Jeff Merlet http://jeffmerlet.com Most recent posts at Jeff Merlet posterous.com Wed, 03 Jun 2009 01:51:20 -0700 Must read and apply: "TOP 25 Most Dangerous Programming Errors" http://jeffmerlet.com/must-read-and-apply-top-25-most-dangerous-pro http://jeffmerlet.com/must-read-and-apply-top-25-most-dangerous-pro Nothing really new here, but still a good reminder for architects and development teams. And nice to see this being pushed to CS curriculums.

 Via http://www.sans.org/top25errors/#s4

Permalink | Leave a comment  »

]]> http://files.posterous.com/user_profile_pics/45865/jeffmerlet.jpg http://posterous.com/people/PV2DuyfbrP Jeff Merlet JeffMerlet Jeff Merlet Tue, 02 Jun 2009 05:27:00 -0700 Check out this handy OAuth explorer http://jeffmerlet.com/check-out-this-handy-oauth-explorer http://jeffmerlet.com/check-out-this-handy-oauth-explorer
Written by Morten Fangel, and available at sevengoslings.net.

 

Permalink | Leave a comment  »

]]> http://files.posterous.com/user_profile_pics/45865/jeffmerlet.jpg http://posterous.com/people/PV2DuyfbrP Jeff Merlet JeffMerlet Jeff Merlet Sat, 18 Apr 2009 22:43:00 -0700 Security Corner: Input Filtering http://jeffmerlet.com/security-corner-input-filtering http://jeffmerlet.com/security-corner-input-filtering
Input filtering is the method by which you validate all incoming data and prevent any invalid data from being used by your application. It's very similar in theory to how water filtering works, where impurities in water are not allowed to pass.
via shiflett.org

Old but still valid, just look at what did happens to Twitter and Digg this week! And don't forget output filtering too. And here is another good post on the subject.

Permalink | Leave a comment  »

]]> http://files.posterous.com/user_profile_pics/45865/jeffmerlet.jpg http://posterous.com/people/PV2DuyfbrP Jeff Merlet JeffMerlet Jeff Merlet