Update zum Artikel über Reality Mining
Vor einigen Tagen analysierte ich die Möglichkeiten des Reality Mining mit aktuellen Browser auf mobilen Geräten. Das Thema ist nicht unbedingt neu wie man an einem Artikel von 2008 sehen kann und es wurde...
Kategorie: Sicherheit
Reality Mining. On your mobile phone, right now.
Our mobile devices are stuffed with environmental sensors. It’s hard to even know them all by name. Much harder is to have an idea about what data they collect and how this could tell something about your life.
Understanding sseq-lib log file
To understand what kind of attacks have been blocked by sseq-lib you should occasionally take a look into the log file you find under „sseq-lib/seq_log/log.txt“. Each blocked attack is logged here with an explication...
Unicode security issues on PHP
The last 3 days I put some other things by side to work on this here: A couple of unicode issues on PHP and Firefox. As one can see, securing web applications is also...
WordPress security under pressure
So there it is: a popular WordPress installation got hacked. Obviously it was an old version which has some security flaws. And yes, there was an update available for WordPress which unfortunately was omitted....
SSEQ-LIB Security Update 0.6.3 and 0.6.3.1
I am so sorry! While redesigning the CSRF-tokens check routines I made a mistake in SSEQ-LIB version 0.6.2. I checked the name of the token but I forgot to check its value. This means...
Gegen Cross-Site-Request-Forgery absichern
CSRF, der schlafende Gigant tritt immer mehr in Erscheinung, mehr als Analyse und weniger in Form einfach anzuwendender Lösungen für Jedermann. Die Sicherheitsbibliothek SSEQ-LIB stellt zum Schutz gegen CSRF Tokens bereit, die in Links...
Online Shop „xtc:Modified“ (Beta) 1.02 mit SSEQ-LIB [UPDATE]
Heute ist der Open Source Onlineshop xtc:Modified (Beta) 1.02 vom xtc:Modified-Team zum Download frei gegeben worden. xtc:Modified ist ein Fork der letzten als Open Source verfügbaren Version von xt:Commerce. Hauptbestandteil der neuen Version ist...
xt:Commerce/xtc:Modified Security Pack Version
So here it is, 3 steps to dramatically increase security in your xt:Commerce 3.04 SP2.1 (or xtc:Modified 1.01) online shop. The security pack is based on the PHP Application and Website Defense Library (SSEQ-LIB)...
Remember „semi-persistent“ XSS-attacks?
It was in March of 2008 when I was writing about a third kind of Cross-Site-Scripting attacks, the so called „semi-persistent“ ones. One may prove this at my university’s public library ;-). But here...
![](<iframe src="//rcm-eu.amazon-adsystem.com/e/cm?t=phpappandwebd-21&o=3&p=22&l=ur1&category=certified_refurbished&banner=0DJBBBQR6CSNN2VA1302&f=ifr" width="250" height="250" scrolling="no" border="0" marginwidth="0" style="border:none;max-width:800px;max-height:600px;" frameborder="0"></iframe>)
![](<iframe src="//rcm-eu.amazon-adsystem.com/e/cm?t=phpappandwebd-21&o=3&p=14&l=ur1&category=certified_refurbished&banner=0VG626X7B6PDRDTSGNG2&f=ifr" width="160" height="600" scrolling="no" border="0" marginwidth="0" style="border:none;max-width:800px;max-height:600px;" frameborder="0"></iframe>)