By @edent · Bug Bounty hacking oauth security twitter · 4 comments · 450 words · read ~15,967 times.
Imagine the scenario. You're trying out some cool new Twitter app. It asks you to sign in via OAuth as per usual. You look through the permissions - phew - it doesn't want to access your Direct Messages. You authorise it - whereupon it promptly leaks to the world all your sexts, inappropriate jokes, and […]
Continue reading →By @edent · podcasts · 100 words
Take a listen It is a delightful twist on the usual podcast fare. Genuinely joyous, and giggle-inducing. Definitely worth adding to your ever-growing roster of digital downloads.
Continue reading →By @edent · Open Data scotland · 650 words · read ~235 times.
Glasgow City Council has released a treasure-trove of open data. Nearly one-hundred datasets ranging from Live Traffic Information - to historic climate data. A fantastic boon for researches and open government enthusiasts. But there's a sting in the tail. The majority of the datasets are under the Open Government Licence (OGL). That's basically Creative Commons […]
Continue reading →By @edent · api Screenshots WordPress · 7 comments · 300 words · read ~3,642 times.
A few years ago, I wrote about Google's secret screenshot API - a slightly cumbersome way to take website screenshots for free. There's another service which you may find simpler to use - mShots from WordPress. Here's how it works: Take any website link: https://twitter.com/JennyVass/status/1067855777040338944 URL Encode it: https%3A%2F%2Ftwitter.com%2FJennyVass%2Fstatus%2F1067855777040338944 Add it to the end of […]
Continue reading →By @edent · gender NaBloPoMo satire tech · 600 words · read ~324 times.
There's been lots of talk recently of the dearth of women attending technical conferences. This problem is blown out of all proportion! There are many excellent reasons to attend an all-male tech event: Reduced chance of having an affair while away on business ⚤ Hetrosexuals only! Won't accidentally mistake a CEO for a cocktail waitress […]
Continue reading →By @edent · hack javascript NaBloPoMo Responsible Disclosure security sri · 12 comments · 750 words · read ~33,583 times.
A few months ago, British Airways' customers had their credit card details stolen. How was this possible? The best guess goes something like this: BA had 3rd party JS on its payment page <script src="https://example.com/whatever.js"></script> The 3rd party's site was hacked, and the JS was changed. BA's customers ran the script, which then harvested their […]
Continue reading →By @edent · alexa IoT NaBloPoMo Smart Home · 7 comments · 600 words · read ~9,269 times.
One evening, my wife turned to me in bed and said, "Winter is coming..." Well, what she actually said was "Get your frozen feet away from me, you cold-blooded monster!" The only way to save our marriage? HOOK OUR BED UP TO THE INTERNET! I couldn't find an electric blanket with IoT connectivity - so […]
Continue reading →By @edent · NaBloPoMo security sri · 2 comments · 250 words · read ~584 times.
Here's a curiosity which I found while stumbling through the Sony PlayStation store. The website loads internally hosted scripts using SRI (SubResource Integrity). Why? Does your work require you to swipe an ID card to access the building? That seems pretty normal. Does your work also remind you to keep your badge visible, and to […]
Continue reading →By @edent · NaBloPoMo ODcamp Open Data OpenBenches · 4 comments · 500 words · read ~345 times.
For the last year-and-a-bit, Liz and I have been running OpenBenches.org. An open data website dedicated to memorial benches. Here are some rough and ready numbers about how it has gone so far. 9,870 Benches At the time of writing, we're a little shy of 10,000 benches. As you can see, we have photos from […]
Continue reading →By @edent · health meta NaBloPoMo · 2 comments · 200 words · read ~221 times.
I've recently been suffering from a nasty bout of RSI. Thanks to the NHS, I know it isn't full Carpal Tunnel Syndrome, which is good. But I do need to take better care of myself. My usual kit is the MS 4000 ergonomic keyboard and an Evoluent Vertical Mouse. But recently I've been travelling a […]
Continue reading →