Use HTTPS for all inbound links, especially those sent in email.
Category Archives: browsers
File the Bug
Two experiences this week reminded me of a very important principle for improving the quality of software… if you see something, say something. And the best way to do that is to file a bug. Something Weird? File a bug! The first case was last Thursday, when a user filed a bug in Chrome’s trackerContinue reading “File the Bug”
TLS Fallbacks are Dead
Just over 5 years ago, I wrote a blog post titled “Misbehaving HTTPS Servers Impair TLS 1.1 and TLS 1.2.” In that post, I noted that enabling versions 1.1 and 1.2 of the TLS protocol in IE would cause some sites to load more slowly, or fail to load at all. Sites that failed toContinue reading “TLS Fallbacks are Dead”
Stupid HexEdit Tricks
In the summer of 2015, I changed my default browser on Windows from Internet Explorer to Chrome, and for the most part, I haven’t looked back—Chrome is fast and stable. The only real stumbling block I keep hitting is that the Alt+F,C keyboard chord isn’t bound to the command [File Menu > Close tab] asContinue reading “Stupid HexEdit Tricks”
SHA256 and Authenticode REDUX^2
Note: Microsoft has not confirmed this change yet; analysis below comes from looking at behavior of 14 signed installers. In December of last year, I wrote about all of the different places hashes are used in code-signing. Then, in January I blogged that Windows 10 had stopped accepting SHA-1 certificates and certificate chains for Authenticode-signedContinue reading “SHA256 and Authenticode REDUX^2”
text/plain 