When you’re validating data – either client- or serverside – there are basically two strategies you can choose between. You can either blacklist data or white list data. Blacklisting seems to be the most popular way to validate data, but white listing is so much better. Here’s a brief description of the two strategies and why the white listing is better.
Continue reading Validation: black or white list
A new group has appeared on the net – the PHP Security Consortium (PHPSC). It is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Nice. While many PHP developers make sites people are supposed to use and enjoy, few as actual education and experience in how to make secure applications and websites.
Through projects and articles, they’ll try to educate PHP developers.
A man and his sister, who sent unsolicited junk email to millions of America Online customers, have been convicted in the first felony prosecution of distributors of spam in the US.
Finally, the US is beginning to put spammers behind bars, thank you.
Now usually spam is evil, annoying and a bloody pain. It does however have rare moments of actual usefulness. On an average day my mailbox seems to be stormed by more than two hundred spam mails from just about every where on the planet. Thanks to server-side filters combined with mozillas learning filters, they all seem to disappear into a consolidated spambox. I can check the box (too look for any false positives), and if the box hasn’t gotten any new mail for more than an hour, something is most likely wrong in my mail setup.
Microsoft Office has gotten a lot of nice and helpful features in the latest version. One of the nice features is virtually unlimited undo capabilities. Unfortunately this feature can also leave some tracks for recipients of your documents – a new tool from Microsoft lets you clean your office documents before further distribution.
Continue reading Office: remove hidden data