On Neofeudalism and the Digital Manor, Cory Doctorow compares Apple, Microsoft, Google to warlords willing to defend your digital security… unless they’re compelled to turn on you by a government power, which, it turns out, happens quite a lot. A good reminder that all that sensitive information that they’re collecting on you, can and will… Continue reading Digital manors and warlords
Usernames are a much, much harder problem than what you might think at first glance… even if you can get away with a really simple and naive implementation on a prototype, a large, global and secure service must consider lots of not-so-obvious details and possible attack vectors.
Let’s talk about usernames deals with the problem with uniqueness, homograph attacks, confusables and other security concerns that you might need to consider.
Basic Authentication it’s often used as a simple security measure or as a temporary authentication method while developing with certain APIs.
While the WordPress HTTP API doesn’t have explicit support for basic authentication, it’s still possible to use it as a header:
$request = wp_remote_post( $remote_api_endpoint, array( 'body' => array( 'foo' => 'bar' ), 'headers' => array( 'Authorization' => 'Basic '. base64_encode( $username .':'. $password ) ) ) );
Remember that if you’re sending an unencrypted request, all the headers will be sent in plain text, so you should only use it over HTTPS.
… or they should be, anyway. I think that one of the more popular excuses around for not having backups it’s “I haven’t gotten to it”; usually because you don’t have the time to try that fantastic tutorial you found for encrypted-incremental-automatic-deduplicated-control-versioned-backups on Amazon S3. The thing it’s… it’s ok if you don’t have time… Continue reading Backups are simple
That we live in the world where we aren’t sure if any given cyberattack is the work of a foreign government or a couple of guys should be scary to us all Bruce Schneier – Comments on the Sony hack Check Sony got hacked hard: what we know and what we don’t know so far… Continue reading Comments on the Sony hack