Being slightly obsessed with security, I was delighted to discover that two factor-authentication (OTP) using Google Authenticator client is not restricted to Google applications, but is fully standardized and as such can be implemented without dependency on Google services on any system. There is code (off course varying in quality and scope) available for PHP, … Read more
As I did a year ago for 2011, here I am looking in the mirror at my 2012 numbers and 2013 goals: This blog: 130 blogposts (78 “real” posts and 52 aggregated lifestream-events) 109285 pageviews, the most popular individual article being 5 tips to tackle the problem with iframes (8622 views). Off all new 2012 blogposts, Fix … Read more
It’s been almost a year since I volunteered to give my readers my Google password, after enabling 2-step verification that is. I ended the blogpost on that topic with And now off to Facebook security settings, to enable login notifications & approvals. And although I did activate “login notifications” at that point, I did not … Read more
Straight from WP DoNotTrack’s page on wordpress.org: WP DoNotTrack stops plugins and themes from adding 3rd party tracking code and cookies to your blog to protect both your visitor’s privacy, your own security (in the admin-pages) and offering performance gains (limiting requests executed in the browser to render your pages). This plugin can be useful … Read more
WP DoNotTrack user Marco Donati asked why the plugin did not stop Quantcast from being included in the WordPress admin pages. After some research (with the kind assistance of Marco), I discovered not one but two problems; WP DoNotTrack relies on “output buffering” in WordPress to filter/ modify the HTML when in “Forced (default)” or … Read more
frank shared HTTPS Everywhere 3.0 Secures the Web for Firefox, Chrome Users. HTTPS Everywhere 3.0 Secures the Web for Firefox, Chrome Users frank posted Phishing and malware protection arrives on mobile devicesGarf’s blog. frank posted Firefox 16 Withdrawn as Mozilla Finds Security Flaw. frank posted Firefox for Android Beta Is Now Available for Download and … Read more
Earlier this year I configured this here little blog to offload static resources to MaxCDN. I made some mistakes in the process, which I documented in a blogpost that has been in my drafts for too long. So here’s the gist; Etags misconfiguration: Problem: By default Apache uses the file’s inode to calculate the Etag, … Read more
frank shared Firefox’s New ‘IonMonkey’ Speeds Up JavaScript. Firefox’s New ‘IonMonkey’ Speeds Up JavaScript frank liked 2 videos. frank published CSP: doing unsafe-inline the Firefox-way. frank posted Google Chrome Finally Jumps on the ‘Do Not Track’ Bandwagon. frank posted Internet Explorer Could Have a Huge Security Hole.
A couple of weeks ago I sobbed because of the lack of support for “unsafe-inline” in Firefox. There’s some Mozillians working on that (for CSS, at least), but given the release-train, that’ll probably only appear around Firefox 19. While perusing CSP-related tickets in Bugzilla however, I came across an interesting comment: Firefox expects “options inline-script … Read more
frank published Quick hack: making Journalist slightly more responsive. frank published My iFrame usability-gaffe (dommigheid met iFrames). frank posted Fastest-Growing. frank liked John Coltrane – Naima – 1965. frank posted Apple, Google In Secret Talks To End The Patent Wars [REPORT]. frank posted Aurora 17 it out, bringing better security and support for new standards. … Read more