Simon Willison’s Weblog

Subscribe

Thursday, 11th January 2007

Firefox3/Firefox Requirements (via) OpenID and CardSpace are both listed as mandatory features. # 6:56 pm

The Adobe PDF XSS Vulnerability. If you host a PDF file anywhere on your site, you’re vulnerable to an XSS attack due to a bug in Acrobat Reader versions below 8. The fix is to serve PDFs as application/octet-stream to avoid them being displayed inline. # 4:23 pm

OpenID Speech at Webtuesday Zurich. Good set of slides, along with the tidbit that local.ch (which had slippy maps years before Google) is implementing OpenID. # 3:27 pm

Choosing Secure Passwords. Bruce Schneier describes the state of the art in password cracking software. # 2:55 pm

Ubuntu sugar cookies (via) Different coloured dough is used to bake the Ubuntu logo in to the cookies themselves, kind of like making sushi rolls. # 2:49 pm