September 11, 2012 at 11:56 am · Filed under Security, Web Development
I did Stripe’s Capture the Flag 2.0 this year, “a security contest where you can try your hand at discovering and exploiting vulnerabilities in mock web applications”.
It was a lot of fun. Some of the levels were quite challenging and I had to figure out how to actually implement an exploit vulnerability that I’d only read about in passing before. Each level makes you both a) figure out what the vulnerability is, and b) actually exploit it. One thing that the Stripe guys did a nice job at was spreading out the challenges between PHP, browser JavaScript, node.js, Python, and Ruby, so that developers from any one language wouldn’t have an advantage.
Read the rest of this entry »
Permalink
November 8, 2006 at 3:44 pm · Filed under California, Security, Yahoo!
I just got back from another trip to the Bay Area in California, where Yahoo! generously flew me out to be a part of their Time Capsule Camp event…
Read the rest of this entry »
Permalink
November 1, 2006 at 9:50 am · Filed under Google, Security, Web Development
As a follow-up to my post noting some issues I’ve found with Google Calendar – namely what seemed to be a security hole, I was extremely pleased to see an email from Google on the matter:
Read the rest of this entry »
Permalink
October 18, 2006 at 2:34 pm · Filed under Google, Security
Update: Google responds.
Google has been doing a great job innovating lately through the integration of their products (Docs and Spreadsheets, Calendar and Gmail, etc). This integration, however, has not come without security issues arising. TechCrunch has covered several of them – but I believe I have found another… Read the rest of this entry »
Permalink
