Simon Willison’s Weblog

11 items tagged “hacking”

What is the best resource for someone who is non-technical to learn about computer programming/creating software?

Learn to program. You don’t need to learn programming to the standard where you could work professionally as a software engineer, but having enough programming knowledge to write some simple programs and automate some simple tasks will make you enormously more capable when it comes to working with programmers—or in business life in general.

[... 135 words]

What steps can I take to protect my data in case my laptop gets stolen?

Set up full drive encryption—that way if someone steals your laptop they won’t be able to access your data without a password.

[... 95 words]

Hackers: Who is a good speaker or author on hacktivism and/or the recent events of leaking confidential information?

Danny O’Brien comes to mind. He’s worked for the EFF and the Committee to Protect Journalists, is fully immersed in hacker culture and is a fantastic speaker:

[... 53 words]

How are websites hacked to have their content defaced? How can I prevent such attacks on my website?

There are countless ways in which a website could be defaced—way too many for a single Quora answer!

[... 266 words]

What are the best practices to avoid XSS and SQL Injections attacks (platform agnostic)?

Input validation is, in my opinion, a red herring. Sure—if you ask the user for an integer or date you should make sure they entered one before attempting to save it anywhere or use it for processing, but injection attacks often involve text fields (e.g. names, or comments posted on Quora) and validating those on input is a recipe for banning “Tim O’Reilly” from ever creating a proper profile on your site!

[... 316 words]

What are some things that most hackers used to do themselves but now use other people’s software to do?

Renting co-located servers. These days, most people just use virtual machines for their own personal projects.

[... 41 words]

Developing for the Apple iPhone using Flash. A brilliant feat of engineering: Adobe worked around Apple’s “no runtime allowed” rules by writing a compiler front end for LLVM that compiles ActionScript 3 to ARM assembly code, and apparently ported the regular Flash drawing APIs as well. # 5th October 2009, 9:15 pm

Weak Password Brings “Happiness” to Twitter Hacker. The full story on the Twitter admin account hack. I bet there are a LOT of web applications out there that don’t track and rate-limit failed password attempts. # 7th January 2009, 12:04 pm

The Palin hack didn’t require any real skill. Instead, the hacker simply reset Palin’s password using her birthdate, ZIP code and information about where she met her spouse—the security question on her Yahoo account, which was answered (Wasilla High) by a simple Google search.

Kim Zetter, Wired # 18th September 2008, 10:23 pm

Brad Neuberg’s Personal Research Agenda. Inspiring; lots of interesting problems to solve. I also liked the idea of moving to Thailand during a tech downturn and hacking on interesting projects while spending $200/month on living costs. # 23rd August 2007, 1:40 am

If you found a hole in software that millions of people use, and is very high profile, you can sell that to the highest bidder for perhaps one or two million dollars.

Jacques Erasmus # 4th February 2007, 7:06 pm