(LCase(fullName), "(^[[:alpha:]]|[[:blank:]][[:alpha:]])", "\U\1\E", "ALL")>

<CFOUTPUT>#formattedName#</CFOUTPUT>

Intrusion detection honeypots simplify network security | Security Central - InfoWorld

You should see the look on people’s faces when I tell them certain aspects of applications I write are actually honeypots designed to make hackers waste time trying to figure out what a particular value represents.

One cool trick I use is in the links that pass values from one page in an application to the next.

The real value has a Base64 hashed value – it looks simply like a bunch of characters thrown together. Then there is another value in the link that simply says RecordID=123456.

Of course ‘RecordID’ is the honeypot.

The value is simply a RandRange() command producing a random number.

The idea is that the would-be hacker will first go for the easy numeric value and try to figure out what that is for before they try to take apart the Base64 (salted of course) value.

Anyway, give this article on InfoWorld a read, it has other nice information about how to employ honeypots.

Intrusion detection honeypots simplify network security | Security Central - InfoWorld

OWASP Appsec USA 2013, New York, New York

Mary Ann Davidson, Chief Security Officer at Oracle will be one of the key note speakers at the 2013 APPSEC in New York this November.

Ms Davidson is one of the top five ‘Women of Vision’ in web application security.

Her complete bio:

Mary Ann Davidson is the Chief Security Officer at Oracle Corporation, responsible for Oracle Software Security Assurance. She represents Oracle on the Board of Directors of the Information Technology Information Sharing and Analysis Center (IT-ISAC), and serves on the international board of the Information Systems Security Association (ISSA). She has been named one ofInformation Security's top five "Women of Vision," is a Federal 100 award recipient from Federal Computer Week, and was recently named to the ISSA Hall of Fame. She has served on the Defense Science Board and as a member of the Center for Strategic and International Studies Commission on Cybersecurity for the 44th Presidency. She has testified on cybersecurity to the U.S. House of Representatives (Energy and Commerce Committee; Armed Services Committee; and Homeland Security Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology) and the U.S. Senate Committee on Commerce, Science and Technology.

Ms. Davidson has a BSME from the University of Virginia and an MBA from the Wharton School of the University of Pennsylvania. She has also served as a commissioned officer in the U.S. Navy Civil Engineer Corps, during which she was awarded the Navy Achievement Medal.

OWASP Appsec USA 2013, New York, New York

Kepler’s Law and Software Design

Jim Harris, of LT Online (Lawtrac), offers a few tips on selecting software that is 'lawyer friendly'. He explains a natural law of physics that can be used to measure too much information on the screen, Kepler’s Law, and how it applies to your everyday life. He encourages the use of targeted data to improve efficiency and productivity.

Q: Doesn’t My Password Protect My Computer?

Interesting article by Sam Glover (link below) on the blog site “Lawyerist”.

He took the time to explain passwords on operating systems and how they (if you have the right equipment) can be bypassed to pull stiff directly from the hard drive.

“There is no password that can protect the data on your hard drive”, explains Sam.

He went on to elaborate about using data encryption to help safeguard your information.

Check it out…..

Q: Doesn’t My Password Protect My Computer?

UNITED TECHNOLOGIES CORPORATION - Association of Corporate Counsel (ACC)

Lawtrac in the news….

United Technologies (UTC / UTX) has reduced the value-based fees paid to outside counsel by an astonishing 70% !!!!

Lawtrac is the software my team and I write. Others here at LT Online provide customer support and of course more.

What a feather in our cap to have a customer chosen as one of the winners of the ACC Value Challenge for 2013.

As Charles D. Gill, one of the judges stated:

This example underscores that this is really a journey and every point is progress, but the progress doesn't end. The commitment to the journey was remarkable.

UNITED TECHNOLOGIES CORPORATION - Association of Corporate Counsel (ACC)

Military Crosswalk Search

Military Crosswalk Search

Very well done…  Plug-in your US MOS (now called MOC???) and it will spill-out all the skills you can include in a resume.  Skills that cross into civilian life.

This is a part of http://JobCenter.USA.gov.

Highly recommended; link: Military Crosswalk Search – give it a try.

Authentication Factors

There are three categories of authentication factors:

1. Ownership Factor
2. Knowledge Factor
3. Inherence Factor

Any good authentication system should be using at least two of these.

An Ownership Factor looks at what you have. This could be your ATM card, one of those RSA Tokens with the number that is always changing, or even a simple key on your key ring.

The Knowledge Factor is an examination of something you know such as the PIN number for that ATM card, a password or the answer to a challenge question.

Finally, the Inherence Factor looks for something you are. This could by your fingerprint or some other physical trait that is only yours. You'll hear this called biometrics.