By @edent · journalism security xss · 150 words · read ~138 times.
The UK version of the Huffington Post was vulnerable to an XSS flaw. This allowed any malicious user to inject images, video, text, and JavaScript into the page. Although the above image show a very silly use of XSS, it could quite easily be used to craft a page to encourage journalists and readers to […]
Continue reading →By @edent · Amazon ecosystems panasonic technology · 30 comments · 1,000 words · read ~33,600 times.
One of the most popular blog posts I have written is called "I Don't Want To Be Part of Your Fucking Ecosystem". In it, I rant against service providers trying to lock their customers into a monoculture. Companies are always looking for the edge which will make them stand out - they think that restricting […]
Continue reading →By @edent · rtl unicode · 1 comment · 400 words · read ~6,489 times.
There are some very sensitive souls on the Internet who object to seeing swear words. To that end, a huge industry has sprung up around "Profanity Filters" - services which claim to be able to detect naughty words and automatically redact them. The approach of dumbly looking for strings of text leads to a range […]
Continue reading →By @edent · bugs chrome chromium firefox unicode · 350 words · read ~1,312 times.
Take a look at the following text, looks normal enough doesn't it? "Harry ".draziw a si Potter Now, try to select the text and see what happens. WHAT WITCHCRAFT IS THIS?! If you examine the source code for this page, you'll see that I'm using the Unicode Bi-Directional characters. "Harry ‮".draziw a si ‭Potter These […]
Continue reading →By @edent · google homoglyphs security seo web · 2 comments · 450 words · read ~241 times.
Search Engine Optimisation is the (dark) art of getting a site to the top of Google's ranking algorithm. If you're in the business of selling decorations for ponds, you want your shop to be right at the top of the results when people search for "bespoke synthetic frog spawn." The problem is, there are lots […]
Continue reading →By @edent · security unicode · 400 words · read ~999 times.
Homoglyphs are characters that love each other very much look strikingly similar to each other. Can you quickly tell the difference between these two - O0? That's The capital letter "o" and the number 0. How about Il1|? Depending on the font used - and your attention to detail, it may be hard to spot […]
Continue reading →By @edent · pinterest spam twitter · 250 words · read ~199 times.
I've started seeing an uptick in Twitter spam - ostensibly from my friends telling me I can make money online. The common denominator is that they all use Pinterest as a vector for spreading the spam. Looking at the accounts of people who have recently tweeted these or similar messages, shows that the majority are […]
Continue reading →By @edent · grammar HTML · 2 comments · 350 words · read ~182 times.
Imagine, just for a moment, you were a computer. Take a look at the following sentence and try to work out where and how you should hyperlink the text. He said "You should visit http://example.com/!" Obvious, isn't it? Except, of course, it's not really that simple. There could well be a file named "!" on […]
Continue reading →By @edent · social Social Media · 9 comments · 600 words · read ~624 times.
I'm turning into an old curmudgeon. Either that, or the new wave of social marketing has severely missed its intended target. Let me ask you a question, do you want to be friends with your utility company? Your phone provider? Your soft drinks manufacturer? I don't mean "follow-on-social-media" friends - I mean actual buddies. On […]
Continue reading →By @edent · appsforgood code schools yearofcode · 34 comments · 600 words · read ~70,563 times.
It's always very tricky when people who aren't educators start banging on about what should or shouldn't be taught in schools. My own school days are but a hazy memory of hormones, angst, and boring homework. Yet here I am, pontificating. With the current "fad" of encouraging children to learn to code, I thought I […]
Continue reading →