During the week of June 8th, the Office of Personnel Management (OPM) announced that the records of all current and past US federal employees had been compromised. That includes standard employment information – address, social security numbers, etc – of over 4 million people ranging from a random forest ranger to US Cabinet members. (According to OPM, the […]
Recently I taught a class of bright-eyed, bushy-tailed PHP’ers just getting their start in the world. They haven’t done their first production application and we were working in the “safe” confines of a classroom, but there was one concept that I pounded into their heads: Don’t Trust the Users It may sound harsh but: It’s […]
A few weeks ago, Chris Shiflett author of Essential PHP Security was nice enough to give me some time for an interview on CodeSnipers. I figured the least I could do is give him and the community some feedback on his book. Read on for details. I've been a software developer for quite a few […]