I haven't heard much about the book since it was released, so I think my assumption about the popularity of the book was correct. To 'true' fans, 'Children', and all other books by JRR will always be popular; to the general populace, The Hobbit and LoTR are pretty much it. I have not read the Children of Hurin, but I will say that I liked the Silmarillion. I would never, ever, have read it if I hadn't already read LOTR and liked the mythos enough to want to learn more about it. However, I don't see that you have to be some kind of hardcore fan to have that kind of experience, because I would not consider myself a hardcore fan.
Then again, I actually like reading the Old Testament for non-religious reasons, so maybe I have unusual tastes anyway.
While there is good advice here, the fact that people find themselves in the position using Slashdot as the place to learn this stuff, says that the state of security awareness in the web development "industry" is poor.
Assuming that the developers who are ignorant of all this are newer or less experienced developers, the company they work for should train you about this stuff when they hire you. Otherwise they work for a sucky company.
If you are on your own working freelance, not part of a software company, it's a dog eat dog world out there my friends you better be prepared.
The problem is the IT security community can't name things for shit.
The term XSS has long, long, since been overloaded to mean HTML/Javascript injection problems in websites. It makes no sense but that's what people call it.
Slashdot Mirror
I have not read the Children of Hurin, but I will say that I liked the Silmarillion. I would never, ever, have read it if I hadn't already read LOTR and liked the mythos enough to want to learn more about it. However, I don't see that you have to be some kind of hardcore fan to have that kind of experience, because I would not consider myself a hardcore fan. Then again, I actually like reading the Old Testament for non-religious reasons, so maybe I have unusual tastes anyway.
While there is good advice here, the fact that people find themselves in the position using Slashdot as the place to learn this stuff, says that the state of security awareness in the web development "industry" is poor. Assuming that the developers who are ignorant of all this are newer or less experienced developers, the company they work for should train you about this stuff when they hire you. Otherwise they work for a sucky company. If you are on your own working freelance, not part of a software company, it's a dog eat dog world out there my friends you better be prepared.
The problem is the IT security community can't name things for shit. The term XSS has long, long, since been overloaded to mean HTML/Javascript injection problems in websites. It makes no sense but that's what people call it.