digital self defense and everything IT
-
There is no PayPal for me
Every now and then colleagues or customers ask me whether I can do PayPal transactions with them. Unfortunately, I can not. Let me explain: Until some 7-8 years ago I had been a happy PayPal customer with a positive balance of x.y EUR. Then, from PayPal’s point of view, I made a “suspicious” transaction of…
-
Outsourcing freelance jobs FAQ
I like outsourcing work to other freelancers when I am short on time myself. Over the time, I am often asked the same questions again and again. Obviously it is time for an “Outsourcing freelance jobs” FAQ. :) Question: Should I start working even though I have not been told to? Answer: Please don’t. Start…
-
CSS Level 3 Media Queries
In my humble opinion, the upcoming CSS Level 3 Media Queries are one of the major improvements in web development. Yesterday I have implemented those in my web site so that it adapts to various browser window widths. See them in action on Youtube! Try it for yourself and tell me what you think :)…
-
Old security issue in recent OpenX installations
Together with Florian I have recently investigated a security issue in OpenX where attackers could drop a web shell onto the server. Heise is covering the story. Unfortunately the posting suggests that this is an issue with register_globals set to “on” only, which is NOT the case. Watch out! :)
-
Measures against Slowloris attacks
In a Slowloris attack a client (or a botnet) opens a large amount of connections to a web server and holds them open. It does not send complete requests so you might find no request of the attacker in an Apache log — quite devious. So… The malicious client continues to open new connections using…