Tags: security



Backdoor Service Workers

The tragedy of the iframe commons.

Switching to HTTPS on Apache 2.4.7 on Ubuntu 14.04 on Digital Ocean

The super-sexy title is because this stuff tends to be super-specific to the server setup.

Homebrew header hardening

Step-by-step instructions for more secure response headers on Apache.

This is for everyone with a certificate

The browser beatings will continue until morale improves.


Doing the right thing.

Indie Web Camp UK 2014

A productive weekend.

Security for all

I want the web to be delivered over https:// but we might be in for a rough period of transition.

URLy warning

Chrome is testing a new way to burn the village in order to save it.

Higher standards

Fighting for the web.


Debit where debit is due.

Pattern praise

Twitter and Flickr do the right thing, rejecting the password anti-pattern.

OAuthypocrisy and the Passwordpocalypse

The hypocrisy of Twitter’s OAuthcalypse.