Tag Archives: CakePHP

Weekly security lessons learned

We specialize in security and compliance for the health care and bio-med space, helping clients build  security into their products, instead of bolting it on later. There are plenty of challenges to go around and it often seems like you’re trying to drink from a fire-hose.  Lots of water,  a few drops into your mouth, getting thoroughly wet and having lots of fun!

This week, we had oodles of interesting problems to solve but the 64K question is:

How many of the solutions will we remember next week this time?

I decided to start writing a weekly lessons_learned file. I’m maintaining it in my own git repository. If I go anywhere with some of these daily lessons, I’ll move it to github. Here are a few lessons I learned this week.

  1. A little bit of introspection can go a long way – or how not to make changes in a complex Web application and reduce the probability of introducing new bugs and new vulnerabilities.
  2. Do not take Unicode for granted
  3. Making MVC frameworks more secure with stored procedures and views
  4. Denormalization is not a bad thing especially if it keeps the code simple
  5. Data validation: replacing declarative statements with Javascript code

Continue reading

Tell your friends and colleagues about us. Thanks!
Share this

Configuring email notifications to be friendly but secure

I have commented in the past on the generally low security level of Microsoft ASP.Net web applications which stems from the closed Microsoft monoculture and a product strategy that prioritizes ease of use over security and privacy by hiding features and functionality from the user.

In the course of a security audit/penetration test of a social networking Web site this week that was developed and deployed on Ubuntu, I was reminded yet again that we all have something to learn.  Even Linux geeks.

A common Web 2.0 rich Web application system deployment involves a Web server running php and postfix for delivery of  email notifications to Web site members. There are 4 key system requirements for such a deployment:

  • A. Deploy as a null client, i.e as a machine that receives no mail from the network, and does not deliver any mail locally. This is a hugely important requirement to not turning your Web server into a launchpad for spammers.
  • B. Rewrite the default Apache www-data@domain with something more meaningful like
    domain@domain.com without changing PHP code.   This is both a usability issue and a security issue, since it is a bad idea to advertise the fact that your Web site operations are clueless to the point of not knowing how to change default LAMP settings.
  • C. Provide a human-readable From: in the header so that the users of your great Web 2.0 social media app will see real names instead of your domain. This is definitely a usability issue unrelated to security.
  • D. Mask the email addresses of your users so that you don’t disclose personal information. This is a basic data security and privacy requirement.

Continue reading

Tell your friends and colleagues about us. Thanks!
Share this


I just got an invite to Bizspark from thefunded.com

“Microsoft® BizSpark™ is a global program designed to help accelerate the success of early stage startups by providing key resources “; basically free development software and a hook into a community of potential investors.  A lot of the comments on techcrunch were of a religious nature, calling it a scam and wondering why you have to be sponsored by a VC (you don’t…) or have $1M in funding (you have to have < $1M…)

Excellence is driven by by open competition and sharing and from where I’m sitting – BizSpark is a good idea for entrepreneurs – as a serial entrepreneur (I’m on my 4th startup) and Open Source advocate – let’s try and stay objective and consider the following points:

Continue reading

Tell your friends and colleagues about us. Thanks!
Share this