Notes from Troy Hunt’s Hack Yourself First workshop

Troy Hunt (@troyhunt, blog) had a great, very hands-on 2-day workshop about webapp security at NDC Oslo. Here are my notes. Highlights – resources Personal security and privacy https://www.entropay.com/ – a Prepaid Virtual Visa Card mailinator.com – tmp email f-secure VPN https://www.netsparker.com/ – scan a site for issues (insecure cookies, framework disclosure, SQL injection, …) (lot of $k) SiteContinue reading “Notes from Troy Hunt’s Hack Yourself First workshop”

Advertisement

Most interesting links of June ’14

Recommended Readings The emperor’s new clothes were built with Node.js – I know sadly little about Node.js but this goes against the hype and is thus interesting. So what does Node.js give us? Performance 1-5x slower than Java [like Clojure] according to the Benchmarks Game (contrary to other benchmarks with the opposite result as mentionedContinue reading “Most interesting links of June ’14”

Most interesting links of May ’14

Recommended Readings Monolith – from The Codeless Code – fables and koans for the SW engineer – the Monad monolth #Haskell #fun http2 explained (pdf, 27 pages) – cons of http 1 (huge spec / no full impl., wasteful use of TCP <=> latency [x spriting, inlining, concatenation, sharding]) => make it less latency sensitive,Continue reading “Most interesting links of May ’14”

Most interesting links of October ’13

Recommended Readings Google engineers insist 20% time is not dead—it’s just turned into 120% time – it is interesting to see how has this evolved; “I have done many engineering/coding 20% projects and other non-engineering projects, with probably 20-40% producing “real” results (which over 7 years I think has been more than worth it forContinue reading “Most interesting links of October ’13”