The “data” URL
Most everyone is familiar with the “http” and “https” URLs. Maybe you’ve heard about “ftp” and “file”, too, but few know about the “data” URL. The “data” URL provides a way to include small data items directly into HTML and CSS documents. The idea is that small images, for example, could be included in a […]
Three More Keys to Successful Learning: Taking a Class and Continuing to Learn.
A google search for how to take a class results in over 1.5 billion results. That’s a lot of advice, and to be fair, some is very specific, including how to take online high school classes.After my recent post about techniques for getting more from online courses, I found that some readers wanted to learn […]
Data Theft Via the Cloud: You Don’t Need Flash Drives Any More
News stories worldwide have related stories of individuals illicitly copying data from governments and private organizations. Sometimes that’s called data theft, but the term data exfiltration is more accurate. There are other exfiltration vectors, and all are threats to confidentiality. Most of the stories I have read about data exfiltration (of stored data) involve some […]
Leaving Your Mark: Thermal Signatures of Passwords Left on Keyboards
We leave evidence of where we’ve been and what we’ve done all over the place. From footprints to DNA, we seldom act without a trace. Our keyboards are no exception. I’m not talking just about fingerprints, DNA, food particles, or skin oils. I’m talking about heat. I saw a movie or maybe a television show […]
Defense in Depth: It’s for Programmers, Too!
“But, we took care of that before, didn’t we?” asked a participant in a web application security course I taught recently. It was a good, logical question. We were discussing “SQL injection” a process where an attacker enters database commands into a website field – in, say a forum or comment section – that could […]