Confirmed users, Bureaucrats and Sysops emeriti
1,737
edits
Webdev:Meetings:2009-08-04: Difference between revisions
m
→wil
m (→wil) |
|||
| Line 89: | Line 89: | ||
== wenzel == | == wenzel == | ||
== | == clouserw == | ||
* AMO 5.0.8 set to launch on Thursday, Aug 6th | |||
* Blackhat/Defcon | |||
** $some_large_company has a security team that writes all their critical libraries (CC processing, login, etc.) and then makes the libraries so easy to use you'd be an idiot to write your own. Then they get consistency (security) for free. | |||
** The big SSL hack news that came out (\0 chars) is already fixed in FF3.5. woo. | |||
** Free email services like hotmail, yahoo, gmail expire your address after $x days. Registering expired addresses for password recovery has been at the heart of several attacks lately - log in to your old addresses. | |||
** L10n has a whole pile of injection options. | |||
** Our "building add-ons" page doesn't mention security | |||
** Our editors' guide focuses on malicious add-ons but ignores vulnerable add-ons | |||
** Suggestions to help add-on authors: Follow OWASP guide, use similar/prewritten code when possible | |||
** You know all those people that hang out on forums? Defcon is like that, only in real life. | |||