The UK may soon ditch the absurd EU Cookie Directive

When visiting a website for the first time, you’ll likely be presented with a (somewhat intrusive) banner or pop-up about cookies. “Cookies” in this regard are sadly not the delicious chocolate-chip laden baked goods that we all love 🍪. (If only they were, I’d be more than happy to accept these when visiting a website!) […]

Flaws in Zoom’s Password Reset function

In researching my previous article on websites that are doing password resets wrong, I tested the Password Reset function of a number of high-profile sites. I did this using an email address which I knew didn’t have an account on each particular website. When testing Zoom.us however, I observed something quite strange…. I entered the […]

Password Resets done the wrong way

Let’s face it, we’ve all at one time or another had to initiate a password reset on a website we previously registered on way back when and can no longer remember our password. Yet, I’m frequently amazed at how many websites still get the whole password reset thing very wrong in 2021. Yes, for the […]

Webmasters: Have some (subresource) integrity!

Earlier today it was discovered that a large number of websites (over 4,000) – including UK government and NHS websites – had been compromised with a “cryptominer”. A cryptominer is a piece of software that “mines” cryptocoins like Bitcoin, LiteCoin, Ethereum, etc, which in turn generate income. When a cryptominer is included within the code […]

KidRex: The “safe search engine for kids”… offering sex tips and working from home for Bitcoins

It’s “Safer Internet Day” today, a global event promoting online safety particularly among children and young people. Whilst looking through related tweets today, I came across a number of tweets from teachers who were using a search engine called “KidRex” in their classrooms. https://twitter.com/CloughfinNS/status/960898128772612096 KidRex bills itself as “a fun and safe search for kids, […]