Author Archives: ericlaw

Segue

My last day at Telerik is December 31st, 2015. More soon… Here’s a copy of my “Last day” blog post for posterity. Fiddler—A Segue  by Eric Lawrence  December 22, 2015 Productivity, Debugging11 Comments In September 2012, Telerik completed the acquisition of the Fiddler Web Debugger, and I announced that I would join Telerik to upgrade my side project to my full-time job.Continue reading “Segue”

Certificates Matter

Recently, my web host stopped supporting the FrontPage Server Extensions used by Microsoft Expression Web 4 for website publishing (FPSE is now out-of-support). FPSE allowed me to publish to my site over a HTTPS connection, helping keep my password safe and my uploaded files unmodified. Unfortunately, the alternative FTP transport is completely insecure–passwords and dataContinue reading “Certificates Matter”

Security Response Basics

Security response isn’t just about the “sexy” analysis of vulnerabilities, reverse-engineering of malware, and so on… it’s probably mostly about getting the basics right. Every morning, I forward all of the PayPal phishing scams I receive to PhishTank, Netcraft, and Spoof@Paypal. Today, I took a closer look at the response I got to the lastContinue reading “Security Response Basics”

DLL Hijacking Just Won’t Die

The folks that build the NSIS Installer have released updates to mitigate a serious security bug related to DLL loading. (v2.5 and v3.0b3 include the fixes). To make a long and complicated story short, a bad guy who exploits this vulnerability places a malicious DLL into your browser’s Downloads folder, then waits. When you run an installerContinue reading “DLL Hijacking Just Won’t Die”

Book-Writing: Just Do It!

Sadly, you’re unlikely to get wealthy by writing a book. You should definitely write one anyway. My Background People I respect suggest you shouldn’t write (or buy) books on specific technologies, going so far as to say that writing a book was on their top-10 lists of life regrets. Top-10… whoa! As a consequence, whenContinue reading “Book-Writing: Just Do It!”