15 Posts tagged with security
SSL-enabled Name-based Apache Virtual Hosts with mod_gnutls
The way things could be, if OpenSSL, Apache, and all modern browsers (I'm looking at you, Safari) supported Server Name Indication (SNI).
md5.rednoize.com - reverse engineer md5 hashes
Huge database of md5 hashes. Useful for all sorts of nefarious purposes.
Ruby on Rails: Safely exposing your app to a ruby Sandbox
Executing user-submitted ruby code in a Sandbox. This has some crazy possibilities.
Revision 526: /rails/plugins/branches/stable/htpasswd
This plugin allows controllers to use HTTP Basic and Digest access authentication.
QuarkRuby: Ruby on Rails Security Guide
Good guide for a due diligence security review on any public rails app.
Active Reload—Your requests are safe with us
Nice rundown of preventing CSRF attacks in Rails apps
WordPress › Blog » WordPress 2.1.1 dangerous, Upgrade to 2.1.2
And they *still* don't provide an MD5 checksum of the latest download.
white list
This White Listing helper will html encode all tags and strip all attributes that aren’t specifically allowed. It also strips href/src tags with invalid protocols, like javascript: especially. It does its best to counter any tricks that hackers may use,
Ryan's Scraps: What's New in Edge Rails: Cookie Based Sessions are the New Default
New Rails SessionStore - cookies, with SHA512 encrypted. Interesting
Tales of Being TJ » Blog Archive » What did I learn from the MOAB? Not much
...if one of the goals of MOAB was to get average users realize there are a lot of security problems with OS X… well, I came away feeling more like “They couldn’t even find enough to fill a month.�
Boston Police Embarass Themselves: Shut down highways over LED Mooninite Ads
"It's almost too easy to be a terrorist these days," said Jennifer Mason, 26. "You stick a box on a corner and you can shut down a city."