Security And Caffeine

Adding Pages Dynamically within a jQuery Mobile Project in PhoneGap

June 8th, 2011 | by | coding

Jun
08

Code’s towards the bottom if you can’t be buggered to read my ramblings.

The Challenge: Add new “pages” (page divs) during execution in a mobile app. This was part of a project using jQuery Mobile and PhoneGap, and the information that I wanted to display wouldn’t be available until the app ran and was subject to change. In this case, the app lists a number of companies, and each was supposed to have their own “page” within the app. Tap the company name, see the company info. Simple, right?

The Reason: The app I was working on had a basic layout that could be coded beforehand, but much of the data would be unknown until the app actually ran and pulled that data from a server. Since the various companies that the app listed could change at any time, this needed to be dynamic. While the approval time for apps on mobile devices is enough of a burden (up to three weeks or more), I had the additional hurdle that an update for every new company might degrade user confidence. Yes, updating your apps too frequently can erode confidence, because the users start wondering what, exactly, you’re screwing up so bad that you need to patch it every week or two.
Read full story

Share

11 Comments »

Twitter “hacked” aka a nice example of CSRF

February 12th, 2009 | by | security

Feb
12

Today marked an interesting day in Twitter history: a learning opportunity for the masses.  If you use Twitter, you probably saw one of your friends issue a tweet like the following:

Don’t Click: http://tinyurl.com/amgzs6

And, probably like many of the people out there, you clicked the link.  By the way, if you clicked the link above, good job.  You’re now one of the tens, possibly hundreds, of thousands of Twitter users that clicked that.

And then, you found out that your Twitter account got HACKED!  Even prolific blogger Dooce clicked, and subsequently decided her account had been compromised.  Her followup tweet was 

My twitter account got hacked. That last tweet was a hack, not my doing. Apologies for any inconvenience.

“Inconvenience”?  Your inability to not click an unknown link resulted in all your readers’ accounts being exposed to this.
Read full story

Share

1 Comment »

Stealing data, with Apple’s Blessing

September 11th, 2008 | by | security

Sep
11

I have a subscription to Pinch Media’s “New App” RSS feed.  As a result, I see literally every single new app that shows up, and I test many if not most of them.  Yesterday, I downloaded a new toy app and gave it a whirl.  The app is called “A.K.A”.  It takes your name, and gives you your Pirate, Jedi, and Porn Star name.  Very simple little app, and quite entertaining.

If you want to check out the app, here is the iTunes store link.  Because iTunes conveniently provides a link to this information, it’s easy to tell that the author, Robert de Jong, has not published any other apps.  Further, one whois and a google search later, and you can tell that the author, based in Colorado, isn’t either of the other two Robert de Jongs out there; one is in Ohio, the other in Canada.  Oh, his “company” also has a website, though it looks like a sole-proprietership, meaning there has been no paperwork filed with the government to form an LLC or corporation.  Further evidence: I couldn’t find a DEJOware business listing, according to the Colorado business registry.  On his site, the only contact link is a mailto, which will allow you to send him an email.
Read full story

Share

No Comments »

Older Posts