HP printers can be remotely controlled and set on fire, researchers claim
november 2011 by ohskylab
This is what the internet should be about: remotely setting things on fire.
security
november 2011 by ohskylab
How To Safely Store A Password | codahale.com
january 2011 by ohskylab
"Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt." Thanks, Pete.
via:thegingerbloke
password
encryption
security
programming
development
from delicious
january 2011 by ohskylab
What should a developer know before building a public web site? - Stack Overflow
november 2010 by ohskylab
Honking great lists of things to remember.
standards
code
development
performance
security
seo
stackoverflow
web
november 2010 by ohskylab
Hacker News | Ask HN: How do you secure yourself on public WiFi?
october 2010 by ohskylab
Or rather, how do you secure your machine?
privacy
wifi
vpn
ssh
security
october 2010 by ohskylab
Does Google Censor Tiananmen Square? How To Create an Internet Hoax « Aza on Design
august 2010 by ohskylab
Answer: no. Clever hack with security implications. "In effect, this is taking the old phishing trick of homoglyph attacks—an attack consisting of using confusing look-a-like URLs like paypa1.com with the numeral one replacing the letter ell—and adding a dash of cross-site scripting but where you become the agent of infection: the supposed “censorship” may be shocking enough to cause you to forward the link."
google
hack
phishing
search
seo
security
web
via:alastc
august 2010 by ohskylab
Hardened-PHP Project - PHP Security - Suhosin
june 2010 by ohskylab
"An advanced protection system for PHP installations [...] designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core."
php
security
library
web
tools
development
hardening
june 2010 by ohskylab
Web Application Exploits and Defenses
june 2010 by ohskylab
"This codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application."
code
development
google
hacking
training
testing
web
xss
programming
security
june 2010 by ohskylab
HTTPS Everywhere | Electronic Frontier Foundation
june 2010 by ohskylab
"A Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites."
eff
encryption
extensions
firefox
https
security
ssl
web
june 2010 by ohskylab
Bad Neighborhood - Login LockDown WordPress Security Plugin
may 2010 by ohskylab
"Login LockDown records the IP address and timestamp of every failed WordPress login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery."
wordpress
tools
web
security
plugins
may 2010 by ohskylab
Your PasswordCard
april 2010 by ohskylab
"Your PasswordCard has a unique grid of random letters and digits on it. The rows have different colors, and the columns different symbols. All you do is remember a combination of a symbol and a color, and then read the letters and digits from there."
via:tomtaylor
encryption
security
generator
paper
passwords
tools
privacy
april 2010 by ohskylab
SkipfishDoc - skipfish - Project documentation - Project Hosting on Google Code
april 2010 by ohskylab
"An active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments."
scanner
xss
security
testing
tools
web
penetration
via:paul.irish
april 2010 by ohskylab
KrazyDad » Blog Archive » Mayor of the North Pole
march 2010 by ohskylab
"Last Sunday, while checking into the Hill Street Cafe in Burbank using the foursquare iPhone app, I idly wondered, “Can I become the mayor of the North Pole?” So I tried checking into a nearby 7-Eleven. It worked. I tried the Griffith Observatory about 5 miles away. It worked. I tried Disneyland, which is about an hour away. It didn’t work, but I now had an afternoon hacking project."
api
geo
gps
hacks
location
mobile
foursquare
security
spam
geotagging
march 2010 by ohskylab
PHP Security Consortium: PHPSecInfo
february 2010 by ohskylab
"Provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement."
php
web
tools
security
february 2010 by ohskylab
Bulletproof backups for MySQL | Carsonified
february 2010 by ohskylab
"What my shell script does is allow you to automate correctly backing up a standard MySQL database, or databases, with full end-to-end encryption to an offsite location."
security
data
backup
sysadmin
mysql
encryption
february 2010 by ohskylab
Ultimate Htaccess Tutorial for .htaccess files
january 2010 by ohskylab
Insanely obsessive htaccess gubbins.
htaccess
performance
security
cache
hosting
apache
http
january 2010 by ohskylab
Carsonified » The Definitive Guide to GET vs POST
august 2009 by ohskylab
"There is a lot misuse of GET over POST and vice versa. Both HTTP methods can achieve the same goals, but an incorrect choice between them can lead to unexpected and potentially harmful outcomes."
web
development
forms
security
http
august 2009 by ohskylab
Verified by Visa: a conversion rate killer? | Blog | Econsultancy
july 2009 by ohskylab
"Banks and card providers haven't really done enough to educate customers about the system, or to make the forms more usable, but retailers can at least minimise some of the damage to conversion rates by doing as much as they can to advise customers about what to expect during the checkout process."
usability
ecommerce
web
phishing
security
verifiedbyvisa
july 2009 by ohskylab
Orbicule | Undercover | iPhone
april 2009 by ohskylab
Hurrah, Undercover iPhone version is out. "If your iPhone is stolen, Undercover will pretend to be a game. This will encourage the thief to wait a few seconds for the game to load, enabling Undercover to get accurate location information. This location information is then added to your account and transmitted to the police station where you reported the theft."
security
iphone
undercover
april 2009 by ohskylab
Links » More Banking Stupidity: Phished by Visa
march 2009 by ohskylab
"Take a look at Verified By Visa. Allegedly this protects cardholders - by training them to expect a process in which there’s absolutely no way to know whether you are being phished or not."
security
internet
verifiedbyvisa
banking
phishing
ecommerce
web
bb
march 2009 by ohskylab
Send Me Home - World Peace through Wandering Items
march 2009 by ohskylab
"A free tool that lets you assign a unique code to anything."
web
tools
spime
security
lifehacks
march 2009 by ohskylab
Password Manager + Automatic Form Filler for Mac OS X
february 2009 by ohskylab
Probably a better bet than passwordmaker. "use strong and unique passwords for every site and never forget any of them".
web
tools
mac
security
osx
passwords
february 2009 by ohskylab
Role Manager - Wordpress
november 2008 by ohskylab
"WordPress Version 2.0 introduces the concept of Roles. Each Role is allowed to perform a set of tasks called Capabilities. This Plugin allows you to define and manage multiple subscriber profiles - called Roles and their Capabilities."
wordpress
security
web
authentication
rights
administration
november 2008 by ohskylab
Police vet live music, DJs for 'terror risk' • The Register
november 2008 by ohskylab
"A dozen London boroughs have implemented a "risk assessment" policy for live music that permits the police to ban any live music if they fail to receive personal details from the performers 14 days in advance."
music
london
uk
security
crime
nonsense
via:headlessness
november 2008 by ohskylab
NO2ID :: View topic - They want my passport at work! ....ADVICE??!?!??!
october 2008 by ohskylab
"I have been asked by my work place to provide my passport." Not just employers; looks like it's becoming standard practice for recruiters to ask even if trading as a limited company. Something to do with the Immigration, Asylum and Nationality Act 2006.
via:scrubadub
security
employment
business
work
recruitment
october 2008 by ohskylab
The point of “Open” in OpenID
june 2008 by ohskylab
"Open means that providers and consumers are free to use the protocol in whatever way they wish. If they want to only accept OpenID from a trusted subset of providers, they can go ahead."
microsoft
openid
simonwillison
identity
security
june 2008 by ohskylab
Clickpass
march 2008 by ohskylab
"Log into websites with the click of a button - never again be locked out". Powered by OpenID.
openid
authentication
security
identity
march 2008 by ohskylab
Orbicule | Weblog
march 2008 by ohskylab
I always have this problem: "It turns out that all you have to do is hold down the option (alt) key during startup and once you enter your firmware password you will be able to select a disk."
security
mac
password
osx
firmware
undercover
march 2008 by ohskylab
Sniff browser history for improved user experience
february 2008 by ohskylab
Clever, well-meaning but crosses the privacy line.
javascript
browser
history
usability
css
web
security
february 2008 by ohskylab
dormando - Dormando's [crappy] Operations Mantras
february 2008 by ohskylab
"An omega post of all of the generalized one off mantras I find valuable when approaching operations management."
sysadmin
development
scaling
vcs
security
february 2008 by ohskylab
SSHKeychain
january 2008 by ohskylab
"Painless ssh key management for OS X"
ssh
osx
mac
security
keychain
authentication
january 2008 by ohskylab
Knox—Simply secure encryption and backup for Macintosh computers
january 2008 by ohskylab
"Create as many encrypted vaults as you want, each with separate passwords. Then schedule automatic backups. You can even reformat USB sticks and external drives as encrypted Knox vaults."
security
mac
osx
encryption
backup
january 2008 by ohskylab
Ned Batchelder: October 2007
october 2007 by ohskylab
"When building a web site with HTTPS pages, one of the annoying tasks is to ensure that those pages make no references to HTTP resources. If they do, then Internet Explorer will pop up alarming messages about mixing secure and insecure content". Great tip
https
http
security
web
development
october 2007 by ohskylab
Adactio: Journal - The password anti-pattern
october 2007 by ohskylab
"Asking users to input their email address and password from a third-party site like GMail or Yahoo Mail is completely unacceptable. Here’s why: It teaches people how to be phished."
security
phishing
authentication
development
web
october 2007 by ohskylab
The Identity Corner » The problem(s) with OpenID
september 2007 by ohskylab
Comprehensive listing of problems with OpenID. FUD? Not FUD? Couldn't say myself but author competes in that space. OpenID + Passwordmaker.org is working well for me.
openid
authentication
identity
phishing
privacy
reputation
trust
web
security
september 2007 by ohskylab
Orbicule Undercover & Little Snitch? Read this!
june 2007 by ohskylab
How to prevent Little Snitch messing around with Undercover
apple
osx
software
security
tips
undercover
june 2007 by ohskylab
PasswordMaker. One Password To Rule Them All.™
may 2007 by ohskylab
"A small, lightweight, free, extension for Internet Explorer, Firefox, Mozilla, Netscape, Flock, and Yahoo! Widgets which creates unique, secure passwords that are very easy for you to retrieve but no one else."
top
security
passwords
firefox
extension
tools
may 2007 by ohskylab
Substitute Teacher Faces Jail Time Over Spyware - Security Fix
march 2007 by ohskylab
Absolutely insane.
security
tech
crime
march 2007 by ohskylab
O'Reilly Radar > Pros and Cons of OpenID
february 2007 by ohskylab
"What are the Pros and Cons of OpenID currently? Here's a crack at it (from the Radar Team)"
openid
authentication
privacy
security
identity
february 2007 by ohskylab
How to turn your blog in to an OpenID
december 2006 by ohskylab
"An OpenID is simply a URL. My OpenID is simonwillison.net, the address of my weblog. I can use it to sign in to any site that supports OpenID, and because I’m the only person with control over my weblog’s homepage I’m the only person who can use th
openid
authentication
identity
security
december 2006 by ohskylab
Sxipper: Sxipper
december 2006 by ohskylab
"A free Firefox plug-in, Sxipper saves you time by keeping track of all of your user IDs, passwords, and personal data." OpenID ready.
firefox
security
passwords
identity
openid
extension
december 2006 by ohskylab
Techcrunch » Blog Archive » Yahoo’s BBAuth Will Allow Better Mashups
september 2006 by ohskylab
"A mechanism for non-Yahoo applications to access Yahoo’s authentication mechanism and user data in a secure manner."
api
authentication
security
yahoo
web
mashup
september 2006 by ohskylab
OpenID: an actually distributed identity system
september 2006 by ohskylab
"OpenID is an open, decentralized, free framework for user-centric digital identity."
identity
authentication
openid
web
security
september 2006 by ohskylab
MSN Messenger encryption and security software - Encrypt and secure your MSN Messenger IM conversations or chats
september 2006 by ohskylab
"By encrypting messages before they leave your computer to the Internet, SimpLite-MSN prevents eavesdroppers from reading your MSN Messenger conversations."
security
msn
messenger
privacy
im
september 2006 by ohskylab
Why phishing catches punters | The Register
june 2006 by ohskylab
Scary. "If you haven't read Why Phishing Works (850Kb PDF) - written by Rachna Dhamija, J D Tygar, and Marti Hearst - stop what you're doing now and go get it (or at the very least, read a short summary of what it offers)."
phishing
security
web
theregister
june 2006 by ohskylab
Wired News: The Eternal Value of Privacy
may 2006 by ohskylab
The most common retort against privacy advocates -- by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures -- is this line: "If you aren't doing anything wrong, what do you have to hide?"
article
ethics
politics
privacy
liberty
security
may 2006 by ohskylab
Free condoms for your Windows install | MetaFilter
march 2006 by ohskylab
More on SVS: "Safely install software in a virtual layer".
applications
free
hacks
lifehacks
productivity
programs
security
software
testing
utility
win32
xp
microsoft
mefi
march 2006 by ohskylab
Hamachi : Stay Connected
december 2005 by ohskylab
"Organize two or more computers with an Internet connection into their own virtual network for direct secure communication. Hamachi is fast, secure and simple. It is also free."
p2p
vpn
networking
network
internet
security
software
opensource
vnc
december 2005 by ohskylab
Secure File Storage and Sharing – Strongspace.com
august 2005 by ohskylab
"A secure place to gather, store, back-up and share any type of file with your co-workers, friends and family. You can upload, download and manage your files over SFTP (Secure FTP) or with any modern web browser."
storage
backup
hosting
security
rubyonrails
basecamp
crypto
ftp
privacy
august 2005 by ohskylab
related tags
administration ⊕ anonymity ⊕ anonymous ⊕ apache ⊕ api ⊕ apple ⊕ applications ⊕ architecture ⊕ article ⊕ authentication ⊕ backup ⊕ banking ⊕ basecamp ⊕ bb ⊕ bittorrent ⊕ blogging ⊕ browser ⊕ business ⊕ cache ⊕ charliestross ⊕ checklist ⊕ code ⊕ crime ⊕ crypto ⊕ css ⊕ data ⊕ decompiler ⊕ development ⊕ dns ⊕ domains ⊕ ecommerce ⊕ eff ⊕ email ⊕ employment ⊕ encryption ⊕ ethics ⊕ extension ⊕ extensions ⊕ filesharing ⊕ firefox ⊕ firewall ⊕ firmware ⊕ forms ⊕ foursquare ⊕ fowalondon07 ⊕ free ⊕ freeware ⊕ ftp ⊕ generator ⊕ geo ⊕ geotagging ⊕ google ⊕ gps ⊕ hack ⊕ hacking ⊕ hacks ⊕ hardening ⊕ hardware ⊕ history ⊕ hosting ⊕ htaccess ⊕ http ⊕ https ⊕ identity ⊕ im ⊕ internet ⊕ iphone ⊕ javascript ⊕ keychain ⊕ leopard ⊕ liberty ⊕ library ⊕ lifehacks ⊕ linux ⊕ location ⊕ london ⊕ mac ⊕ malware ⊕ mashup ⊕ mefi ⊕ messenger ⊕ microsoft ⊕ mobile ⊕ mod_rewrite ⊕ msn ⊕ music ⊕ mysql ⊕ network ⊕ networking ⊕ nginx ⊕ nonsense ⊕ online ⊕ openid ⊕ opensource ⊕ osc ⊕ osx ⊕ p2p ⊕ palm ⊕ paper ⊕ password ⊕ passwords ⊕ penetration ⊕ performance ⊕ phishing ⊕ php ⊕ plugin ⊕ plugins ⊕ politics ⊕ privacy ⊕ productivity ⊕ programming ⊕ programs ⊕ protection ⊕ proxy ⊕ qa ⊕ recruitment ⊕ relay ⊕ reputation ⊕ rfid ⊕ rights ⊕ router ⊕ rubyonrails ⊕ scaling ⊕ scanner ⊕ search ⊕ security ⊖ seo ⊕ services ⊕ simonwillison ⊕ software ⊕ spam ⊕ spime ⊕ sql ⊕ ssh ⊕ ssl ⊕ stackoverflow ⊕ standards ⊕ storage ⊕ swf ⊕ sysadmin ⊕ tech ⊕ testing ⊕ theregister ⊕ tips ⊕ tools ⊕ top ⊕ training ⊕ trust ⊕ tunnel ⊕ uk ⊕ undercover ⊕ urls ⊕ usability ⊕ utilities ⊕ utility ⊕ utorrent ⊕ vcs ⊕ verifiedbyvisa ⊕ via:alastc ⊕ via:erhys ⊕ via:headlessness ⊕ via:paul.irish ⊕ via:scrubadub ⊕ via:thegingerbloke ⊕ via:tomtaylor ⊕ via:twoplusfour ⊕ vnc ⊕ vpn ⊕ web ⊕ web2.0 ⊕ whois ⊕ wifi ⊕ win32 ⊕ windows ⊕ wireless ⊕ wordpress ⊕ work ⊕ xp ⊕ xss ⊕ yahoo ⊕Copy this bookmark: