A Tangled Web We Weave: Modern Day Web Security

Web Security

Keeping up with the Joneses on modern day web security is a daunting task.

Most companies do not have internal security researchers. It is expected that developers should know cryptography, even though I’m sure we can all agree that we only know insomuch as to prevent attacks and vulnerabilities known to us. You’re probably as likely to have a security vulnerability in your application as you are a bug in your codebase.  I’ve been building web applications professionally for nearly a decade and just this past year I learned about flaws in commonly reused code such as timing attacks in HMAC based authentication due to the usage of string comparisons. Continue reading

Cable Television Competition Heats Up

Back in February, the FCC voted in favor of loosening cable provider’s grip on the set top box monopoly. Today, President Obama has officially backed the  FCC’s stance on the “Unlock the Box” initiative. As a cord cutter myself, I see this as a huge win for promoting technological advancement and competition in the content delivery market. Continue reading