came across this little gem:
Renowned security researcher Dan Kaminsky today went public with the launch of a new venture as well as its first deliverable -- a tool for application developers that helps prevent pervasive string injection-type attacks, such as SQL injection and cross-site scripting (XSS).
Sirens will be up for the time being however I may turn them off from time to time to move things around and get ready for the new launch of roothack.org. As always, stay tuned.
The Sirens will be down for the weekend as eps and I do some much needed work on the API. :)
Every programmer forum gets a steady stream of novice questions about numbers not 'adding up.' Apart from repetitive explanations, SOP is to link to a paper by David Goldberg which, while very thorough, is not very accessible for novices. To alleviate this, The Floating-Point Guide, is a floating-point equivalent to Joel Spolsky's excellent introduction to Unicode.
It’s no secret that Web applications represent a big IT security risk for enterprises and other businesses these days. But what should technology professionals be watching out for when it comes to threats? This week the Open Web Application Security Project (OWASP) released its list of Top 10 Most Critical Web Application Security Risks, along with its recommendations for both tactical and strategic responses for the best defense.