Thursday, March 17, 2011

Simple Autocomplete

IRCTC - India's Rail Ticket Booking Website which is sought to be a secure platform for the citizens booking their tickets has few simple security configurations missing.

An example is the auto-complete not set to off on their payments page - a practice which most of the secure web applications follow for sensitive pages right from login page. Below is a snapshot.

Tuesday, March 15, 2011

Past few months

Readers,

For the past few months or rather lemme say a year, I haven't been actively writing out here. I have been spending my time on other security aspects of my life. I secured myself from being a bachelor (got married :D), secured my Post Graduation (completed my Executive Management from IITB) and secured my job too. :)

Interestingly am back into security work doing a product development in space of data privacy. There have been many trends that I have been watching and techniques which I have learnt. Will be sharing via blog posts often now.