No account needed — data saves in your browser only

THE GRID

TECHNICAL REFERENCE
Beta — Standards & Security Architecture

§1. Formal Definition

Per the IEEE Standard #1012, published 2016 (Software Verification & Validation), Beta testing is defined as "validation testing conducted by representative users in a target environment to determine whether a product meets customer needs."

Per ISO/IEC 25010:2011, software quality is evaluated across security, reliability, and usability during beta.

§2. Release Lifecycle

Pre-Alpha → Alpha → Beta → RC ← HERE → Stable

§3. Industry Precedent

Gmail — Beta for 5 years, millions of users
Windows Insider — Millions run beta builds daily
Apple — Public iOS/macOS betas annually
Firefox — Permanent beta channel

§4. Security Architecture

🔒 TLS/SSL Encryption
All connections encrypted. Same standard as banks & government sites.
IETF RFC 8446 — TLS 1.3

🔑 bcrypt Password Hashing
Passwords never stored in plain text. Bcrypt with unique random salt per user. Brute-force impractical by design.
USENIX 1999, Provos & Mazières

🛡️ Injection & XSS Prevention
PDO Prepared Statements block SQL injection. htmlspecialchars() prevents XSS.
OWASP Top 10: A03 & A07:2021

🔐 Session & Privacy
Server-side sessions only. No third-party tracking. No data sharing. Demo uses localStorage only — nothing sent to servers.
OWASP Session Management

§5. What Release Candidate Means for You

✅ All features operational
✅ Data encrypted & secure
✅ Password unreadable to anyone
✅ Bugs fixed promptly
✅ Your feedback shapes the product
✅ One step from Stable Release
✅ Core functionality verified
✅ Only minor polish remains
✅ Safe for everyday use

IEEE Standard #1012 (2016) · ISO/IEC 25010 (2011)
IETF RFC 8446 · OWASP Top 10:2021
Provos & Mazières (1999) USENIX

Forgot password?

Don't have an account? Press here to create one

🎮

Budget Quest

UNLOCK ACHIEVEMENTS. OWN YOUR PURCHASES.

Sign up and track your spending to play Budget Quest — a game built into THE GRID where every purchase becomes yours. Earn badges, build streaks, climb levels, and see your spending story come to life.

🏆 14 Achievements 🔥 Streak Tracking 📈 Budget Score 📍 Location Leaderboard

Free • Private • Your data stays yours

⚠️ Budget Quest is in beta — stable release in a couple months. THE GRID is fully functional now.

TECHNICAL REFERENCE
Beta Software — Definitions, Standards & Security Proofs

§1. Formal Definition

Per the IEEE Standard #1012 (published 2016) on Software Verification & Validation, Beta testing is defined as "validation testing conducted by representative users in a target environment to determine whether a product meets customer needs and business requirements."

Per ISO/IEC 25010:2011, software quality is measured across functional suitability, reliability, security, maintainability, and usability — all of which are actively evaluated during the beta phase.

§2. The Software Release Lifecycle

Pre-Alpha → Alpha → Beta → Release Candidate ← YOU ARE HERE → Stable Release

Pre-Alpha: Early development, incomplete features.

Alpha: Internal testing by the developer. Core functions built.

Beta: Fully functional. Released to real users for feedback and refinement.

Release Candidate: Final testing. Only critical fixes applied.

Stable Release: Official public release. Production-ready. New features & enhancements delivered regularly 🚀

§3. Precedent — Industry Beta Releases

Google Gmail — Public beta from 2004 to 2009 (5 years). Served hundreds of millions of users in beta with full data integrity.
Microsoft Windows Insider — Millions of users run beta Windows builds daily as part of the development process.
Apple Public Beta — iOS and macOS betas are used by millions annually before official release.
Mozilla Firefox — Maintains a permanent Beta channel alongside their stable release.

Beta testing is standard practice across the entire software industry.

§4. Security Architecture of 13months.ca

The following security measures are implemented and active on this website:

🔒 Transport Layer Security (TLS/SSL)
All data between your browser and our server is encrypted using TLS. Same standard used by banks, hospitals, and government websites.
Standard: IETF RFC 8446 — TLS 1.3 Protocol

🔑 Password Hashing — bcrypt
Your password is never stored in plain text. Hashed with bcrypt (Blowfish cipher-based). Each password has a unique random salt.
Standard: USENIX 1999, Provos & Mazières

🛡️ SQL Injection Prevention
All database operations use PDO Prepared Statements with parameterized queries.
Standard: OWASP Top 10 — A03:2021 Injection

🧹 XSS Prevention
All user-generated output sanitized using htmlspecialchars().
Standard: OWASP Top 10 — A07:2021 Cross-Site Scripting

🔐 Session Security
Server-side PHP sessions only — not in cookies or local storage. Validated on every protected page.
Standard: OWASP Session Management Cheat Sheet

📋 Privacy Commitment
• No third-party tracking or cookies
• No data selling or sharing
• Demo mode uses localStorage only — nothing sent to servers

§5. What Release Candidate Means for You

✅ All features fully operational
✅ Data encrypted & securely stored
✅ Password unreadable to anyone
✅ Bugs fixed promptly
✅ Your feedback shapes the product
✅ One step away from Stable Release
✅ Core functionality tested & verified
✅ Only minor polish remains — no major changes expected
✅ Safe for everyday use — this is nearly the finished product

References:
IEEE Standard #1012 (2016) · ISO/IEC 25010 (2011)
IETF RFC 8446 · OWASP Top 10:2021
Provos & Mazières (1999) USENIX

THE GRID

Sign in

Sign up