Homebrewing and Vermont Beer

Google AdSense

My Vermont Brewery tours were delayed a bit due to spending most of our weekends doing home improvement projects and yard work. Also, during the last few months I did get a chance to launch http://www.vtbeer.org and develop a WordPress plug-in using RateBeer API. Finally, I got the chance to make another small batch (1 gallon) of beer. Continue reading

How to convert a street address to longitude and latitude (geocoding) via web services (Google)

Google AdSense

Several years ago, I wrote a blog entry detailing how to use geocoder.us (and Yahoo!) web services to geocode an address. Since then both web services have changed a little and I found myself needing to update my code to support non-US locations. Below is sample code showing how to use Google’s Geocoding web service to get longitude and latitude values for addresses.
Continue reading

Securing ASP.NET Web Sites: Cookie Vulnerabilities

This is the first of my series on securing ASP.NET web sites. As I work through various vulnerabilities, I’ll document instructions for fellow web developers in hopes that we can help build more secure web applications. The Cookie Vulnerability falls under the common vulnerability name of “Broken Authentication and Session Management.”

What is “Broken Authentication and Session Management”?

This cookie vulnerability is OWASP 2010 A3. You can read more at Top 10 2010-A3-Broken Authentication and Session Management. This threat applies to application functions related to authentication and session management not implemented correctly, allowing attackers to compromise passwords, keys, session tokens, or exploit other implementation flaws to assume other users’ identities.
Continue reading