There’s a new (published May, 2007) book about web application security “Cross Site Scripting Attacks: XSS Exploits and Defense” written by Jeremiah Grossman of WhiteHat Security, Inc.

“Gartner Group has stated that today, over 70% of cyber attacks occur at the Web (or website) application layer.” — whitehatsec.com.

Jeremiah Grossman has been recently named one of InfoWorld’s Top 25 CTOs.

As a web developer and UI designer, web application security is rapidly becoming a necessary skillset to have in your online arsenal during web application development. It is said that XSS (Cross Site Scripting) is the new “buffer overflow” and malware (malicious software) delivery can perpetuate through a vulnerable web site and a deviously crafted URI — giving rise to the popularity of online “phishing” scams and other potentially dangerous exploits.

I find that one of the most annoying things about OSX, both win32 and Linux support that feature…and it’s not only the lack of “focus follows mouse” but also the necessity to click twice to get your action.

For example, a browser window open, but in the background and I want to click a link, I have to click twice: once to focus the browser into the foreground and again to trigger the clicking on the link. Rather annoying.

I did find a few resources for *some* applications that support “focus follows mouse”, but it only appears to work within the application only, not between different applications.

I find the lack of a “tabbing” support in Mac OSX to be rather disturbing as well. I checked the accessibility settings, and there is still no way to force my browser (or other apps) to tab through the interface stopping on objects in the window.

Here are some more resources:

1. http://www.apple.com/macosx/features/expose/
2. http://acs.pha.jhu.edu/general/computing/faq/os/os_x/opt/#ffm
3. http://jeremy.zawodny.com/blog/archives/000149.html

Chalk this one up to shitty per kilobyte pricing…and superior math skills

“.002 cents” quoted by the rep, but charged “.002 dollars.”

So that’s 100 fold difference in what the user expected to pay (or so he claims).

“.002 cents per kilobyte.” quoted on the phone while explaining that the “units of measurement” are the major factor here.

.002 cents * 35,893 kilobytes = 71.792 cents due

Listen here: http://media.putfile.com/Verizon-Bad-Math

2/10’s of a cent is .2 cents, but he keeps quoting “.002 cents”…and the debate continues….