Web Vulnerability Scanners

One of the many classes I teach is CMWEB 270 – Web Application Security. I thought it might be helpful to readers to review a couple of the tools one can use to automatically scan for website vulnerabilities. I consider it good practice to use a number of tools. Obviously, I recommend only using these tools on your own websites. Patch any vulnerabilities you discover. Two introductory tools are Tenable Nessus and Subgraph Vega. Yes, there are many other tools available, I focus on these because they have a significant amount of documentation and are relatively easy to use. Let’s look at each tool in a little more detail. Read more »


Fixel is an iOS app from Adobe Labs which runs on either iPad or iPhone. Sorry, no Android capabilities. Many thanks to my colleague, Matt Clasener, for making me aware of this app. Essentially, it allows you to clean up your images (remove unwanted litter from a photo, for example). The logo is shown below.

Fixel Logo

When you open the app for the first time, you are presented with a short tutorial. A screen capture of the gestures is shown below.

Fixel Gestures

Essentially, you highlight the part of the image that you want to “clean up” and Fixel does the rest. I thought the easiest approach would be to show you a short video covering the fundamentals of this tool.

Fixel from Mark DuBois on Vimeo.

What experience do you have with this app? How might you use it? As always, I look forward to your comments.


I recently became aware of an interesting app from Adobe Labs – PaintCan.

iOS PaintCan app

Many thanks to Tom Green for making me aware of this iOS app (sorry, no Android version). For those of us with limited graphical talent, we can now paint using just our fingertip. We can work with part (or all) of an image and apply brush strokes. There are a number of examples provided and a variety of presets. Read more »


Augmented reality is a concept which has fascinated me since I first learned about it a number of years ago. I was recently exposed to Aurasma by a colleague. This is an app which runs on iPhone and Android devices and allows you to scan an image to display additional information (typically a video). There is a corresponding Aurasma Studio you can use to create the appropriate linkages for your content. You create an aura. This is similar to a QR (Quick Response) code in many aspects, except that the code can be any image (or a physical location). So, how does all this work? Read more »

Amazon Echo

This may come as a surprise to readers of this blog, but I do like to stay on top of technology. Recently, Amazon unveiled the Echo. Of course, I had to try one out. What is it? Good question. Think intelligent radio (on steroids). You interact with the device almost entirely via voice. Yes, there is an app for your smart phone or tablet. However, the majority of time you talk to the computer. It arrived on January 23, 2015 and it took all of 15 minutes to set it up and have it working. This included 25 sentences of voice training. Let’s take a look at the device as well as the app. Read more »

Pebble Programming Fundamentals

Discussions at our January WebProfessionals and Adobe User Group meeting inspired me to do some more investigation into programming my Pebble watch. Brian – thanks for the nudge. I needed to get started on this. Most of the programming is done using the C language. However, there is also the capability of using JavaScript (based on Simply.js). In fact, there is a beta version of Pebble.js available. I used CloudPebble to develop my initial apps (which contains Pebble.js). In a manner similar to Adobe PhoneGap, one uses the CloudPebble site to create, build, debug and install your work. One can access their own watch and directly install to that device. Obviously you need a watch and an account at CloudPebble. You can then create a project. In my case, I followed several tutorials to better understand the fundamentals. I found these to be great resources and recommend others use these posts as a starting point.

  • Your first WatchApp (using the C language) – I found this to be an excellent starting point.
  • Your first WatchFace (again using C) – This was a continuation and includes the use of images.
  • Build a WatchApp with Pebble.js – this is the one I will focus on since students in the CMWEB program can leverage their JavaScript skills. Yes, knowledge of AJAX and JSON is required.

Read more »

Book review – guide to creating dynamic websites

The January 2015 issue of Choice Magazine published my review of Nixon, Robin. Learning PHP, MySQL, JavaScript, CSS & HTML5: a step-by-step guide to creating dynamic Websites. 3rd ed. O’Reilly, 2014. 700p index ISBN 9781491949467 pbk, $49.99.

Given that many readers of this blog may be interested in this book but may not have ready access to the Choice Magazine website, I thought it appropriate to paste a copy of my review here. As always, I look forward to your comments.

“Nixon (UK writer) packs a wealth of information into this new edition (2nd ed., 2012; 1st ed., 2009).  The book begins with an overview of dynamic web content and a description of how to set up a local testing environment (for Windows, Mac, and Linux systems).  A presentation of the fundamentals of PHP coding follows; more emphasis on object-oriented PHP would have been helpful.  Later chapters cover MySQL (including both command line and phpMyAdmin approaches to administering data stores).  Forms and session objects along with a review of HTML5 enhancements to forms are discussed, although additional information on making forms (and other objects) more accessible would have been useful.  Other topics addressed include JavaScript and Ajax, CSS (including CSS3), manipulating CSS with JavaScript, HTML (with an emphasis on HTML5), and HTML5 Canvas, Audio, and Video.  A social networking site is created in the final chapter.  Code examples (and updates) are available at the corresponding website.  Throughout the book, the author includes references to secure coding.  Given the numerous breaches one often reads about these days, it is refreshing to see security integrated into the text rather than being tacked on as an afterthought.”

Related Posts Plugin for WordPress, Blogger...

Next Page »