I've been waiting several months (through multiple missed release milestones) for Sun to get a xVM Server general release out. I'm still running a bunch of VPS nodes under VMware Server in the meantime, and I'll probably be in the ground before Sun's product is released.
It's really a shame, considering how much I like xVM VirtualBox.
You're blaming a programming language and database platform for large-scale security issues? The vast majority of security incidents are clearly traced back to programmers failing to practice basic safe coding techniques. You can write crappy, insecure code in any language, linking to any given database, running on any given platform.
Neither can the author, apparently. Books like this are the dead-tree equivalent of "blogging for dollars" IMHO.
Re:If you want to feel secure...
on
Joomla! Web Security
·
· Score: 2, Interesting
I know your post was in jest, but you make a good point. A lot of folks are using CMS platforms to publish very simple websites, and wind up dealing with all sorts of security problems.
The issue stems from the fact that raw beginners don't have a good background in web development to start with, hence their need to use "point and click" publishing tools. While it's true that there's no such thing as a totally secure system, people rapidly find out that there's a lot more to safely hosting a company's website than clicking through a PHP installer page.
I used Joomla! (gotta love applications with punctuation in the name) extensively in the past for several sites, but wound up getting frustrated with the amount of effort I had to put into maintaining them. For the work involved, it ended up making more sense to roll a custom "mini-CMS" platform for a couple of sites, which fit the needs of their systems precisely without any extra cruft.
These days, when friends ask for an easy web publishing platform I simply set them up with a WordPress site on one of my servers.
I'll be looking at giving paying members access to extra features (member profile, bookmarking, communities), but all visitors will still have access to the primary resources.
A lot of sites seem to be moving to a "paid access only" model for the bulk of their content. I can't really speak for other online publishers, but I think a tiered approach is much better, and can prevent publishers from shooting themselves in the foot by losing a huge chunk of their visitor base overnight.
Advertising revenues continue to plunge for many sites these days, a trend I've felt myself for the few small sites I run that are ad-supported. I'm going to be deploying a "paid content" option myself for my main site in the near future, although I'm still planning on offering everything for free as long as people are willing to deal with the ads.
It's a difficult position to be in. Offering and maintaining content costs real money in time and resources.
It seems to me that Western mainstream media still regards bloggers (I'm not talking about journalists who happen to have blogs, I'm talking about pure bloggers) as some kind of group of fringe weirdos.
It seems the climate is changing somewhat, as CNN uses the concept of "iReporters" pretty heavily these days.
I wonder how much they're paying this prominent local blogger. There might be other methods of persuasion involved, too... forgive me for my automatic suspicion of any "investigation" the Chinese government conducts.
I think it's a tragedy that the first thing that came to mind reading your post involved a blood-spattered "furry" (as in a dude wearing some fluffy costume).
The Internet has done terrible things to my mind.
Do we really want a fully standards compliant Microsoft Browser? How can the next wave of standards be developed then?
Yes, we do want a full compliant Microsoft browser? This will have absolutely no impact on the development of new web standards to extend what we already have.
Slashdot Mirror
I've been waiting several months (through multiple missed release milestones) for Sun to get a xVM Server general release out. I'm still running a bunch of VPS nodes under VMware Server in the meantime, and I'll probably be in the ground before Sun's product is released.
It's really a shame, considering how much I like xVM VirtualBox.
"Get off my lawn" - Clint Eastwood, Gran Torino
I nearly died laughing the first time I saw a preview for that film. This is probably a good indicator that I spend too much time on Slashdot.
I have used 1.5, actually. I agree that it's a vast improvement over the way things were done before.
You're blaming a programming language and database platform for large-scale security issues? The vast majority of security incidents are clearly traced back to programmers failing to practice basic safe coding techniques. You can write crappy, insecure code in any language, linking to any given database, running on any given platform.
Neither can the author, apparently. Books like this are the dead-tree equivalent of "blogging for dollars" IMHO.
I know your post was in jest, but you make a good point. A lot of folks are using CMS platforms to publish very simple websites, and wind up dealing with all sorts of security problems.
The issue stems from the fact that raw beginners don't have a good background in web development to start with, hence their need to use "point and click" publishing tools. While it's true that there's no such thing as a totally secure system, people rapidly find out that there's a lot more to safely hosting a company's website than clicking through a PHP installer page.
I used Joomla! (gotta love applications with punctuation in the name) extensively in the past for several sites, but wound up getting frustrated with the amount of effort I had to put into maintaining them. For the work involved, it ended up making more sense to roll a custom "mini-CMS" platform for a couple of sites, which fit the needs of their systems precisely without any extra cruft.
These days, when friends ask for an easy web publishing platform I simply set them up with a WordPress site on one of my servers.
On the plus side, the case has been widely discussed in China's internet.
Emphasis mine, of course. I think that statement alone nicely illustrates the core problems with this whole concept.
Very good points, very well presented. Thanks for a great reply :).
I'll be looking at giving paying members access to extra features (member profile, bookmarking, communities), but all visitors will still have access to the primary resources.
A lot of sites seem to be moving to a "paid access only" model for the bulk of their content. I can't really speak for other online publishers, but I think a tiered approach is much better, and can prevent publishers from shooting themselves in the foot by losing a huge chunk of their visitor base overnight.
Advertising revenues continue to plunge for many sites these days, a trend I've felt myself for the few small sites I run that are ad-supported. I'm going to be deploying a "paid content" option myself for my main site in the near future, although I'm still planning on offering everything for free as long as people are willing to deal with the ads.
It's a difficult position to be in. Offering and maintaining content costs real money in time and resources.
It seems to me that Western mainstream media still regards bloggers (I'm not talking about journalists who happen to have blogs, I'm talking about pure bloggers) as some kind of group of fringe weirdos.
It seems the climate is changing somewhat, as CNN uses the concept of "iReporters" pretty heavily these days.
The word "belies" is used incorrectly as well. Engrish!
No.
I wonder how much they're paying this prominent local blogger. There might be other methods of persuasion involved, too... forgive me for my automatic suspicion of any "investigation" the Chinese government conducts.
Exposing your credit card information to an online criminal, for any reason at all, seems like a pretty awful idea to me.
I've got a few for you: bad lawyers, also known as shitty lawyers, working for a retarded law firm do really bad work.
If I was in that position, I would actively block IE6, and have a large banner for IE7 users suggesting Firefox.
Spoken like a man who doesn't earn a significant portion of his annual income from web-based enterprises.
Pretty soon half the worlds available computing power will be involved in a power struggle with the other half.
Internal conflict in the budding Skynet? Cool.
Replication in place of backup is exactly what got this guy screwed in the first place.
I think it's a tragedy that the first thing that came to mind reading your post involved a blood-spattered "furry" (as in a dude wearing some fluffy costume). The Internet has done terrible things to my mind.
It's the concept, idiot.
On the Internet, nobody knows you're a man aspiring to be a chick.
Do we really want a fully standards compliant Microsoft Browser? How can the next wave of standards be developed then?
Yes, we do want a full compliant Microsoft browser? This will have absolutely no impact on the development of new web standards to extend what we already have.
He's speaking the language of the deal.