Episode 117: XDK, security headers and a bit more

Intel’s XDK cross platform mobile development: http://xdk-software.intel.com

Try out ElasticSearch in a ‘fiddle-like’ environment: https://www.found.no/play/

NightwatchJS browser test: http://nightwatchjs.org

Security headers you should know about: http://ibuildings.nl/blog/2013/03/4-http-security-headers-you-should-always-be-using

Play

Episode 114: Netbeans 7.4, Fontello, and Timing Attacks

Netbeans 7.4 is out.

  • HTML5 development for Android and iOS devices
  • HTML5 development in Java EE and PHP applications
  • Editing support for Knockout and AngularJS frameworks

fontello – icon fonts generator

effekt.css

timing attacks via html5

Play

Episode 108: New Ruby, Regex and my Framework Security Rant(tm)

Ruby 2 was just released, and the new ‘refinements’ feature presents some interesting challenges for JRuby and just about anyone wanting to read Ruby code.  Brief chat about the regex security affecting Rails back in January, but more broadly speaking, what does this say about regex in general?  Should we embrace it, or find better alternatives?  Finally, I’ve got a new blog post up about web framework security – why do (almost) no web frameworks ship with security baked-in?

Links:

http://michaelkimsal.com/blog/why-do-no-almost-no-web-frameworks-come-with-any-authenticationauthorization-functionality/

Ruby stuff:

http://www.ruby-lang.org/en/news/2013/02/24/ruby-2-0-0-p0-is-released/

http://news.ycombinator.com/item?id=5273498

Malloc stuff:

http://www.reddit.com/r/programming/comments/18zija/github_got_30_better_performance_using_tcmalloc/

 

Play

Episode 82: Various security topics

Some musings on recent security exploits with ASP.NET, Twitter, Diaspora and more.

File Download (25:44 min / 18 MB)

Play