Found 21 results for your search query or tag selection.
Encrypting passwords Tags: security, webdevelopment, programming, websites.
It's so easy to bash Adobe for encrypting passwords instead of hashing them. The entire security community did, and of course they were right. Encryption is by definition reversible, so it was stupid of Adobe to encrypt passwords instead of hashing them, right? Right?
Or maybe not. As time passes and not a single password from an Adobe user has been leaked, aside from the ones solved in crossword puzzles
, I was starting to doubt our judgment.
Searching 10GB of data As A Service - lessons learned Tags: programming, webdevelopment, databases.
The day before yesterday I launched a service where you can check whether you were included in the Adobe accounts hack. I had the file, it could be grepped for stuff in about 30 seconds, and I thought "hey, others might want to do this too". And so I started coding.
My parents would be home soon and we'd go out for dinner, but I wanted it done. With the Linkedin breach someone else put up the same service so it doesn't seem to be an uncommon thing to do. Since I didn't want anyone to steal my idea before I could get it done (and my work would be wasted), I was kind of on a schedule.
Cookieless cookies Tags: webdevelopment, privacy.
I've made a little one-page project about tracking users using ETag headers instead of cookies. It's not new, but many websites employ this while nobody knows about it.
The page pretty much speaks for itself, so here it is:
What is XSS and how to protect your website Tags: webdevelopment, security, programming.
Alternative title: How do XSS attacks work and how can you exploit it.
To secure things you must know how they work, right? ;) The post mainly focuses on how it works and how to protect your website though, so let's dive right into it.
First of all, XSS means cross-site scripting. The name is a bit misleading since it isn't necessarily cross-site, it's basically just inserting scripts at places where other users will unknowingly trigger them to run.
PHP's in_array is slow - this works faster Tags: programming, webdevelopment.
I think this is best explained by example, so here's a simple script to load a file into the memory, removing duplicate lines:
$handle = fopen("myfile.txt", "r");
$lines = array();
while ($line = fgets($handle))
if (!in_array($line, $lines))
$lines = $line;
This works fine if you don't mind waiting for a minute or ten until it did all the millions of lines. If you're like me, you will probably want to make it run in under thirty seconds.