Hello all!
Here at Bagel_Blog, we have always had difficulty with a good solution to brute forcing on login pages.

For those of you that don't know, Brute Forcing means that a hacker or, more likely script kiddie, will use a program to comprehensively try every possible username/password combination. (a, b, c...aa, ab, ac, ad...).

These are very difficult from a programmers perspective because you need a few important points in a log in script:

1. A realistic number of wrong password tries allowed before getting locke

Hello again,
I have been doing more testing on FireFox 3.5 beta 4.

Just surfing around, the speed increase is noticeable, but not drastic. That is until you add the standard FireFox browser tweaks.

Once the tweaks have been added, the browser really flies. A website that once loaded fairly slowly will now flicker slightly and then be fully loaded.

So, the speed is probably the most noticeable feature, but






...

Greetings all!

I started my FireFox 3.5 beta testing, and from what my testing has shown, I am highly impressed!

A while back, I made a generic JavaScript Engine Speed Test.

I designed this to determine the speed that a JavaScript Engine is running at, the primary measurement being in FLOPS (Floating Point Operations Per Second).

Based on my testing, the JavaScript engine for FireFox 3.5 beta is by far the fastest I have seen.

FireFox 3 (the current version), is averaging 2,817









...

Greetings all!
I'm still here, but in the process of moving, so posting has been a little slow.

So, I have been checking out Internet Explorer 8 in more detail, I honestly have never seen a worse browser in my life.

They have corrected none of the old standards compliance issues or bugs, and added a slew more.

The XSS Protect feature is nice, but thats where it ends.

ActiveX is still a huge issue.
Hackers love the idea of being able to execute executable files on a victims computer.











...

Its that time again, for me to rant on about poor web security by giving full disclosure.

hi5.com is some generic, childish social networking site that is extremely popular around the world, about Alexa #15 worldwide.

I was dicking with this site and found that the status message is updated by AJAX, and had a validation token that is the same for every user, and only changes every day at midnight.

I smelled CSRF.

So, I put together This CSRF Demo (do not click unles







...