Dear Kode Vicious, I am a new Webmaster of a (rather new) Web site in my company's intranet. Recently I noticed that although I have implemented some user authentication (a start *.asp page linked to an SQL server, having usernames and passwords), some of the users found out that it is also possible to enter a rather longer URL to a specific page within that Web site (instead of entering the homepage), and they go directly to that page without being authenticated (and without their login being recorded in the SQL database).
In these days of phishing and near-daily announcements of identity theft via large-scale data losses, it seems almost ridiculous to talk about securing the Web. At this point most people seem ready to throw up their hands at the idea or to lock down one small component that they can control in order to keep the perceived chaos at bay.
Phishing is a significant risk facing Internet users today.1,2 Through e-mails or instant messages, users are led to counterfeit Web sites designed to trick them into divulging usernames, passwords, account numbers, and personal information. It is up to the user to ensure the authenticity of the Web site.
Today’s Internet user has more choices than ever before, with many competing sites offering similar services. This proliferation of options provides ample opportunity for users to explore different sites and find out which one best suits their needs for any particular service. Users are further served by the latest generation of Web technologies and services, commonly dubbed Web 2.0, which enables a better, more personalized user experience and encourages user-generated content.
Agile processes are not a technology, not a science, not a product. They constitute a space somewhat hard to define. Agile methods, or more precisely 'agile software development methods or processes', are a family of approaches and practices for developing software systems. Any attempt to define them runs into egos and marketing posturing.
SOA is no more a silver bullet than the approaches which preceded it. Back in ancient times, say, around the mid '80s when I was a grad student, distributed systems research was in its heyday. Systems like Trellis/Owl and Eden/Emerald were exploring issues in object-oriented language design, persistence, and distributed computing. One of the big themes to come out of that time period was 'location transparency', the idea that the way that you access an object should be independent of where it is located. That is, it shouldn't matter whether an object is in the same process, on the same machine in a different process, or on another machine altogether.
How many of us have not had the experience of sitting in a classroom wondering idly: "Is this really going to matter out in the real world?" It's curious, and in no small amount humbling, to realize how many of those nuggets of knowledge really do matter. One cropped up recently for me: the Finite State Machine (FSM). As we continue to develop the new UI for our product, we'll definitely be using FSMs wherever possible.
Don't let delusions about XML develop into a virulent strain of XML fever.
The Obama campaign has been praised for its innovative use of technology. What was the key to its success?
What a software-as-a-service provider learned from using an AJAX framework for RIA development
Lacking proper browser support, what steps can we take to debug production AJAX code?
The Google Web Toolkit is an end-run around Web development obstacles.
Web and mobile applications are increasingly composed of asynchronous and realtime streaming services and push notifications.
An essential property for reliable systems
A first step toward programming 21st-century applications
Mobile performance issues? Fix the back end, not just the client.
It's easy to do amazing things, such as rendering the classic teapot in HTML and CSS.
Building Web sites that perform well on mobile devices remains a challenge.
Which practices should be modified or avoided altogether by developers for the mobile Web?
An overview of techniques to speed page loading
Watch out for these pitfalls that can prevent Web application scaling.
HTTP continues to evolve
Conditional dependency resolution
We have to choose to build a web that is accessible to everyone.
Use states to drive your tests
We may be on the cusp of a new revolution in web development.
A discussion with Pete Hunt, Paul O'Shannessy, Dave Smith and Terry Coatta
Expert-curated Guides to the Best of CS Research