Tag Archives: Security

Chrome Extension Header Talk

I’ve been following a conversation on the chromium-dev mailing list about adding some HTTP headers so that servers can shape traffic and “control DDoS attacks”. From what I can understand the general idea is to either send a new X-Chrome-Extension header with some token that identifies that the HTTP request has came from the extension

August 4, 2010 – 7:24 pm | By Kristopher Ives | Posted in General, Linux | Tagged , , , | Comments (0)

Better HTML Form Cryptography

Everytime we submit a form over HTTP or HTTPS with our password, we present an opportunity for a man-in-the-middle to perform some voodoo and decipher our passwords. With SSL in shambles, and HTML Form “encryption” a complete obfuscatory waste of time, most of us turn to JavaScript to perform client-side authentication. I think authentication is pretty important, but

November 11, 2009 – 5:11 am | By Kristopher Ives | Posted in General, HTML/CSS | Tagged , | Comments (0)

Should HTML 5 have better security?

With all the talk of HTML 5 around the corner, I’ve been thinking of how passwords are sent over HTTP. Let’s not forget that SSL is pretty much busted now that anyone can sign a certificate. If you wanted to avoid your passwords being stolen while someone monitors your connection, a site has to have

August 8, 2009 – 6:53 am | By Kristopher Ives | Posted in General, HTML/CSS | Tagged , | Comments (0)