These are my slides from the presentation I gave at LugRadio Live 2009 at Wolverhampton. The presentation was a brief tour of some common security issues you might come across developing web applications. I also covered ReDOS which is a lot less well known but an interesting vulnerability. The notes…
There was an interesting article on the Google Webmaster Central blog [http://googlewebmastercentral.blogspot.com/2009/01/open-redirect-urls-is-your-site-being.html] back in Jan talking about open redirects being abused by spammers. One point they didn't go into too much detail on is that of phishing vectors. If you'…
I used FileVault [http://www.apple.com/macosx/features/filevault/] for about a month and I found it really degraded the overall experience of using my mac. Basically using filevault caused a huge slowdown in performance. In addition I quickly found the repeated prompting to compact the filevault every time…
This is a warning to anyone out there using Dreamweaver to check files in and out [http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=tn_15447] from their web server. The lock files (.lck) that tell your colleagues that you have a file checked out can be indexed by…