What I Use–Software Edition

I’ll update this list from time-to-time. Criteria The #1 criteria for any software I use is first, do no harm. There’s a lot of great software out there that’s ruined by side-effects, including security problems, performance problems, advertising, and anything else that makes my computer worse for having it installed. In some cases, I’ve simplyContinue reading “What I Use–Software Edition”

Google Search Provider in Microsoft Edge

Back in the IE7 days, I built a simple Search Provider Builder that allowed IE users (and later users of other browsers) to add custom search engines to their browser without any changes to the site. Trivia: This hour-long little prototype soon led to a formal effort to put this tool on the IEAddons site;Continue reading “Google Search Provider in Microsoft Edge”

What I Read–Book Edition

This is a list of books I’ve read recently, with a Twitter-fitting review for each. I’ll update it periodically. Fiction The Martian – I greatly enjoyed this book; I was planning to try to get it some attention, but just before I tweeted, I learned it’s about to be a major motion picture. Oops. :-)Continue reading “What I Read–Book Edition”

HTTPS Only Works If You Use It

It should be obvious, but everyone seems to be making the same mistake. HTTPS only works if you use it. Everywhere. If you don’t use HTTPS everywhere, a bad guy can intercept an insecure request and prevent the user from reaching your secure site. HSTS is a good start to mitigating the threat of accidentallyContinue reading “HTTPS Only Works If You Use It”

Testing HTTPS In Native APPs

Over on Twitter, Paul asks how to verify that a native application is using TLS. For a PC, it’s pretty simple, just run Fiddler and watch the traffic. If you see any HTTP requests (other than those labeled “Tunnel to”, indicating a HTTP tunnel used for HTTPS traffic) from the Process of interest, that trafficContinue reading “Testing HTTPS In Native APPs”