AJAX Security

This morning I was interested to read about a security hole that enabled you to steal someone else’s Google cookie and access their Google services (this is now fixed). You can only imagine how much identity theft hurts until it happens to you. Some years ago my 5 digit ICQ account was stolen from me using a dodgy IM. At the time I was gutted as ICQ was my gateway to IM and Free SMS and I had "street cred" created by having such a low number.

By chance I also noticed across my "virtual desk" that Joe Stagner has secured Caleb Sima and Billy Hoffman for a series of Webcasts on AJAX Security starting this week.

Unfortunatley they all start @ 6am NZ Time and require passport/ live registration.

Fri Jan 19 - 6am - Live From Redmond: AJAX Security Basics- The Building Blocks to Protecting Your Applications Built with ASP.NET AJAX

Fri Jan 26 - 6am - Live From Redmond: How Hackers Reverse Engineer and Exploit an ASP.NET AJAX Application

Fri Feb 02 - 6am - Live From Redmond: The Brave New World of AJAX Hacking (and prevention using ASP.NET)

Fri Feb 16 - 6am - Live From Redmond: The Next Generation of AJAX Attacks – A New Generation of Attack Theories

Fri Feb 23 - 6am - Live From Redmond: Best Practices: A Look at Developer ASP.NET AJAX Security Mistakes

But if you are an early riser and build web applications with AJAX this series may very well be worth a look.

Oh yeah and for any of you true hAck3rs out there, check out this article on Jim Christy at DefCon.