Already a member? Log in

Sign up with your...

or

Sign Up with your email address

Add Tags

Duplicate Tags

Rename Tags

Share It With Others!

Save Link

Sign in

Sign Up with your email address

Sign up

By clicking the button, you agree to the Terms & Conditions.

Forgot Password?

Please enter your username below and press the send button.
A password reset link will be sent to you.

If you are unable to access the email address originally associated with your Delicious account, we recommend creating a new account.

ADVERTISEMENT
ADVERTISEMENT

Links 1 through 10 of 27 by Tom Armitage tagged security

"The point is that making one-click tools that force the entire web to play catchup, whilst putting people at risk, just isn’t a sensible way of talking about security. There’s a reason we (most of us, anyway) don’t secure our houses with turret guns and dogs, and that’s because most of the time, a lock and key is good enough. We want just enough security to feel safe at night, and not to cause us too much hassle. And that’s why this tool makes me sad. Because it’s a symbol of an arms race – a fight to the death over unimportant things, when really, I’d rather not have to remember to lock my windows at night." Yes.

Share It With Others!

"...for reasons that baffle me, my TV can only receive the four terrestrial channels, plus a grainy feed from the building’s security cameras. Easy choice."

Share It With Others!

"...we roped in Nate McFeters, another local, and put together a security talk for indie Mac developers with no budget for security. What does a security talk for Mac developers look like? As it turns out, it’s very much like the talk we think every indie developer, Mac or not, should see, and it’s very much unlike the talk the rest of the security industry is giving." Good stuff: simple, clear, well-thought out, and very hard to argue with.

Share It With Others!

"Lose/Lose is a simple vertical-scrolling shoot'em up with a twist -- each alien appearing on your screen represents a random file on your computer. Thus, each time you kill an alien, the game will delete that sprite's associated file. If the aliens manage to destroy your ship, the Lose/Lose application is deleted." Way to make a point, but, you know, *blimey*.

Share It With Others!

This is not good. And the worst part: "Hundreds of public bodies and quangos, including local councils, will also be able to access the data to investigate flytipping and other less serious crimes." It's not the police having this that's the big worry; it's the incompetent lower echelons of civil service. who shouldn't need this.

Share It With Others!

"in other words: Please ensure that there is absolutely no way for your customer to know whether we are showing the form or you are. In fact, please train your customer to give their “Verified by Visa” password to anyone who asks for it." Eesh. I knew I never licked VBV, but this just proves, accutely, *why* I don't like it.

Share It With Others!

"The web is about sharing ... and people will share with the tools they’re given. If username and password are front and centre, then they’re the tools people will use. There’s so much usability dogma about reducing the sign-up process and throwing people into use that important details – such as explaining what all the cogs and levers do – are forgotten, or assumed as knowledge." This is excellent, and all true, and I do not know how to solve this. But Chris' comments - that this is not stupid, this is how people are - are all spot on.

Share It With Others!

Some nice tips in here, mainly about blocking access to things and security.

Share It With Others!

"This article provides a simple positive model for preventing XSS using output escaping/encoding properly. While there are a huge number of XSS attack vectors, following a few simple rules can completely defend against this serious attack." Pretty comprehensive, and some clear guidelines if, like me, you're unsure where to start when protecting against XSS.

Share It With Others!

"So we’ve progressed now from having just a Registry key entry, to having an executable, to having a randomly-named executable, to having an executable which is shuffled around a little bit on each machine, to one that’s encrypted– really more just obfuscated– to an executable that doesn’t even run as an executable. It runs merely as a series of threads." Fascinating interview with a smart guy, who at one point in his life, did some bad (if not entirely unethical) work.

Share It With Others!

ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT