cryptographic signing – perhaps to generate one-time url for results download
From Client-side Encryption to Secure Web Applications by
Submitted to the Department of Electrical Engineering and Computer Science on April 24, 2013, in partial fulfillment of the
requirements for the degree of
Master of Science in Computer Science and Engineering
This thesis presents an approach for designing secure web applications that use client-side encryption to keep user data private in the face of arbitrary web server compromises, as well as a set of tools, called CryptFrame, that makes it easier to build such applications. Crypt- Frame allows developers to encrypt and decrypt confidential data in the user’s browser. To ensure an adversary cannot gain access to the decryption keys or plaintext data, CryptFrame provides a browser extension that stores the keys and allows only sensitive regions in the web page to access them. CryptFrame performs templatized verification of sensitive regions to grant small amounts of trusted client-side code access to plaintext data in the browser. Finally, CryptFrame provides a principalgraph to help users safely change permissions on shared data in the presence of active adversaries. We use CryptFrameto modify several existing Django-based applications, requiring few source code modifications and incurring moderate performance overhead.
Thesis Supervisor: Nickolai Zeldovich Title: Associate Professor
Drupal Webforms (https://drupal.org/project/webform) lets power users create their own forms through a web interface, choosing the types, labels, number, etc. of fields they want. It then can present the form to final end users to fill out, and collects the data in the database. Admins can then view the results tabularized online or download as CSV.
they are sayin we software devs are becoming world rulers. well the economy anyway. works for me. (-:
in python, try this:
it takes you here:
>>> import this
The Zen of Python, by Tim Peters
Beautiful is better than ugly.
Explicit is better than implicit.
Simple is better than complex.
Complex is better than complicated.
Flat is better than nested.
Sparse is better than dense.
Special cases aren’t special enough to break the rules.
Although practicality beats purity.
Errors should never pass silently.
Unless explicitly silenced.
In the face of ambiguity, refuse the temptation to guess.
There should be one– and preferably only one –obvious way to do it.
Although that way may not be obvious at first unless you’re Dutch.
Now is better than never.
Although never is often better than *right* now.
If the implementation is hard to explain, it’s a bad idea.
If the implementation is easy to explain, it may be a good idea.
Namespaces are one honking great idea — let’s do more of those!
Funny programming comic:
hmm, so treeview situation with Angular vastly improved.