Forgot your password?
typodupeerror

Comment: Nothing new (Score 5, Insightful) 275

by Urd.Yggdrasil (#44090361) Attached to: The Security Risks of HTML5 Development
Half the web developers out there can't even prevent simple cross site scripting let alone the dozens of other common threats that exist in web development. As with adding any other new development feature, it's just giving people who don't know any better more ammunition to shoot themselves in the foot with. There needs to be more focus on educating developers on security instead of trying to cram every new buzzword tech they can into their application.

Comment: Re:It's a good start, but... (Score 3, Insightful) 176

by Urd.Yggdrasil (#42904903) Attached to: IE Standardization Fading Fast
Shockwave hasn't been used much for a quite a while, unless you are referring to flash (but hopefully html video will kill that eventuall). Javascript on the other hand is going to be around for quite a while, what we are more likely to see will be things like signed javascript or some other security mechanism like that added to it.

Comment: Can't be dodged by the lay man (Score 1) 173

by Urd.Yggdrasil (#36933766) Attached to: Researchers Expose Tracking Service That Can't Be Dodged
Taking a quick look at the JavaScript they use there doesn't appear to be anything particularly unusual going on such as browser fingerprinting, or even as encompassing as evercookie which can be easily defeated using built in browser options. The only thing that seems different about it is that it attempts to use more storage techniques than other tracking services, browser local storage , e-tag tracking, and ie userdata storage in addition to the common browser and flash cookies. To say that it "can't be dodged", while possibly true for the average user, doesn't hold for anyone who knows how to configure their browser for greater privacy.

Comment: Re:No thanks (Score 1) 450

by Urd.Yggdrasil (#34090540) Attached to: Fighting Ad Blockers With Captcha Ads
With no flash or javascript you get a gif version, just by taking the first frame and putting it into even a free ocr application it was able to get the letters for the captcha. This is nothing more than more advertising hocus pocus, as a captcha its pretty much worthless. http://imgur.com/5GfsU.jpg http://www.free-ocr.com/

Comment: Just give your kids a famous name (Score 3, Insightful) 706

I have the same name as a Canadian hockey player, though unintentionally, and virtually every result for my name on Google is for him. If your name is common enough and you practice information control over yourself you can almost completely avoid being in Google's system. The real problem is that youths are willing to give out vast amounts of personal information, partially because they don't realize the value of such information and partially because they are stupid kids.

Comment: Re:I'll hold out (Score 1) 232

by Urd.Yggdrasil (#31353738) Attached to: Privacy With a 4096 Bit RSA Key — Offline, On Paper
Are you sure you aren't confusing symmetric and asymmetric crypto keys? I don't think 128 bit has ever been considered unbreakable for asymmetric keys, 1024-2048 has been the standard for asymmetric since I have known about it. For symmetric, 128 bit is still considered secure and is still the standard for AES, although many applications are moving to 256 bit.

"No, no, I don't mind being called the smartest man in the world. I just wish it wasn't this one." -- Adrian Veidt/Ozymandias, WATCHMEN

Working...