Personal Online Security 101

As a programmer, I take information security seriously because security needs to be baked into the process of developing web applications. While I am not a security researcher, I think I know more about information security than most. At the same time, I see a lot of people not taking basic steps necessary to keep their information protected. So here I present five basic tips that everyone should follow to help protect themselves online.…

Securing Embedded Forms

A client recently asked if it is possible to embed a secure (HTTPS) donation form on their site with an IFRAME without using HTTPS on their site. My answer was it depends but it’s not a good idea. It is possible to have an IFRAME on an insecure page (loaded over HTTP) load content from a site over HTTPS. And while a form loaded from a secure (HTTPS) host will post over an encrypted connection, it is not a secure practice.…