Are Ruby Session ID’s Secure?

The question of the security of cookie-based session storage in Rails has pretty much been settled it seems to me. Out of the box, Rails uses cookie-based session storage. When you generate a new Rails app you get a nice new 128 character long (numbers and lowercase letters) secret set in config.action_controller.session[:secret] in your Rails::Initializer. [...]

Posted at 7pm on 10/14/08 | 2 comments | Filed Under: Ruby, Ruby on Rails, security | read on

Thought Propulsion™ is Go For Burn

The Thought Propulsion™ corporate site is up and running. For the technically inclined, here are some interesting facts:

hosted on Amazon EC2
using the extremely slick EC2 On Rails Ubuntu/Ruby on Rails virtual appliance
there’s a tasty microformatted hcard on the contact page (check it out with Operator)
OpenID login (foreshadowing)

And of course a nice gray and orange theme [...]

Posted at 10am on 9/25/08 | 3 comments | Filed Under: OpenID, Ruby on Rails, Web as Platform, design, iphone | read on

About

Bill Burcham is main propeller for Thought Propulsion™—an iPhone and Web application development company based in sunny Portland, Oregon.

Recently

Categories