Tag: Security
PCMag – Google Patches Flash Zero Day Bug, Jumps the Gun on Adobe Again
The bad habit isn’t Google patching security holes it’s Adobe not patching them first.
Ars Technica – Hackers turn MySQL.com into malware launchpad
What the heck is Oracle doing with MySQL?
Mark Story – Using bcrypt for passwords in CakePHP
Awesome, I tried doing this in CakePHP 1.3 a few weeks ago but couldn’t get it to work right all the time.
Scripting News – Facebook is scaring me
Count me in the group of people now staying logged out of Facebook by default.
Freedom to Tinker – NJ election cover-up
Just plain scary a whole election result considered null and void, no idea what happened, who to blame or how to fix the problem.
RScott.org – GoDaddy’s New “Selective DNS Blackouts” Policy
As if you needed another reason to not use GoDaddy.
Neal Poole – Cross-Site Scripting via Error Reporting Notices in PHP
Though to be fair you probably shouldn’t be using display_errors in a production site.
codahale.com – A Lesson In Timing Attacks (or, Don’t use MessageDigest.isEquals)
Nice intro to timing attacks along the way.
Identity at Mozilla – How BrowserID differs from OpenID
Some really impressive work from the team at Mozilla, defiantly simpler to get started and using than OpenID and eliminates the which OpenID provider did I use for this site.
Freedom to Tinker – New Research Result: Bubble Forms Not So Anonymous
Even something as simple and low tech as bubble forms can’t be totally anonymous.