Profile cover photo
Profile photo
Grant Kemp
390 followers -
Omnichannel and Mobile Manager for Inviqa/ Sessiondigital.com
Omnichannel and Mobile Manager for Inviqa/ Sessiondigital.com

390 followers
About
Grant's interests
View all
Grant's posts

Post has attachment

Post has attachment

Post has attachment

Post has attachment

Post has attachment
Really Impressive service by MageCloud for those looking to host Magento on Amazon EC2 without stress.

Post has attachment
Grant Kemp commented on a post on Blogger.
What do we do if we want to test pre-live environments? Is there a list of which Ip addresses to whitelist when we test?

+Hoi Lam  I have been conducting a secret experiment.  The Sky Box has been put in the cupboard, the TV aerial has been cut (seriously) and we have been using 2x chromecasts as out sole source of TV..  Post(s) coming soon on Androidbloke... ;) 

Post has attachment

Post has shared content
+Todoist also does this really bad security practice on iOS.

I just switched over to any.do because they implement Google sign in properly. 
Dear users, whenever an app asks you to login using Google (or most other SSO providers, like Facebook) inside of a webview in the app itself, do not do it.
The reason is simple: the app can control the webview contents, and access the account data you enter in a lot of ways, including getting you to a fake login page.
If you're using Google to log into an app, only do it using the native account authorization flow (no account data entry required). Similar thing for Facebook in some cases, and Dropbox as well.
Twitter is the notable exception here as it doesn't have a native flow. It is though still possible to send the user to the system browser, so that the identity of the SSO provider can be verified (https sign, visible url, etc).

Developers, please don't ever do this. This is not needed, secure nor a good UX. 
Photo
Wait while more posts are being loaded