Articles by Mark Stockley

About Mark Stockley

Mark Stockley is an independent web consultant who's interested in literally anything that makes websites better. Follow him on Twitter at @MarkStockley

Popular websites leaking system status information, private data and even passwords

by Mark Stockley on November 2, 2012 | 5 Comments
Popular websites leaking system status information, private data and even passwords

Security researchers have discovered that thousands of popular websites are putting their users' data at risk by leaking internal status information.

The sites in question include a host of well known names and should-know-betters including Ford, Tweetdeck, Webex, Php.net and Staples.

Will Do Not Track cripple the tech industry?

by Mark Stockley on September 26, 2012 | 8 Comments
Will Do Not Track cripple the tech industry?

Eric Wheeler's CNET article spelled out the apocalyptic future that awaits us if we don't stop Do Not Track. But is it actually true?

Finally, Google Chrome will support Do Not Track

by Mark Stockley on September 17, 2012 | 7 Comments
Finally; Google Chrome will support Do Not Track

Google has finally added support for the DNT (Do Not Track) header to their latest developer build of Chrome. The modification is likely to make it into an official release of Google's popular web browser before the end of the year.

Do Not Track: has Microsoft outwitted competitors Google and Facebook?

by Mark Stockley on August 14, 2012 | 28 Comments
IE10

With a deft side step, Microsoft appears to have outwitted opponents, like Google and Facebook, on their plans to have Do Not Track on by default in Windows 8....

Browser wars - Microsoft says IE10 will support Do Not Track by default

by Mark Stockley on June 2, 2012 | 14 Comments
IE10

Browser vendors don't really compete on features any more, they compete on performance and trust; the best browser is the fastest, most secure and most private.

The question is - how quickly will Mozilla and Google respond?

Basic error puts anonymous bloggers at risk

by Mark Stockley on November 28, 2011 | 9 Comments
anon-thumb

In a recent experiment writer Andy Baio was able to uncover the identities of seven anonymous bloggers from a random sample of 50 in under 30 minutes; all thanks to a simple mistake they'd made in setting up their websites.

Will Do Not Track make a difference to web privacy?

by Mark Stockley on November 17, 2011 | 2 Comments
Private sign

Earlier this week the World Wide Web Consortium (W3C) released the first drafts of two new privacy standards aimed at simplifying and standardising how websites read and comply with web users’ privacy settings. So is it going to make a difference?

Mystery flaw crashing DNS servers across the internet

by Mark Stockley on November 16, 2011 | 4 Comments
net-globe-thumb

A zero-day vulnerability is being exploited in-the-wild to crash BIND 9 DNS servers all over the internet. The flaw, a Denial of Service vulnerability described as an "as-yet unidentified network event" affects all of the currently supported versions of BIND.

Anonymous and LulzSec trawl Google Code search for security holes

by Mark Stockley on November 11, 2011 | 3 Comments
Google

A new report suggests that Google's Code Search is being used by groups such as LulzSec and Anonymous to find passwords and other private data, gain access to secure networks and decide who their next victim should be.

Apple lets malware into App Store

by Mark Stockley on November 8, 2011 | 4 Comments
App Store cracked

A security hole in iOS, the operating system that powers iPhones and iPads, has allowed hacker Charlie Miller to defeat Apple’s famously discerning App Store review process.

Secure web browsing cracked by BEAST

by Mark Stockley on September 24, 2011 | 6 Comments
Trogdor

A pair of researchers have unveiled a serious new attack on web browser security.

The ability to crack encrypted web traffic removes the safety net that protects you when you're doing sensitive online tasks like banking or using credit cards.

Missing dots from email addresses opens 20GB data leak

by Mark Stockley on September 12, 2011 | 9 Comments
Missing dots from email addresses opens 20GB data leak

Security researchers have captured 120,000 emails intended for Fortune 500 companies by exploiting a basic typo.

The emails included trade secrets, business invoices, personal information about employees, network diagrams and passwords.

Researchers extend Firesheep to exploit Google Search data leak

by Mark Stockley on September 8, 2011 | 3 Comments
Firesheep infiltrates Google

A pair of security researchers have created their own version of the notorious Firesheep plugin to expose a data leak in the world's favourite search engine.

The proof-of-concept plugin exploits the use of unencrypted cookies by Google's Web History feature.

Apache exploit leaves up to 65% of all websites vulnerable

by Mark Stockley on August 26, 2011 | 6 Comments
apache-250x250

A newly discovered vulnerability in the Apache web server could leave up to 65% of all websites vulnerable to low-powered denial-of-service attacks.

Who posted my contact details on Jigsaw.com?

by Mark Stockley on October 2, 2009 | Comments Off
Image (5) garth-moulton-contact.jpg for post 15041

Mark Stockley has found his contact details in a massive online database. What's really upset him though, is that the person who posted his information is protected by anonymity.

Who polices crime in a virtual world?

by Mark Stockley on October 1, 2009 | Comments Off
Image (3) mark-stockley.jpg for post 15037

A bank robbery in the MMORPG Eve Online netted a criminal thousands of dollars, but whose job is it to police crimes in a virtual world?