This lunchtime, I did something I’ll probably later regret: creating a new project. As if I don’t have enough on my plate already. The idea has been rattling around my head for a while – I use Eclipse nearly all day, and I figured that Eclipse is a great toolchain hosting platform. It gets rid…
Author: vanderaj
Black Hat 2008
Well, I’m back from another year at Black Hat. This time, I taught one of my company’s 2D Web Application Security courses. I think I may have been one of the very few courses that concentrated on defense, which is Black Hat’s tongue in cheek slogan (“Digital Self Defense”). I taught the folks in there…
Had the snip
Well, I’ve had the snip, which apparently is surprising to most of the folks who know us. Both Tanya and I are pretty darn clucky. We want more kids. But there’s this huge issue we can’t get past – Tanya’s health is just not going to get any better any time soon. Her arthritis is…
OWASP Guide 3.0 and Coding Guide 2009 Start
I’ve been busy over the weekend. I met with Blake Turrentine at a diner near where I live. We had a good long discussion over breakfast on the future of the Guide 3.0. The Guide 3.0 will be about how to design apps and code securely. That’s it. Only positive controls will be discussed unless…
Best. Daughter. Ever.
We took Mackenzie to the pediatricians today. She did real well – even the vaccinations she only screamed for a few minutes. Here’s a few very recent photos for you! The first image is her sitting. By herself. At 3 and 3/4 months. The second image is her out on the porch wearing her snazzy…
Feelings of Rejection
In other news, all my talks for OSCON were rejected again. Why did I bother? I should have paid attention my last year’s rant. Most likely, I will have to give up on submitting papers to certain open source developer’s conferences as honestly, why bother doing the work of doing the research, creating the paper…
Colorado Springs
I’m currently in Colorado Springs doing some training for a customer. The flight in was long – nearly 12 hours all up from the east coast, all told including delays and running to make my little rubber band plane connection. It takes only another 15 hours to make it to Australia. The puddle jumper was…
HttpOnly Update
Jim asked a great question – what is the current state of the nation for HttpOnly? I’m glad he asked! Pass – read/write cookie protection IE 7.0 Firefox >= 2.0.0.5 Firefox 3.0 beta Camino 1.5.4 Barely Pass – read only cookie protection IE 6.0 Opera 9.50 beta Fail – no cookie protection Safari 3.1 Firefox…
ESAPI for PHP is go
I’m working (slowly) on porting ESAPI to PHP. This will be great! So just in case I keep on having a life after hours, Jeff kindly created an ESAPI for PHP project. If you care about PHP security, come help us finish the port. It’s only 3900 lines of code, and I’ve ported like a 1000 of them already. …
Results not typical: Evidence based weight loss
I am a bit of a science freak. I play experiments with myself to see which things work, and get rid of things that don’t. For example, since becoming diabetic I’ve tested the following things: The effect on my favorite breakfasts on my post meal blood sugar level. It turns out that I can only have…