The Software Alchemist

It’s download time! The program (not a game yet) can be grabbed here. Stick it on your PC or Mac and tap on the .jar file (requires Java).

I’m starting to carve out the code for “adrift”, as it is called for now. And, as at the very beginning of any software project, technologies must be chosen. (I think it’s good practice to defer as many technology decisions as possible as late as possible, but you have to begin somewhere).

New project time! This one is a video game. A peaceful, maybe whimsical game of exploration. Something calm and not super challenging, but something that still gives a feeling of reward when discovering something new.

Number four in our run through of the OWASP greatest hits is “Insecure direct object references”. Although the name may not be immediately familiar, the concept is simple indeed.

The third vulnerability on our trek through the OWASP top ten is Cross-Site Scripting, commonly known as XSS. It’s easy to overlook the danger of XSS, as it primarily affects the client side. But, user credentials can be leaked and sites can be rendered unusable by client side scripts.

Continuing the series on the OWASP top ten vulnerabilities, we now turn our attention to the second item, Broken Authentication and Session Management.

Following on from the introduction, let’s now dig in to the top ten vulnerabilities in web services. OWASP maintains a list of common security problems, ranked by both the prevalence of the problem and the potential harm done to businesses and users who could be affected.

The year is 2014 and hacks, exploits and general mischievery abound. We are cramming our lives full of more and more devices connected to the internet and using more and more online services. And all of it is leaking information about our lives all over the floor.