Mosuki has just released PottyMouth under the BSD License. PottyMouth transforms completely unstructured and untrusted text to valid, nice-looking, safe HTML. We wrote it for Mosuki in January 2007. We’re excited to be able to give a little back to the free/open source software community, since software from that community has made Mosuki [...]
We posted eight months ago about Google calendar’s lack of respect for private data. Chris Pirillo has a found a clever demonstration of this: just search for “user password” in public events, and you’ll come up with a huge list of usernames and passwords of all sorts.
We’re not holding our breath for Google [...]
The “blog-o-sphere” has been abuzz with discussion of a new security vulnerability dubbed “JavaScript Hijacking.” While not strictly a “new” vulnerability (it’s just a variant on CSRF), it is worth mentioning that Mosuki’s home-grown AJAX toolkit is completely immune to this type of vulnerability. JavaScript Hijacking requires that a site use JSON, and [...]
Cyberknowledge’s blog post Analyzing 20,000 MySpace Passwords has some interesting tidbits about user behavior, and it certainly underscores the importance of watching out for phishing attacks and choosing a good password.