Tag: security

How I Lost My $50,000 Twitter Username

Published 3 years 3 weeks ago on January 29, 2014

This is blatantly terrifying. Many times when the average person thinks about “hackers” they think of the persona portrayed by Hollywood and the media. Many times that persona is wiped away when you read even slightly detailed stories about modern security compromises that happen and the explanations behind them. You get just a small glimpse […]

Data Sanitization and Validation With WordPress

Published 4 years 1 month ago on January 16, 2013

WordPress, while often mis-categorized as an insecure platform, has a ton of extremely useful data sanitization functions we can utilize while building themes and plugins. Yes it’s a bit of extra work, but it’s super important. This article outlines quite a few use cases and targeted responses that likely occur on every one of our […]

I Wrote Some Really Dangerous Code

Published 4 years 3 months ago on November 21, 2012

I Wrote Some Really Dangerous Code | Pippins Plugins. I love articles like this. There’s a ton of honesty here and it’s what makes the information conveyed all the more valuable. I think we can all agree that we’ve caught errors just like the author of this piece. It’s a gut-wrenching learning experience. Articles like […]

Lessons in website security anti-patterns by Tesco

Published 4 years 6 months ago on July 30, 2012

Troy Hunt: Lessons in website security anti-patterns by Tesco. This website has very quickly become one of my favorites. The detail and effort put into each of the author’s posts is inspiring, and I really like his writing style. I’ve linked to a number of his recent articles surrounding security best practices, and here’s another […]

Everything you ever wanted to know about building a secure password reset feature

Published 4 years 6 months ago on July 24, 2012

Troy Hunt: Everything you ever wanted to know about building a secure password reset feature. This is beyond in depth. While the article title might at first look like link bait, this author completely follows through on the claim and it’s impressive. In my experience perhaps the most lax implementation of password recovery is simply […]

The Secure Programmer’s Pledge

Published 4 years 7 months ago on July 17, 2012

ircmaxell’s blog: The Secure Programmer’s Pledge. A great reminder about what punch list to keep in mind when building your projects. There are plenty of details to explore for each item in The Secure Programmer’s Pledge but this list alone gives you plenty to work from and lots to trigger additional areas to explore as […]

Here’s why we keep getting hacked

Published 4 years 7 months ago on July 17, 2012

Troy Hunt: Here’s why we keep getting hacked – clear and present Billabong failures. This is a really interesting (and in depth) look at various attack vectors potentially used in any number of the recent password leak outbreaks we’ve been reading about for the past few months. XSS is fascinating to me, I’m quite inspired by those […]

Storing Passwords Securely

Published 4 years 8 months ago on June 7, 2012

Storing Passwords Securely. Given the recent LinkedIn fumble I’m in agreement that it’s a great reminder to refresh our memories on proper security practices. I don’t claim to be any sort of security expert which is likely why I’m linking to articles on the topic all the time instead of writing them, but I do […]

Md5crypt Password scrambler is no longer considered safe by author

Published 4 years 8 months ago on June 7, 2012

Md5crypt Password scrambler is no longer considered safe by author — PHKs Bikeshed. MD5 hashes are still used prevalently today for password storage, even though we’ve been told time and time again that there are easily accessible alternatives we should be using. Sure, many times the implementations are salted but even so, the author himself […]

A Tale of Two Pwnies Part 1

Published 4 years 8 months ago on May 23, 2012

Chromium Blog: A Tale of Two Pwnies Part 1. This is beyond impressive to me. Articles like these remind me just how much smarter the rest of the world is than me. A short time ago, Google hosted a browser hacking competition for Chrome. Within 24 hours, two people were successful in exploiting the browser, […]

Copyright © 2006—2017 Jonathan Christopher