Entries tagged security in 2007
Filters: Type: entry × Year: 2007 × security × Sorted by date
Designing for a security breach
User account breaches are inevitable. We should take that in to account when designing our applications.
[... 545 words]Massive Dreamhost hack, WordPress not to blame
On mezzoblue, Dave Shea reports that someone had modified every index.php and index.html file on his site to include spam links at the bottom of the page, hidden inside a <u style="display: none;">. Dozens of other people in his comments reported the same thing happening to their sites.
Solving the OpenID phishing problem
Most of the arguments I hear against OpenID are based on mis-understandings of the specification, but there is one that can’t be ignored: OpenID is extremely vulnerable to phishing.
[... 531 words]