Tag Archives: security

Authenticating RESTful web applications

Posted on April 5, 2013 by Errant

I’ve been mulling over this issue for a little while; how do you secure a web application backed by a RESTful Api? The answer varies from simple to complicated. The Problem First, lets consider the full problem. The important thing we need … Continue reading →

Posted in code | Tagged code, security | Leave a comment

The truth about passwords

Posted on December 17, 2010 by Errant

So, password security is in the news again with the Gawker break in. As usual there is a lot of average advice about passwords. Here’s some tips… Choosing a good password is all about entropy. One common piece of advice … Continue reading →

Posted in opinion | Tagged advice, passwords, security | 3 Comments

Choosing a secure password

Posted on March 2, 2010 by Errant

When people find out I work in computer security they usually, at some point, ask me about how I come up with “secure passwords”. My advice (which follows) is incredibly simple – and usually gets scoffed at. “You can’t be … Continue reading →

Posted in security | Tagged passwords, security | 2 Comments

Cyberwarfare: The most dangerous kind might not even need a PC

Posted on June 30, 2009 by Errant

A fortuitous combination of reading materials this week has prompted a rather worrying thought: and the shocking things is I don’t think anyone “important” has really considered it. Digital Britain The first item on my reading list was the Digital … Continue reading →

Posted in security | Tagged cyberwarfare, opinion, security | 1 Comment

XSS: not just “their” problem

Posted on June 10, 2009 by Errant

XSS is a pain – people can inject code into a URL link to do all manner of painful things to you. But XSS is not just a worry for the site the exploit targets – it is a worry … Continue reading →

Posted in security | Tagged exploits, phishing, security, spam, websites, xss | Leave a comment

Hash man, hash!

Posted on June 19, 2008 by Errant

Some stuff at work today reminded me that I needed to write a post on hashes – and Md5 in particular. Apologies in advance for the shortness of this – I’m feeling a little under weather. A lot of people … Continue reading →

Posted in security | Tagged Cain and Abel, collisions, cracking, md5, passwords, security, sha | Leave a comment

My Degree

Posted on June 16, 2008 by Errant

Apparently I passed: which is a shock because I fully expected not to (long story). For those who are remotely interested I got a 2:2, Beng (hons) in Electronic and Embedded Systems Engineering. I’m SO glad it’s out of the … Continue reading →

Posted in life | Tagged degree, hashing, Kohana, life, me, opinion, security | Leave a comment