Wired‘s recent article on “The 10 Biggest Bank Card Hacks” discussed the role of PCI Compliance. PCI is the Payment Card Industry security standard introduced in 2005. Even though the companies involved in these breaches were “certified PCI compliant”, multiple times, the breaches still occurred. How could that happen? …

New Echo Server for Maxwell Pro TCP Test Environment

Instrument a TCP or UDP stack so that it responds to input streams in minutes, not hours. The new Echo Server provides support for Windows, OS X, Linux, and BSD systems …

Revision 19 of Mini Maxwell and Maxwell G is now in BETA

New packet filters have been added to Mini Maxwell and Maxwell G …

The revelation of the POODLE vulnerability demonstrated that SSL 3.0 should be disabled and removed from any products that still contain it. Companies taking this step include Twitter, Apple, EBay, Mozilla Firefox, Google, and PayPal.

When will others make the change to TLS 1.2? …

Since the Heartbleed bug was exposed in April, one thing has become apparent: the underlying infrastructure of the Internet—and the applications and services that rely on open source projects like SSL and TLS to operate—are extremely vulnerable. And now, many network professionals believe that the only way to make it more secure is to provide oversight into the underlying infrastructure of the Web …

Joost van Dongen of Ronimo-Games blogged about how his team uses throttling to reduce network errors for the Awesomenauts online multiplayer game. First, IWL has a team of network protocol engineers and developers. We are not game developers! We would not presume to tell anyone how to design a game. It seems that we may have a “clash of contexts”, in that game developers and network protocol engineers start with different assumptions and contexts …

Right now an increasing number of developers are deploying their applications via the cloud. In fact, Gartner predicts that the world-wide public cloud services market will reach an astonishing $287 billion by 2017. Unfortunately, many application developers are jumping head first into the cloud without realizing that there are a number of things that could go wrong …

A new method of web browser fingerprinting hit the press today. We’ve been thinking how one might create a countermeasure to this kind of web canvas based browser fingerprinting …

First time buyers are often startled by the price of complete turnkey protocol test suite products. They often wonder if it would be more cost efficient to make their own testing solution. Here are some things to consider when deciding whether or not to make your own TCP/IP Test Suite …

Do you know how SilverCreek compares against other SNMP Agent Test Tools? Find out what the expert learned using five of the available SNMP agent test tools. Not all of them found bugs! One reported false positives! …

Google does not seem to know how to test its autonomous car. In two presentations on the autonomous car, the word “test” is never mentioned. Multiple articles describing the autonomous car also omit testing. The focus is on the “coolness” factor and the number of miles driven. But how does the autonomous car become a fully tested, robust and reliable product that the general public can depend on? …

IWL used our Maxwell Pro TLS Test Suite to test one version of the GnuTLS library. It failed 39 out of 116 of our tests! …