From time to time, I’ve been asked to make a list of my design ideas, or to develop a better proposal for an idea I have. This really irritated me: didn’t he believe me? Didn’t he trust my ideas? But in the constant battle to become a better businessman, I’ve taken a bit of time to think about why this happens. He’s not out to get me, right? Yours isn’t either. Lets take a look... (more…)

Just saw this really cool example get submitted on one of my websites testing for CSRF: (more…)

I thought I’d take some time to look at the 3 main ways that I’ve handled forgotten passwords on my websites, why I did them that way, and if there was anything wrong. (more…)

After reviewing the Google Javascript API project, I am torn. Pro’s and cons below… What do YOU think? (more…)

I remember a while ago hearing about a few theoretical collisions of the MD5 algorithm, but I thought nothing of them. Now, as more information emerges, Microsoft is issuing advisories, and people are proving more and more collisions with example code, and even md5 is out of vista, I figure its time to remind everyone not to use MD5. (more…)

After many times of coding relatively the same thing, it becomes prudent to have a standard library for certain sets of processes. Of course - that is why there are things like frameworks! At any rate, one of the biggest things I run into is password complexity. Each website has its own requirement for the security they want to implement. So, let’s talk about the requirements and then look at the code: (more…)

I really hate to see people accessing and designing objects with public attributes. So many times I’ve seen this backfire. Lets take a few examples and see why this matters: (more…)

While communicating with other coworkers, they generally just give me a trac ticket # and not the full URL. And, as a lazy programmer, I hate typing in the full URL or loading up trac and searching the #. So, I generated this bookmarklet. Replace the url with the root path to your trac instance. Finally, create a bookmark and put the following content in it: (more…)

While searching for employment, I realize I can’t be super picky - but my household does have needs! Because of this, I’ve developed a quick calculator / bookmarklet for the browser that I thought I’d share. It allows you to enter a yearly or hourly amount, and it shows the corresponding amounts. This tells you if that salary posting fits within your needs. (more…)

After looking at the Windows model for controlling file access, I realized I could also do that for user authorization control. (more…)