Skip to content

{ Category Archives } security

CSRF, Crumbs, and Cookies.

Simon Willison held a talk showing off a cavalcade of security hacks that have plagued major sites in the recent past, along with the ways to ensure you don’t suffer from the same problems. One particular attack, or rather, the solution to it, piqued my interest: Cross Site Request Forgery, a.k.a. CSRF, a.k.a. seasurf. Simon suggested [...]

Tagged , ,
2008 10 02 programming Comments (7)

Practical Security

Computer Security is an ill-understood subject. Generally, one is either utterly clueless about it (and movies aren’t helping, spewing forth such misguided wisdom as ‘any system, given enough time, can be cracked’), or quite the expert, and the initiated have a tendency to overdo it a bit, putting it mandatory password changes every month and [...]

2006 06 18 Comments Off