Device Security
·
How much control are we really giving up to anonymous developers with access to an update hook? How secure are our machines?
security
-
-
Physical Security
·
All of the encryption software in the world is meaningless if you fail to practice a couple of simple habits regarding physical security.
-
Self-Hosted VPN
·
I’m a stickler for security, so how can I in good conscience connect to a network I don’t trust?
-
Surprising Search Results
·
I found out that my top referrer so far this week is the search result page for “decrypt wordpress password hash online.” What’s going on?
-
Remote and Secure
·
A “virtual private network” is a way to keep your data secure, whether your on a dedicated 4G tether or connected to Starbuck’s free wireless. Traffic from your machine is encrypted at the machine, sent to a remote (trusted) server, decrypted, and proxied to the real network target.
-
WordPress and Password Hashing
·
WordPress’ password creation/verification system is pluggable (meaning you can replace it with your own implementation). Before you do so, though, you should understand what’s already implemented and why.
-
Responsible Disclosure
·
For all the damage Heartbleed did on its own, disclosing the issue the way it was did far more good than harm.
-
Why Showing The WordPress Username Is A Security Risk
·
There have been a handful of discussions lately surrounding WordPress and usernames – particularly whether or not exposing usernames is a security risk. The consensus appears to be “no.” I beg to differ.
-
Democratizing SSL Certificates
·
I have an easier time trusting individuals and corporations I personally know than large companies with whom my only relationship is as a certificate vendor. I’m also a huge proponent of democratizing both publishing on the Internet and the Internet itself.
-
Proper Code Styling
·
I look at a lot of code. In my job, recreationally on weekends. Everywhere I see people using a specific coding style and, upon pushback, defend it in the sake of brevity. I’m talking about braceless one-line conditionals.