Terence Eden’s Blog

Huffington Post UK XSS Flaw (Disclosed & Fixed)

The UK version of the Huffington Post was vulnerable to an XSS flaw. This allowed any malicious user to inject images, video, text, and JavaScript into the page. Although the above image show a very silly use of XSS, it could quite easily be used to craft a page to encourage journalists and readers to enter their passwords - and then send them off to criminals. What's unusual is that it…

Continue reading →

Should Journalists Bother Checking Sources?

journalism · 300 words · Viewed ~291 times

Journalist reposting a fake tweet about Fukushima.

OMG WE'RE ALL GOING TO DIE!!!!111!! (Subsequently deleted but still available at Fadah Jassem's tweet) Let's take a look at the article and see if we can determine if this is a trustworthy source... Hmmm... I see "9/11 Truth", "Bilderberg", "Chemtrails" right next to the image. There's a conspiracy corner in the top right. We haven't even got below the fold yet. Now, that's not to say that …

Continue reading →