Vimeo highly vulnerable to CSRF attacks – now fixed
I recently found, that vimeo.com had a cross-domain policy, that allowed anyone to connect, which was an open invitation for CSRF attacks. I alerted them to the issue, and it has now been fixed.
My life with ActionScript, JavaScript and their families
I recently found, that vimeo.com had a cross-domain policy, that allowed anyone to connect, which was an open invitation for CSRF attacks. I alerted them to the issue, and it has now been fixed.
The twenty-nineth idea for my 365 social ideas is a classic mashup: CatScanner, a charting application and the New York Times Article Search. The charting application could very likely be the previously mentioned Infographic Charting Service for better results (it could actually be built into this service) or it could be build stand-alone using any classic charting API like Google Charts.
The twenty-eighth idea for my 365 social ideas is about the open web and about “forcing” classic websites to export their data. Imagine sites with lots of useful information, that is frequently updated, but is hidden away behind forms, in PDF’s or in hard-to-scrape tables. Then imagine a website, where you could provide this address, and give it some guidance as to how to input data in forms and how to interpret the results. And then imagine, that this website would act as a proxy with this interaction described as a simple, queryable API and then behind the scenes would fetch data from the original website.
Comment » | API, January 2010 Ideas, Online Rights, Security
The twenty-sixth idea for my 365 social ideas is a new brand of charting service: A service designed for infographics, but with sharing, collaboration and synergy as an added side-effect.
The twenty-fifth idea for my 365 social ideas is a small simple idea: use Facebook notes or images combined with tags to display results of games. For instance, imagine a chess game, post the result of the game as a note on the game’s page with the final board, all moves made during the game and both players tagged. Or simply post the final board as an image and tag both players as well.
The twenty-fourth idea for my 365 social ideas is an idea for websites dealing in larger commodities like furniture, cars or even houses: Add private comments to the pages, that can be easily shared with friends and family, as this type of purchase is not something you do instantly, but spend time deciding.
The twenty-third idea for my 365 social ideas is a very simple one: Wrap a Safari browser in a Mac OS X application that opens on Google Docs as the first (and only) website you can see.
The twenty-second idea for my 365 social ideas is not really a clear-cut idea – yet. But I feel a need for a new website traffic analyzing service. Google Analytics is definitely the mostly used and best free service. But they have many shortcomings, and I definitely would like to see a new player enter this playing field. And while where add it, there are some new trends and actions, that current has a huge influence on current traffic trends, that you cannot track fully: social media traffic.
Last week the large Danish search, map and media company, Eniro, launched Streetview in Denmark, but only in the three largest cities, Copenhagen, Aarhus and Odense. Today, only a few days later, Google launches Streetview in the entire country – as well as in most of the Netherlands and the southern and northern parts of Sweden.
The twenty-first idea for my 365 social ideas is another gaming idea: create a set of classic flash-based games along the lines of break-out, tetris etc, but integrate a simple storyline with good and bad characters, places and items involved and make these configurable. You could through this create a game of your own life by inserting persons from your surroundings, places where you meet, stuff that you work with etc. and you could send this game to your friends and family and they could then play out the big game of your life.