Sign in
in
   
"It is the mark of an educated mind to be able to entertain a thought without accepting it."  -Aristotle

About Me

I am a co-founder of Notches, an early stage startup currently based in NYC. We are building a free, open reviews network that anyone can participate in and anyone can build on top of. You can find out more on our official blog.

Read more about my background.

Connect with me on...

Recent Readers

Flickr Photos

Tags

Monthly Archives
 

Browse by Tags

All Tags » Security » Blogging » Technology (RSS)

  • Security implications of MyBlogLog vs. BlogRovr

    According to a TechCrunch story , Citibank is putting a warning message up for users of comment and blog tracking services. As it turns out, there is a known issue with the coComment plug-in and, though I'm not familiar with the service, it sounds like BlogRovr also has a browser extension. Since I use MyBlogLog here, I want to re-emphasize that this message above doesn't apply to this service. MyBlogLog works by saving a cookie to your machine under the @mybloglog.com domain. When you go to a site that has included the MyBlogLog JavaScript, it can interact with that cookie and know who you are. The MyBlogLog tracking script does have some logic for tracking clicks within an IFRAME (to handle Google AdSense clicks). Since Citibank doesn't include the MyBlogLog script on their page, it doesn't interact with the service. When you're here or on any other blog that uses MyBlogLog, the service doesn't even know you were on the Citibank page much less being able to track...
    Posted Nov 27 2007, 03:22 PM by Tim with | with no comments
    Filed under: , , , ,

  • OpenID gaining momentum

    On the heels of Microsoft's announcement that it will support OpenID in CardSpace , AOL has become the latest major player to support OpenID . "Every AOL/AIM user now has at least one OpenID URI". This is big news. We made the decision to use OpenID as the sole authentication mechanism on a product we're building, and I'm increasingly happy with that decision. At best, we'll have no local accounts. At worst, we'll be an OpenID provider. It would be relatively trivial to expose ASP.NET membership as an OpenID provider (especially with the JanRain Server component). In fact, I'm somewhat surprised no one has done this already. If you're not familiar with OpenID, check out the brief introduction to OpenID .
    Posted Feb 17 2007, 07:05 AM by Tim with | with no comments
    Filed under: , , , , ,

Recent Posts

Most Popular Posts

Legal disclaimer

Coming soon.

Articles

My stuff

Friends

Powered by Community Server (Non-Commercial Edition), by Telligent Systems