All entries of my technical and business blog.

The top 17 ways to help eliminate the Phishing threat

The following is the result of a research project I had done about phishing. Its some best practices and suggestions based upon information from leading security professionals such as white hat security, McAfee, etc. A combination of e-mail security, authentication methods and corporate identity standards are among the suggestions… Here are the top solutions and methods of securing against Phishing: (more…)

The anatomy of a phishing attack - advanced technique

So many phishing attempts lately are just purely pathetic - easy to guess and figure out, mis spelling and grammar issues and just poorly fashioned websites. Although these will work on the novice web surfer, can a clever criminal actually create a phishing site/scenario that can trap the experienced members in your IT department? In this article we’re going to take apart a phishing proof of concept attempt I created at (“the triangle”) (for privacy... (more…)

Show the right files in PHP Explorer

After I installed Eclipse PDT, I had two project navigators. I closed the native one and kept open the PHP Explorer. PHP Explorer showed my php, css, js, etc, files. It also puts a plus sign to the left of the filenames. Using this view, we can expand the file to see the classes and functions inside of the file without opening it. (more…)

Helpful strtotime reminders

Today, Todd (one of the consultants that (“the triangle”) uses) called me up to share a bit of a reminder and also tell me about an issue in the code that was in one of our older modules. There was an issue with the strtotime function converting a year to a timestamp. (more…)

php

Spell Checking in Eclipse PDT

Although I’d like to pretend that my side jobs always are pure programming, but alas, not the case. There are times when the users send word docs to me and I have to convert them to html. Now, even these word docs might have spelling mistakes - but that’s just not ‘acceptable’ to them - I should correct those issues too! Whats up with that? But anyway, I now have a good plugin to do... (more…)

Fixing update error in eclipse PDT

The last time I downloaded Eclipse PDT for PHP, (located at zend.com/pdt), everything was great. That is, until I wanted to run the updates. It stopped with an error and would never update my PDT. Luckily, one of the consultants from (“the triangle”) had the same issues - and he was able to tell me what was up: (more…)

Namespacing is important - even in PHP

Perl, Java and xml people are very aware of what a namespace is… even wikipedia tells us they are. But, certain languages, such as PHP, don’t support namespaces yet. (However, thank you Dmitry for your proposal.) But are namespaces really important? PHP has made it this far without them, so why should you be concerned? Well, lets see: (more…)

php

Highlighting Source Files

I have been writing code snippets in this wordpress blog alot - and I wanted to possibly have the code highlighted. One of the things that happened with code highlighting plugins I’ve noticed is that the code has to be valid (I’ve posted invalid PHP because stupid wordpress kept eating it) or one type of code (I post javascript/html combinations, with ellipses and such…), and so I finally decided to not highlight my code -... (more…)

AJAX Security Research and Findings - Round 2

Round 2, and the final round, is complete! The previous article here talked about my initial findings. Well, I was able to try some proofs of concepts on my javascript finding, and I put together our top level recommendations for (”the triangle”). Lets see: (more…)

⬅ Newer | Older ➡
Page 50 of 53
or use RSS