Security array_diff(array, string) does(n't) work as expected This is an old problem, quite a few security researchers already wrote about. But repeating things, helps learning them (especially me). In MageSetup we read posted agreements (terms and conditions) and compare them
Magento SSL Everywhere or HSTS We have to secure all the data of our users, not only registration, checkout and login. We need to secure the session data too. SSL Everywhere or HTTP Strict Transport Security (I hope)
Security German OWASP Day 2012 Ich war gestern auf dem German OWASP Day 2012. Die OWASP ist das "Open Web Application Security Project". Eine offene, kostenlose Organisation, die Security in der IT voranbringen will. Es folgen