In Issue No. 324 of A List Apart, for people who make websites:
Web Cryptography: Salted Hash and Other Tasty Dishes
by LYLE MULLICAN
One of the most powerful security tools available to web developers is cryptography—essentially a process by which meaningful information is turned into random noise, unreadable except where specifically intended. A web developer working on an underpowered netbook in his basement now has access to cryptosystems that major governments could only have dreamed of a few decades ago. And ignorance of cryptography is not bliss. You may think your web app’s profile is too low to worry about hackers, but attacks are frequently automated, not targeted, and a compromise of the weakest password in your system can often give access to the rest. Learn the three broad categories of cryptosystems commonly relate to web applications and begin strategizing how to make your site secure.
Rapid Prototyping with Sinatra
by AL SHAW
If you’re a web designer or developer, you’re well acquainted with prototyping. From raw wireframing to creating interfaces in Photoshop, designers map out how sites will work before they create them. Over the past few years, the protoyping process has changed significantly. With browser makers generally agreeing on web standards and the rise of tools such as Firebug and WebKit’s web inspector, we can sometimes skip Photoshop and go straight to the browser. Plus, JavaScript frameworks like jQuery let us play with browser events with only a few lines of code. But what if we need to do even more? As websites increasingly become web apps, we now need to prototype backend functionality, too. Learn how Sinatra, a so-called “micro” web framework, helps you create real (albeit simple) web apps extremely fast, letting you prototype flows and behavior you may want to integrate into a final product.
