Category: Security

Adding SameSite Cookie Attribute to PHP

For a while now, the SameSite attribute has been used on cookies to define how cookies should be handled across various domains. You can find descriptions that are much better than I’m going to give you. For folks who are on PHP prior to version 7.3 (either due to that being what is current for […]

Misstep 13: Coke Kills

Unlocked Coke Machine

First of all, I want to state that this issue was reported to a facility representative. I was recently back in California again, and I had some laundry I had to take care of at the hotel (more on this next week). Laundry, being the mindless task it is, gave me some time to watch […]

Misstep 12: Conned Beef Hash

Before I built my forum site in 2006, I was authoring Windows applications, and before that, DOS applications as far back as 1992. I was a young kid back then, my first program being a QBASIC program that spit out ASCII art of a box of crayons, for example. I greatly annoyed my siblings by […]

Primer 1: The HTTPS Padlock

This primer series is meant to be a less technical discussion around modern security tools and techniques. This may not match the otherwise technical nature of this site. Internet in a Nutshell A very long time ago, computers only transferred text to one another. There were no pictures or links, and the text they did […]

Misstep 11: To Read This, Pay -$5

Before you run away, there’s no paywall here. I’m not an awful news company unfamiliar with AdBlock afterall šŸ˜‰ This is the third post in a series that, honestly, details how I should have never became a developer. Read the others if you want to see how I’ve screwed up, and learned, from bad design […]

Misstep 10: The CAPTCHA That Couldn’t

Everybody of any technical ability is familiar with CAPTCHAs, where you enter impossibly squiggly words into a box, just to find out it was case-sensitive and that the “q” was actually a “g”. Or, where you select traffic signals, palm trees, or cars. We’re all just training Google’s AI in the end. Well, I understood […]

Misstep 9: Trial by Fire, the Perfect Storm that Created Me

Welcome to the second misstep of 2020… A series of hindsight. Back in late 2006, I started a small forum site where I learned that building desktop applications != hosting web applications that other people use. The former may be breakable, but it won’t hurt myself or other people. The latter can devastate a business […]

Misstep 8: How I Was Almost Hacked

Very many moons ago (ca. 2008 or so), I built an online image resizer. This was before HTML5 Canvas, so I leveraged PHP and GD Library to handle the resize. Nothing too special really, but I looking to learn image manipulation and provide a tool for people to use when they use forums. Recently, I […]

Misstep 7: Knoxoff KnoxBox

Alright, after this post, I’m taking the rest of the year off! I’ve talked about this one before in Lockboxes and Key Space Exhaustion, and I’ve seen this guarding both a bagel/coffee shop out in LA, a restricted-use boat launch, and this dollar store back home. This photo shows the one by my place that […]