Friday, November 23, 2007

NYC in November

Hey, we took the chance and visit New York a couple of days ago. And had a great time. Not just the New York Marathon was a great experience. We also went to Staten Island and Coney Island. More pics on a separate website soon.

Monday, November 19, 2007

Off-line Web Applications

Many approaches for so-called “Off-line Web Applications” employ a bunch of vulnerable technologies running on the client. Sure, content must be cached and presented (in case of disconnection) and this needs two components: a database and a web server. In a scenario where a web server is running on each client in a network of Off-line Web Application, it needs strict rules in terms of configuration measurements. Honestly, who cares about this? Not even browsers are configured in a way to reach a decent state of security on the majority of desktop machines. This is another example how vulnerable many Web 2.0 approaches are, beside AJAX and the underlying excessive scripting model. Just check on the Black-Hat Sessions (and presentations) to read more about the risks and known weaknesses. It’s frightening …
Actually, I should add the keyword – Security – to the description of this blog. It turns out that this topic occupies more and more time of my daily work and research effort.