A friend pointed out the relatively hilarious site devisgh.com where developers can commiserate about the stupid things they have to do. I noticed that the upvote mechanism was vulnerable to a Cross Site Request Forgery (it's the kind of thing I notice when browsing around, like on tumblr).

This might be the first nerd-blog post in a long time, so my apologies if I startle anyone. As a quick update, I wrote a book on security in Drupal and then founded a company focused on Drupal security services and then sold that company to Acquia where I currently work.

So....Tumblr is a big deal. They apparently have 120million users and are totally awesome.

I was trying Tumblr out for a site and noticed that many of their interactions relied 100% on Javascript for a "delete/cancel" confirmation. I fired up my handy-dandy browser tools and inspected the http headers associated witih deleting a message. Turns out that it's vulnerable to a cross-site-request-forgery. In general Tumblr uses the token-synchronizer csrf prevention (as documented on OWASP). I'm not necessarily saying they copiedOWASP or were inspired, just that it follows the pattern of using a second form token that is sent on all requests for a session. They do not use a different token per form/action: once you get the anti-CSRF-nonce it's the same for multiple different operations. Their token is called the form_key.

Want to see the problem in action? I even made this handy dandy movie of the problem:

So, a few weeks back my Kindle Fire arrived and I started jotting notes as I opened it and used it. Here's the collection:

• The un-boxing was surprisingly pleasant: minimal plastic, lots of recycled elements, no user-manual (it's on the device!). The package was about 2.5 inches tall and about 2 inches of that was empty, with a small cardboard elevating the kindle above the empty space that contained a small USB cord.. Why ruin the experience with all that empty space?
• The USB Cord...it's a "wallwart" with a micro-usb on the end. I'm super excited that the device uses the current standard micro-usb b as its source of power and connectivity but what a waste to send me a cable connected to a wall-wart. I'd be way happier with something like this wall-usb and standard usb cable.
• I now have learned that this wallwart USB outputs more than normal power, so it can't be a normal device. That kinda...sucks. If it uses different power I would almost rather have a different plug just to make that clear (though apparently the size lets me power it up slowly via computer if I'm in a bind). I wish it would take normal micro-usb power form a normal cable even if that means slower charging.
• The power button is on the bottom right next to the USB port and headphone port which makes it easy to accidentally press it when you connect/disconnect your headphones/usb plug. To solve this, I've started using it upside down which means I type my password upside down when I unlock it. Of course the screen flips once it's unlocked, but now the sound comes out the "bottom" and gets my stomach messy with it's messy, messy sound.
• The screen is pretty awesome. Very bright and crisp.

I recently had to reset my entire phone deleting all contents (different story). In the process I wrote down the old apps I had that I liked so I could reinstall them after wiping it. I was surprised how easy it was to do that and how all my contacts/mail/calendar being associated with my Google account made the whole process simple.

So, in case you're interested, here's the list of apps I actually reinstalled:

I'm writing this so other developers can share in the laughter (ha!) and designers/managers can learn.

I've seen this a few times. It feels like there's a mad-libs form that designers/managers use to communicate things in a software project.

Hey:

$normal_behavior_of_our_product_for_the_past_year, $insulting_phrase, $client_need_never_mentioned_before_this_month, $high_stress!!!!!

Thanks,
$designer_or_manager

So, an example letter:

Hey: