Interaction design • webdevelopment • web art • photography

July 2012

RT @troyhunt: Just blogged: Lessons in website security anti-patterns by Tesco

June 2012

RT @0xabad1dea: New rule: every website must disclose their password storage format on the signup page. Scared to disclose? It’s too weak.

pasting a javascript:... url in Chrome address bar strips out the "javascript:" part, for security reasons probably

March 2012

RT @erikloman: lijkt momenteel Java exploit te serveren vanuit India

RT @markloman: Dutch popular news site appears to be serving Java exploit (drive-by malware) to users of IE.

RT @codinghorror: Kon Boot: if you have physical access to the computer, passwords aren't relevant omputer-without-using-a-portal-gun/

February 2012

RT @waxylinks: The Verge's analysis on apps that upload your contact list — finally, the data journalism article that everyone wanted after the Path debacle k-what-you-need-to-know

RT @waxpancake: This week on Wired, I dig into the risks of using apps that access your Gmail: Think before you oAuth!

September 2011

RT @drogersuk: New blog: 'QR codes and security - my take' ake.html #mobile #security #qr

May 2008

Built-in Windows Command-Line Security Tools [more] [via]

February 2008

Freedom to Tinker - New $2B Dutch Transport Card is Insecure [via]

January 2007

Don Park's Daily Habit - Visual Security: 9-block IP Identification, aka 'Identicons' [via]

November 2006

The Six Dumbest Ideas in Computer Security [via]

September 2006

Avi Rubin's Blog: My day at the polls - Maryland primary '06 - on voting machine security [via]

June 2006

17 Mistakes Microsoft Made in the Xbox Security System [via]

Schneier on Security: Aligning Interest with Capability [via]

January 2006

F-Secure Weblog has lots of info on the new WMF vulnerability [related] [related]

November 2005

phil ringnalda on Bloglines cross-site-scripting security hole [via]

October 2005

A Friendly MySpace Hack [related] [via]

September 2005

Schneier on Security - a weblog covering security and security technology

May 2005

Google Web Accelerator and web app 'delete' hrefs are a dangerous combination [related] [via]