The Paranoid Web Developer.
I may well have a reputation for being security-conscious to the point of paranoia. I say that you can't be too paranoid; nobody writes articles extolling the virtues of web sites that haven't been hacked. Check out these articles about the devious and clever Cross-Site Request Forgery technique.
Plenty to worry about, huh, web devs? Remember: just because you're paranoid, doesn't mean they aren't out to get you.
For most regular web-surfers, I think that here's little to worry about here. Users can protect themselves by logging into accounts only when needed, and logging out when done.
Tags: paranoia security