Responsible Disclosure: SVG injection in Three.co.uk

by @edent | , , , , , | 4 comments | Read ~539 times.

The website has a circle drawn on it.

Here's a quick write-up of a minor XSS (Cross Site Scripting) vulnerability on the website of Three.co.uk - one of the UK's mobile providers. A brief recap... Most websites have a search function. If you search for something which cannot be found, the site will often say "No results found for XYZ." If we can…

The Usability of Unboxing

by @edent | , , , , | Read ~330 times.

Home Signal Box.

I review a lot of tech kit. It is amazing just how bad the consumer experience is when you have a brand-new box in your hands. It can be as simple as difficult to open packaging, to the existential horror of a poorly translated manual. The first time a customer holds your product in their…