Archives for the Date June 29th, 2007

OpenID security issues

Background I contacted MyOpenID about a vulnerability I found with their system, I was really impressed with these guys, they responded to my email in a day and within 2 days they had fixed the problem. I decided to keep quiet about this vulnerability because many other providers contained a similar flaw and I worked […]

Safari same origin hole

Background Whilst investigating same origin javascript policy with Ronald from, I found another vulerability in Safari 3.02 beta on windows, it could also work on OS X but I haven’t tested it. Normally I would have reported this to Apple before releasing the details however the last time I found a problem with Safari […]