Almost all website attacks are caused by developers failing to sanitize user input. The standard security practice for handling user input is to “whitelist” it. Whitelisting converts ANY user input into the expected data type. For example if the input you are expecting is supposed to be a zipcode you need to create a script that will only except 5 numerical digits (9 if you support the +4 zipcodes). The more defined you can make your whitelist the more secure your script will be. If the user’s input cannot be converted to the whitelisted data type, in our case 5 numerical digits, then you return an error, “invalid zipcode”. Read more »

Often times we, as developers are required to create authentication systems. When developing an authentication system it is always best to make it as secure as possible. One of the problems that arise when creating an authentication system is storing the username and password of our users. One way to store the username and password would be to simply make a column in a table called usernames and a column called password and store each user’s login credentials in plain text. Read more »

Stupid Ubuntu tricks: 5 Steps for resetting a forgotten password - I prefer to use a live cd and use this method but I had a friend that forget his Ubuntu username password the other day and he didn’t have a live CD. This article came in handy.

The Anti-Virus Test File - I have known about this for awhile but is worthing checking out if you haven’t tried it. It’s basically a file that most/all anti-virus programs should pick up. It’s good for testing and seeing if you can get files past your anti-virus program. Read more »

Recently I was writing a script and ran into a problem. I needed to compare a set of numbers and find the lowest one. Now, at first I thought that I could compare each one with if statements but I knew there had to be a better way (there always is). If you have 1000 numbers you would never be able to write all that code to work efficiently. Read more »

Well, today I received my Paypal SecurityKey. I have been really excited to try this device and I have been anxiously waiting for its arrival. Today I finally received it and overall I really like it and I am glad I got it. The key came a little faster than they said it would, but I was so excited to try it out that it seemed like a life time. When it finally came I was ready to try it. Read more »

If you have a custom shopping cart and you want to calculate actual shipping rates from USPS this is the post for you. After giving up searching the internet for PHP scripts or examples of implementing USPS rates I decided to create my own. I hope that by the end of this post you will have an understanding of the process and you can begin implementing USPS rates in your own website. Read more »

1. Everything in Linux is a file, even your hard drives. (dev/hda1) No c:/ stuff. Linux is based on a directory system which is all contained in ‘/‘, aka root.

The ’slash’ is very important, for example, /mnt will start at / and look for mnt. If you type mnt/file it will look in the current directory that you are in for the folder ‘mnt’ and the file ‘file’. This was very confusing for someone that isn’t used to typing paths into the command line. Windows users are used to typing c:/ for the root directory so they may forget that / is the top level. Read more »

Hackers try to cause seizures on epilepsy site - Wow… just, wow… Computer security may now be life threatening. This is a very scary.

Compiz Fusion Truly Spherical Desktop View Arrives! - Another cool effect is released for Compiz. This one is kinda cool.

The heron has landed: a review of Ubuntu 8.04 - A nice review on the latest version of Ubuntu. Read more »