links for 2009-08-11

  • The recent data breach at Internet domain administrator and host Network Solutions compromised more than 573,000 credit and debit cardholders and begs the question: What more can be done to secure such systems? The incident also raises new questions about the Payment Card Industry Data Security Standard (PCI). At the time of the breach, discovered in June, Network Solutions says it was PCI compliant. The breach was the result of hackers planting rogue code on the company's web servers, intercepting financial transactions between the sites and their customers, which are mostly small online stores. So, if Network Solutions was PCI compliant, how could it be breached? Paul Kocher, chief research scientist at Cryptography Research Institute, says the fundamental limitation with PCI is that it attempts to distill security down into a static set of requirements, while adversaries aren't restricted to a rigidly-defined set of methods. "As a result, clever attackers will always
  • In this first look at forms and accessibility we’ll cover the very basics you should consider if you are to help as many users as possible to interact with you and your web site just as you would like them to. Forms are often the most tricky aspect of web development for beginners to get their head around, largely because it means stepping out of the comfort zone of one-way information – no longer are you simply presenting information at the person viewing your site, now you are asking for input, for feedback that you have to process in some way. And just as it may be difficult for HTML beginners to understand just how they handle form data, so is it difficult to understand some of the issues relating to accessibility. Static content presented to the person visiting your site may be perfectly well understood by someone using a screen reader, or perhaps a Braille computer, assuming you’ve used semantic, structural markup (such as h1 – h6 for headings). However, for someone visiting yo
  • ]]>