Jun. 28th, 2011

terriko: (Default)
As some of you may know, my last paper was on visual security policy (ViSP), a neat idea I had about how to add security policy to a website in a way that was more in line with how sites are designed. I based it on my own knowledge working as a web designer, as well as ideas from a variety of friends who have or do work in the web space professionally and not.

You can read my presentation the larger run-down or read the paper, but the idea behind ViSP is that it's sometimes very useful to subdivide pages so that, say, your advertisement can't read your password, or that funny video you wanted to embed doesn't get access to post blog entries, or whatever. Sadly, right now anything embedded in the page gets access to anything else unless some awfully fancy work has been done to encapsulate parts of the page. (And given how much people tend to care about security in practice, this doesn't get done as often as it should.) We currently just trust that any includes will play well, which is super awkward since malicious code can be inserted into around 70% of websites and you can't very well expect malicious code to play nicely.

Anyhow, I digress.

I'm updating this particular policy tool so that I can generate some policies to test, because I'm tired of building them manually, and my not-terribly-scientific method of clicking randomly on things to make policy has turned up a problem: what happens if you want to set policy for an element that's just one of many paragraph tags or whatever, not assigned an id?

With ViSP, we assigned an index based on how many such tags we'd seen, but I figured while I'm updating this surely I could find something more standard...

Turns out, no, that really is the best way to do it. At least according to the selectors API, which includes a nth-of-type() pseudo-class that seems to do pretty much what I want.

So now, if you're using my tool and wanted to define policy for a given tag, any given tag, we can make that work for you by building up a CSS selector to find it. Of course, it'd probably be cleaner to read if you only set policy on tags with ids or classes, but I don't have to require that as an additional hurdle to policy creation. I figure this is likely a net usability win when it comes to policy generation, and let me tell you, security policy is not a field known for usability wins. (So much so that if I google search for the words security policy and usability... I see a post by me on the front page suggesting usability studies on CSP.)

Anyhow... Thanks to having to learn querySelector earlier, I was already primed to create querySelectors for uniquely defining tags. Thanks Mozilla documentation! You're a terrific coding wingman, introducing me to all these awesome apis. ;)
terriko: (Default)
Continuing my catch-up of book reviews, this is the graphic novels section. It's the longest one, unsurprisingly!

Graphic Novels

New and interesting

A Home for Mr. Easter by By Allen, Brooke A.
Cute little comic about a girl who rescues a very special bunny and then tries to get him home. I wasn't sure about the book at first because, frankly, I don't usually enjoy reading about other people's body issues and it starts with her being bullied, but once the story picked up and she was the heroine rather than the victim, it was totally worth it.

Oishinbo: Fish, Sushi and Sashimi: A la Carte By Kariya, Tetsu
John's comic book guy recommended this series to him, and since the guy has a pretty good success rate (only one miss thus far), I figured I'd look it up even though John didn't decide to buy it. It's a story about some reporters (?) who are aiming to create the ultimate (Japanese) menu and are going around learning about food... and about people. It grabbed me a lot more than I thought it would, with the stories telling me not only how to prepare fish, but a lot about the personalities involved with excellent food, and how knowing people can make it much easier to make them happy, regardless of the food. Surprisingly compelling storytelling intertwined with an interesting little premise.

Foiled By Yolen, Jane
A fantastic, well-told and well-illustrated tale of a girl who fences and falls for a boy... only to discover that her powers go way beyond championship fencing. A great urban fantasy I'd totally recommend to younger girls.

Stargazer Book 1 By Allan, Von
This feels a little like Myst, if that makes sense? Three friends wind up in a world strangely empty but filled with mysteries. The girls are scared but curious, and they start exploring. Apparently the author's local to me!

Aaron and Ahmed A Love Story By Cantor, Jay
A nurse who's lost his love when the towers fell tries to do something for his country by working in Guantanamo Bay as a torturer, but finds himself befriending a prisoner and... well, I really can't say much without spoiling the story. Love, hate, faith and patriotism seen through an unusual tale.

Spider-Man Loves Mary Jane: Sophomore Jinx
I just got this because it was Terry Moore, despite the fact that I'd seen it before and been kinda turned off by the "Spiderman as an Archie comic" vibe I got from it. That said, teen superhero comic where the main character is actually Mary Jane? Actually pretty darned fun, even though it really a teen drama with the backdrop of superheroism. Even though it's clearly "comics for girls", I found it actually endearing, so I'll pick up some other volumes.

The continuing story...

Here's a few where I've reviewed others from the same series:

Read more... )


These were actually all enjoyable, but not books I'd recommend you go out of your way for.

Read more... )


terriko: (Default)

September 2017

3456 78 9
1011 121314 1516

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Sep. 26th, 2017 12:12 am
Powered by Dreamwidth Studios