kgoess + security   75

Everything Is Broken – The Message – Medium
Once I had to step through a process to verify myself to a secretive source. I had to take a series of pictures showing my location and the date. I uploaded them, and was allowed to proceed with my interview. It turns out none of my verification had come through, because I’d failed to let the upload complete before nervously shutting down my computer. “Why did you let me through?” I asked the source. “Because only you would have been that stupid,” my source told me.
october 2018 by kgoess
Total security in a PostgreSQL database
Don't let the ordinary user account own or create anything
postgres  security 
february 2014 by kgoess
INSANE Password Restrictions
The Answer: Fixed-length database fields.
password  security 
october 2012 by kgoess
The Cross-Site Request Forgery (CSRF/XSRF) FAQ
good summary paragraph of implementation of production
CSRF  security 
november 2011 by kgoess

Copy this bookmark: