My other area of interest is web application security. There is a number of ways in which web application can be vulnerable to attacks, and most web application developers aren’t terribly familiar with those — or they don’t know a good way to mitigate the attacks. I’ve been looking into locating vulnerabilities like XSS, CSRF, SQL Injection and others in large websites and reported those to the website owners. I’ve also published a number of articles with recommendations on writing secure code.
Older articles in this blog were moved over from the Adblock Plus blog where they were originally published. With the Adblock Plus project growing and more people posting to that blog splitting out my private posts into a separate blog became necessary. Most articles are in English though I’ll occasionally write in German or Russian as well.