Ross Fenning

Facebook has been home to no shortage of awkward or destructive moments for some users with one woman getting fired for speaking ill of her boss, another woman losing insurance benefits after the company dug up photos of her on holiday and thirteen employees of Virgin Atlantic being sacked for comments made on the website. It is clear that many users willingly put up private information without due consideration of the consequences of certain eyes viewing it.

Did these users bring it on themselves? Is Facebook responsible for its handling of privacy in these cases and similar ones? Facebook has certainly been under attack a lot for "privacy concerns", so what can be done about it if these attacks are justified?

Read more...

Comments

As stated in the previous article about the difference between authentication and authorisation, it is important to understand the different aspects of security in order to control access to resources in as secure and as user-friendly a way as possible. However, the step of authentication itself — the act of ascertaining who a person is — comprises the two components of identity and trust.

Read more...

Comments

At some point whilst interacting with many websites or web-based applications and services, users are asked to state and prove who they are. Whether this is to make sure only that user edits their own profile or it is for secure financial transactions, identity, trust and authorisation underpin almost any secure communication. Here, I will break down the basic, distinct components of user identification and show why the distinction between them is important for designing or even using a secure system.

Read more...

Comments

In my previous post about building RossFenning.co.uk, I only covered the basic templating system which is suitable for applying a common theme to several pages. However, this still requires making a file for each page on the site. Clearly, this is not how blogs with potentially thousands of entries are done sensibly on the web.

Read more...

Comments

One of the primary purposes of this blog will be to describe different projects as I am working on them and my experience with software tools old and new. My personal approach tends to be one of minimalism and flexibility; I rarely buy into large products or applications when a smaller one will do. It could be argued to be an extension of the Unix philosophy of "do one thing and do it well". My personal feeling tends to be that one application that does many things won't do any of them nearly as well as individual, lightweight tools combined together. Generally tools built with this philosophy in mind will work better together.

Read more...

Comments

Comments