Sunday, May 11th, 2008
Inspired by a comment on Ajaxian, I killed another afternoon or two making a small library capable of reading EXIF data from JPEG images, figuring I would at least learn a bit about EXIF and the JPEG (and TIFF) image formats.
Before we start, a small disclaimer. I'm somewhat of a ...
Posted in Coding, Internet, Privacy, Security | 2 Comments
Wednesday, May 7th, 2008
Yahoo is to start flagging links to sites that may contain dangerous content. Google has been warning users if a potentially dangerous website is behind the link in the list of hits displayed for some time now. Yahoo is following suit by marking websites that could possibly infect visitors with ...
Posted in Internet, Security, Software | No Comments
Monday, May 5th, 2008
Nowadays, who understands Di-Di-Di-Da-Da-Da-Di-Di-Dit (S.O.S., Save Our Souls)? Few people do, but your web browser just might. In his blog, security expert Nathan McFeters has reported the discovery of a cross-site scripting (XSS) vulnerability on an Italian website that allows attackers to inject malicious JavaScript encoded in Morse code in ...
Posted in Coding, Internet, Privacy, Security | No Comments
Monday, May 5th, 2008
Today I decided to give a very brief example on pharming and why it's so easy to pharm surfers with little or no skills. Usually, browser exploit writers give simple examples on how to read the boot files, or launch a calculator. There is so much you can do with ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, April 30th, 2008
If you allow user-contributed content in your site, you run into the problem of dealing with user supplied HTML in a safe manner. The most secure way of dealing with things, of course, is to strip or escape all HTML from user input fields. Unfortunately, there are many situations where ...
Posted in Coding, Internet, Security | No Comments
