New York Stock Exchange floor view

It's a Pivotal moment: Dell's cloudy soft limb hits the stock market

A large hand flicks an icon of a little red man. Image via shutterstock (Lasse Kristensen)

And so it begins: Veritas lays off UK workers, R&D bods hit hardest

man dressed as zombie doing accounts/audit

BOFH: We know where the bodies are buried

Boy fixing computer with hammer

Google kills off domain fronting – and so secure comms just got tougher

whoah

Apple's magical quality engineering strikes again: You may want to hold off that macOS High Sierra update...

Bill Gates

Twenty years ago today: Windows 98 crashed live on stage with Bill Gates. Let's watch it again...

Oracle pledges annual Solaris updates for you to install each summer

Ellison with watch photo by drserg via Shutterstock

Oracle demands dev tear down iOS app that has 'JavaScript' in its name

panic

Cloud-surfing orgs under attack, Microsoft antivirus for Chrome, Windows 10 S bypass, non-RSA gigs, and more

Doctor Nick Riviera

Oh, baby! Newborn-care website leaves database of medics wide open

RSA history wall, photo: RSA

No way, RSA! Security conference's mobile app embarrassingly insecure

hands through the jail bars. Photo by shutterstock

British Crackas With Attitude chief gets two years in the cooler for CIA spymaster hack

image of Apple and hard drive

Apple unleashes FoundationDB as an open source project

A conference session at CLL17

Kubernetes? Just automate it….

Woman sits in bed and works on laptop in her home.

Build a serverless framework at home: Go on, bit of open sourcey hijinx won't hurt

PWX_image

Docker enterprise kit gets cozy with Kubernetes

Facebook's Mark Zuckerberg, speaking at the 2015 F8 conference

Facebook privacy audit by auditors finds everything is awesome!

Kaspersky

Kaspersky Lab loses the privilege of giving Twitter ad money

NHS hosptial photo, by Marbury via Shutterstock

Creaky NHS digital infrastructure risks holding back gene boffinry, say MPs

A bouncer. Pic: Shutterstock

Government demands for people's personal info from Microsoft reach all-time low

Person holding vape box

Amazon, LG Electronics turned my vape into an exploding bomb, says burned bloke in lawsuit

man yells in shock

Two's company, Three's unbowed: You Brits will pay more for MMS snaps

LESTER gets ready to trundle: The Register's beer-bot has a name

Motorola Z2 Force teaser

Motorola Z² Force: This one's for the butterfingered Android lovers

Geek's Guide

old_soaker_mars

Here's another headline where NASA is dragged through the mud for cheap Mars wise cracks

fruit_flies_shutterstock

Bloke fruit flies enjoy ejaculating, turn to booze when starved of sexy times

Musk: I want to retrieve rockets with big Falcon party balloons

SpaceX finally Falcon flings NASA's TESS into orbit

How much do AI gurus really get paid? And is NIPS such a great name for a conference?

key throw

Time to ditch the front door key? Nest's new wireless smart lock is surprisingly convenient

Cell tower, view from below. Image by Shutterstock.com

Samsung-backed gizmo may soon juice up your smartphone over the air

Doctors in a busy hospital

Beware! Medical AI systems are easy targets for fraud and error

Verity Stob

A group of Playmobil pirates

Drama brews on high seas as Playmobil ship running out of steam

Suitcase full of money

Tech bribes: What's the WORST one you've ever been offered?

Statler and Waldorf - copyright - The Walt Disney company - the muppets studio

There is no perceived IT generation gap: Young people really are thick

measuring tape

Size does matter, chaps: Oversized todgers an evolutionary handicap

The Register Columnists

Jeff Williams

Contact

Follow

The Register breaking news

Denial, exposure and online security

Web applications have huge attack surfaces. Most sites have hundreds of URLs, and each function has plenty of parameters, form fields, cookies, and headers for attackers to play with. One simple way to make your web application more secure is to minimize your attack surface. Let's look at five simple ways to do this. Tighten …

Jeff Williams, 11 Nov 2008

The Register breaking news

Attention developers: Your SESSIONIDs are showing

Protecting passwords is important, but do you take the same care with your SESSIONIDs? You should. Here's how they work: When you log into a web application, you exchange your credentials for a SESSIONID cookie. This cookie gets sent with every subsequent request from your browser until you log out or the session times out. …

Jeff Williams, 29 Sep 2008

The Register breaking news

Cross-site hacks and the art of self defence

Hackers can force your browser to send requests to any site they want. It's not even hard - all they have to do is get you to view an email or a web page. Unless the site is specifically protected against this - and almost none are - then attackers can make your browser do anything you can do, and they can use your credentials …

Jeff Williams, 29 Aug 2008

homeless man with sign

Rich data: the dark side to Web 2.0 applications

All web applications allow some form of rich data, but that rich data has become a key part of Web 2.0. Data is "rich" if it allows markup, special characters, images, formatting, and other complex syntax. This richness allows users create new and innovative content and services. Unfortunately, richness affords attackers an …

Jeff Williams, 1 Aug 2008

The Register breaking news

Time to dismount the hamster security wheel of pain

Enterprises are spending a huge amount of effort scanning for vulnerabilities that they already know are in their applications. Here's a little secret: there's no point in scanning if you haven't at least tried to put in a basic set of defenses. You already know you're vulnerable. So what kinds of defenses does the average web …

Jeff Williams, 23 Jun 2008

Too much code, too few application security specialists

Agile dominates software development. According to Scott Ambler, a prolific author of books on the subject in addition to being IBM's agile development practice lead, 69 per cent of organizations already use agile in one or more projects. Twenty four per cent of the rest are planning to start in the next year. Unlike …

Jeff Williams, 28 May 2008

The trinity of RIA security explained

The phrase "Rich Internet Applications" has become a popular term for applications that run inside your browser or on your desktop and that interact with web applications or web services. RIA platforms include JavaScript (part of the AJAX umbrella), Adobe System's AIR, Microsoft's Silverlight, Java applets, and Java JFX from Sun …

Jeff Williams, 8 Apr 2008

Stop sign

Reduce your exposure to AJAX threats

Fundamentally, there's nothing terribly new about the problems posed by Asynchronous JavaScript and XML (AJAX) when it comes to security, we just need to apply some good old security principles to this new technology. The problems occur because, unfortunately, there are an awful lot of devils hidden inside the details. One …

Jeff Williams, 18 Feb 2008

Stop sign

Stay ahead of Web 2.0 worms

Think you've protected your web applications from cross-site scripting (XSS) vulnerabilities? The odds are against you. Roughly 90 per cent of web applications have this problem, and it's getting worse as web applications and web services share more and more data. Many frameworks and libraries are encoding, decoding, and re- …

Jeff Williams, 7 Jan 2008

Most read

About us

More content

Situation Publishing

The Register - Independent news and views for the tech community. Part of Situation Publishing

Sign up to our Newsletters

Join our daily or weekly newsletters, subscribe to a specific section or set News alerts

Subscribe

Biting the hand that feeds IT © 1998–2018

Cookies Privacy Ts&Cs