Safely Binding Unescaped Content in Web Applications

Binding unescaped HTML or CSS content on a web page is a scary proposition for most web developers. The idea conjures up black-hat hackers attacking your company’s infrastructure and high-visibility hacks. In fact, cross-site scripting vulnerabilities may exist on as many as 70% of all web sites. In this post, I’ll explain what cross-site scripting […]

Debian and Ubuntu Automatic Security Updates

Security patches for libraries and tools come out quite frequently. Just subscribe to any Linux distribution security list, and you’ll find that security updates are released with astounding frequency, sometimes even daily. Even kernel security updates are fairly common, with two security patches being released for the kernel used by Ubuntu 12.04 LTS in June. […]

9 OpenSSL Commands To Keep Handy

With the recent Heartbleed fiasco, I found myself frequently generating new SSL keys and certificates for Atomic and our customers. Even though the OpenSSL implementation of the TLS heartbeat protocol was broken, the openssl utility itself is still extremely useful for working with SSL certificates. The number of sub-commands and options for the openssl command […]

Using an OpenPGP Smartcard with GnuPG

This is part of a series on GNU Privacy Guard: Getting Started with GNU Privacy Guard Generating More Secure GPG Keys: Rationale Generating More Secure GPG Keys: A Step-by-Step Guide Using an OpenPGP Smartcard with GnuPG (this post) Recap Picking up where we left off, we’re on a relatively secure (air-gapped) system with a keyring […]