Posts in category internet - page 4

Apology for the odd theme and sluggish speed

I’ve switched to a lightweight theme (300KB less per initial hit) whilst we are overloaded with requests from the excellent Daring Fireball regarding the font rendering philosophies post.

I’ve tried moving some images off site but it’s just typical this happens the week before I move to proper hosting. My poor home DSL line is melting!


Things have calmed down and through a combination of moving images off-site, switching theme and enabling GZip compression for .js and .css the site has survived despite being overloaded at times through lack of bandwidth (CPU and RAM were just fine)

I’ll leave the theme as it is for now in case we get a second wave – the hits appear to come in waves as different time-zones hit different parts of their wake-up, get-to-work and get-home cycles.

The 60 day old post has now had 20,000 hits – about 19,500 of them within the last 24 hours. Slicing and dicing the stats in SQL reveal that my blog has been running for 977 days, consists of 263 blog posts averaging one post every 3.5 days. It has received 1239,51 hits in that time, a sixth of which were in the last 24 hours.

It’s amazing for so many people to read something I have written but as analytics is already pointing out fame is fleeting.

Here’s hoping a few of them decided to add me to their news reader :)


Web Application Security for Developers presentation

Last nights Guernsey Software Developers Forum meeting was sparsely attended with a number of the regulars attendees absent. There were however two new faces including Kezzer who I’d been chatting to on-line for years.

Hopefully the low numbers were down to the seasonal summer holidays and the subsequent knock-on effect that we couldn’t get email out to the BCS Guernsey division to gather sufficient awareness.

I did a short presentation on Web Application Security for Developers that covered HTML injection, SQL injection and cross-site scripting including some live demonstrations on sample code. Slides and sample are available although without audio or screen cast of the demonstrations until I work out how to do that with Keynote.


I’ve come to the conclusion that putting presentations together takes me around 1 hour of preparation to 1 minute of presentation…


Google Apps Premier Edition announced

I’ve been a user of Google Apps for your domain for some time – primarily to let me use the great Gmail interface for my own mail domains (thanks to the domain alias feature they introduced last month).

Logging into my mailbox this morning I was surprised to find that my account is now considered a Standard Edition but that a Premier Edition is available too.

For $50 USD per year per account you get:

  • 10gb of email storage (vs 2gb normally)
  • AdSense can be switched off
  • Calendar sharing
  • API to integrate with existing infrastructure (single sign on, user management etc).
  • Migration tools (limited right now)
  • 24×7 assistance and telephone support

You can upgrade right now for a free trial on your existing account however you’ll have to provide a credit card number that will be billed come April 30th if you haven’t canceled by then.

Google have also rolled Spreadsheets, Documents and Document management into the Apps services for everybody and now include a rolling 90-day graph of user activity on the dashboard.

Now where’s the pop mail collection facility that hit the non-app/domain version of Gmail a couple of weeks ago…


Remote denial of present (DoP) attack via Amazon wishlist

I placed eleven items this year into my Amazon wish-list for my family and girlfriend to pick from and all were quickly purchased.

A few days later my mother asks if I can put some items to buy because after purchasing one or two the others have now gone.

My brothers don’t have debit cards, my sisters have limited net access my girlfriend claims she hasn’t brought them and nobody else knows about it.

Either I’ve got a secret Santa fulfilling my every Amazon wish or… somebody is executing a remote denial of present attack upon my Christmas!

How it works is simple.

  1. Find the Amazon wish-list of the target
  2. Buy items from the wish-list but ship to your own address
  3. Enjoy the items yourself
  4. Rejoice in knowing the target is deprived of the item now that Amazon believes he will get it

It’s pretty evil.

The only way I can see that Amazon would be able to prevent this attack is to either let you pre-select other Amazon accounts that are able to use your wish-list or to be able to see who brought what.

Ho-ho hum,