I’ve just noticed this (new, I guess) kind of warning on Gmail: “this account is currently being used in 1 other location at this IP” This is a welcome feature. I really wished Gmail would add more paranoid and security related notes and items like this one. I (most of us?) have most of their online [...] → Read more

This is a truly scary story : David Airey got his domain stolen because of a GMail vulnerability. Short story: it was (seems it’s fixed) possible to create filters on Gmail just by visiting a link or, say, loading a hidden frame on a malicious website. Like, create a filter to forward to evilguy@evilhost.com any email [...] → Read more

I’ve updated the popular Click Counter Plugin, now available in version 1.02 This is a security upgrade, fixing a potential SQL injection exploit that was discovered by Dougal Campbell (many thanks to him for this notice). To be honest, I tried for half an hour to break things with various SQL injections and XSS attempts, and I [...] → Read more