Piccalilli's resource offers insights, tutorials, and resources for frontend developers and web designers. Readers can learn about HTML, CSS, and JavaScript techniques, as well as design principles and accessibility. With articles, tutorials, and design showcases, Piccalilli provides  guidance and inspiration for creating modern and accessible web experiences.

Feisty Duck

Google has introduced Device-Bound Session Credentials (DBSC) to combat session hijacking attacks that have evolved from network-based cookie theft to malware-based credential stealing. DBSC uses public-key cryptography to bind sessions to specific devices, creating key pairs stored securely in hardware like TPM on Windows. This makes stolen session tokens useless on other devices, potentially ending session hijacking if adopted by other browser vendors. The technology is currently in beta for Google Workspace users on Chrome for Windows.

Google Debuts Device-Bound Session Credentials Against Session Hijacking