Banshee was built to be secure. And because complexity is the enemy, it's small and easy. That led to a very fast framework. But despite of being small, it has many features, like weblog, a forum, newsletter, photo album and basic webshop functionality and libraries for databases, e-mail, HTTP, logfiles, etc. Worth giving it a shot.
There is only one Moon, the satellite circling around the planet Earth. All other astronomical object we refer to as moons are satellites. And no, the electronical satellites we bring into orbit are actually called 'artifical satellites'. So, moomoons makes no sense at all.
A language is just a language. It's the developer who makes code crap or good. It's very easy to start developing with PHP. Because of that, many young and unexperienced developers use PHP. That and only that is the reason why so much PHP code is crap. It has nothing to do with the language itself. With PHP, it's very well possible to write good, solid, fast and secure webapplications. You want proof? Check out the Banshee PHP framework.
When downloading wasnâ(TM)t illegal and The Pirate Bay wasnâ(TM)t blocked in the Netherlands, I downloaded a lot and bought the movies I liked. Being a movie fan, it was quite a lot. But now (thanks BREIN), I donâ(TM)t download anymore. I havenâ(TM)t bought a new movie for at least half a year.
Sorry, but this 'review' makes no sense at all. Your 'sum-total of the security features'... I have no idea what you looked at, but you clearly didn't look at Banshee. Or at least, not in a serious way.
Yeah, sure. Blame the kid. Don't talk about how you fucked up your security so bad that even a kid can bypass it. No, focus on how you were done wrong.
Seriously, if a small kid can bypass your security, you deserve to be 'hacked'. No mercy for incompetence!
Yes! Use a chat-app that uses end-to-end encryption instead. You can share the same information, but with more privacy. For information you really want the share with the rest of the world, use something like a blog.
We need more software that are secure by design. There is no reason to have a tool like memcached available for the entire internet. The memcached developers should have made it listen to localhost only by default. The setting to make it listen to other interfaces should be well explained in the manual, with all the risks and are-you-sure-you-want-this warnings.
I totally agree that Wordpress is a 'hodgepodge of spagetticode'. The only way I've used Wordpress in the past is during my courses Secure Web Development, to show students how not to write code. After so many patches, Wordpress' code may be secure. But what makes it insecure is that it doesn't provide a solid base for plugin developers. It doesn't support, encourage or enforce plugin developers to write secure plugins. So, while many people only blame plugin developers for Wordpress, I also blame Wordpress itself and its developers for it.
Secure code is one thing, provable secure code is another thing. Provable secure code allows you to easily and quickly prove that changes to the code, which is what plugins do, don't affect the security of the code. Wordpress' code may be secure, it's definitely not provable secure code. And provable secure code is definitely what is needed for a piece of code that powers 30% of all websites!
As a parent, I totally agree with this. My eight year old son is already asking about when he gets his own mobile phone. Some friends of him already have one! Insane! Kids at that age are not ready for the internet and communication like that. If they learn to communicate via digital devices instead of directly, they miss essential things like non-verbal communication. This will seriously affect them if you ask me.
I know I can't go around giving him a mobile phone when he goes to high school, otherwise he will be left out of a lot of social events. This nation wide ban removes the difficult discussion between schools and parents. I wish they would do this in my country too.
I think that most frameworks and CMS's don't provide the right security that is needed to create a secure website. They offer protection against SQL injection, XSS and other common attacks, but don't provide a means for developers to make sure they used it correctly. Look at all the Wordpress plugins that keep on being vulnerable. How do you know a plugin is secure or not? In my opinion, there is a big difference between secure code and provable secure code. So, it's not only web developers making the same mistake. It's also frameworks and CMS's not providing a true secure base.
In the framework I make, I always keep in mind that some other developer will use my code to build an actual website. How will that developer use it? How to make sure that developer uses it correctly? Whenever possible, I make sure that things are secure and restricted. If you want to do things that are potentially insecure, you have to disable certain security checks. For example, all output is escaped to prevent XSS. If you really want to output HTML, you have to disable the escaping. My framework comes with a script that performs a security audit for common errors. I really think that my framework is the most secure available and it's very hard to build something insecure with it that is hard to detect.
Biometrics are often heard as the alternative for the password. To see if that's a good alternative, let's take a look at the characteristics of both username and password.
The username
- It's not secret. It's often your name, e-mail address, employee number, etc.
- It's very common for people to have the same username at different systems. Specially at companies.
- Changing your username is not possible in most cases.
The password
- It should be kept secret.
- For improved security, you should choose a different password for each system.
- Most systems allow you to change your password.
Now, let's take a look at the characteristics of biometric information:
- They are not secret. You leave your fingerprints everywhere and with high resolution camera's it's not difficult to take your iris scan.
- Since you have only 10 fingers and two eyes, you will probably have the same biometric ID for many systems.
- You are not able to change any of your biometric information.
Conclusion: biometric information is more like a username than like a password. So, the only way to properly use biometrics is to use it for identification, not for authentication. Giving biometric information to the government for authentication purposes, is dangerous. The government probably doesn't understand this topic very well, so they will probably use it in the wrong way (for authentication). Because they believe it to be more secure (thanks to all the sales talks of companies selling biometric stuff), you end up having an even more bigger problem than now in case of identity theft.
No, that's the old way. In a modern world, automated guns are placed at the corner of every street. It will open fire at everything that sounds like a gunshot. The only way to stop shootings like this. And it will make the excuse "guns don't kill people, people do" invalid. Developing, installing and maintaining such automated guns will also create a lot of jobs. It's gonna be great.
We recently bought a Windows 10 laptop for our oldest son. (for schoolstuff, games, etc). He wanted to use Skype, because that's what his friends use for talking while gaming. Skype... what a piece of **** software. After setting up a Microsoft account, Microsoft comes with some bullshit in order to get our phone number (blah blah account abuse blah blah we need to send SMS). Windows 10 and all other Microsoft is nothing but shitty spyware.
For communication during games, me and some friends use Teamspeak. No bullshit, not spyware, no hustle, it just works. One of these days, I'll offer my son and their friends an account at my Teamspeak server as well. After 2 days, Microsoft already made me hate Skype.
Slashdot Mirror
I don't like the F-5...
I love the F-5!
I love the F-5!
Banshee was built to be secure. And because complexity is the enemy, it's small and easy. That led to a very fast framework. But despite of being small, it has many features, like weblog, a forum, newsletter, photo album and basic webshop functionality and libraries for databases, e-mail, HTTP, logfiles, etc. Worth giving it a shot.
There is only one Moon, the satellite circling around the planet Earth. All other astronomical object we refer to as moons are satellites. And no, the electronical satellites we bring into orbit are actually called 'artifical satellites'. So, moomoons makes no sense at all.
It's there, under 'c'...
I don't know of any game that this archive doesn't have. C64 forever! :)
The coolest flight simulator with the steepest learning curve is without a doubt Falcon BMS.
A language is just a language. It's the developer who makes code crap or good. It's very easy to start developing with PHP. Because of that, many young and unexperienced developers use PHP. That and only that is the reason why so much PHP code is crap. It has nothing to do with the language itself. With PHP, it's very well possible to write good, solid, fast and secure webapplications. You want proof? Check out the Banshee PHP framework.
When downloading wasnâ(TM)t illegal and The Pirate Bay wasnâ(TM)t blocked in the Netherlands, I downloaded a lot and bought the movies I liked. Being a movie fan, it was quite a lot. But now (thanks BREIN), I donâ(TM)t download anymore. I havenâ(TM)t bought a new movie for at least half a year.
GitHub... sounds familiar. Can't remember what it was...
Sorry, but this 'review' makes no sense at all. Your 'sum-total of the security features'... I have no idea what you looked at, but you clearly didn't look at Banshee. Or at least, not in a serious way.
If that's really all the criticism you can give. the Banshee developer did a good job.
Try this one.
Yeah, sure. Blame the kid. Don't talk about how you fucked up your security so bad that even a kid can bypass it. No, focus on how you were done wrong.
Seriously, if a small kid can bypass your security, you deserve to be 'hacked'. No mercy for incompetence!
Yes! Use a chat-app that uses end-to-end encryption instead. You can share the same information, but with more privacy. For information you really want the share with the rest of the world, use something like a blog.
We need more software that are secure by design. There is no reason to have a tool like memcached available for the entire internet. The memcached developers should have made it listen to localhost only by default. The setting to make it listen to other interfaces should be well explained in the manual, with all the risks and are-you-sure-you-want-this warnings.
I totally agree that Wordpress is a 'hodgepodge of spagetticode'. The only way I've used Wordpress in the past is during my courses Secure Web Development, to show students how not to write code. After so many patches, Wordpress' code may be secure. But what makes it insecure is that it doesn't provide a solid base for plugin developers. It doesn't support, encourage or enforce plugin developers to write secure plugins. So, while many people only blame plugin developers for Wordpress, I also blame Wordpress itself and its developers for it.
Secure code is one thing, provable secure code is another thing. Provable secure code allows you to easily and quickly prove that changes to the code, which is what plugins do, don't affect the security of the code. Wordpress' code may be secure, it's definitely not provable secure code. And provable secure code is definitely what is needed for a piece of code that powers 30% of all websites!
As a parent, I totally agree with this. My eight year old son is already asking about when he gets his own mobile phone. Some friends of him already have one! Insane! Kids at that age are not ready for the internet and communication like that. If they learn to communicate via digital devices instead of directly, they miss essential things like non-verbal communication. This will seriously affect them if you ask me.
I know I can't go around giving him a mobile phone when he goes to high school, otherwise he will be left out of a lot of social events. This nation wide ban removes the difficult discussion between schools and parents. I wish they would do this in my country too.
I think that most frameworks and CMS's don't provide the right security that is needed to create a secure website. They offer protection against SQL injection, XSS and other common attacks, but don't provide a means for developers to make sure they used it correctly. Look at all the Wordpress plugins that keep on being vulnerable. How do you know a plugin is secure or not? In my opinion, there is a big difference between secure code and provable secure code. So, it's not only web developers making the same mistake. It's also frameworks and CMS's not providing a true secure base.
In the framework I make, I always keep in mind that some other developer will use my code to build an actual website. How will that developer use it? How to make sure that developer uses it correctly? Whenever possible, I make sure that things are secure and restricted. If you want to do things that are potentially insecure, you have to disable certain security checks. For example, all output is escaped to prevent XSS. If you really want to output HTML, you have to disable the escaping. My framework comes with a script that performs a security audit for common errors. I really think that my framework is the most secure available and it's very hard to build something insecure with it that is hard to detect.
Biometrics are often heard as the alternative for the password. To see if that's a good alternative, let's take a look at the characteristics of both username and password.
The username
The password
Now, let's take a look at the characteristics of biometric information:
Conclusion: biometric information is more like a username than like a password. So, the only way to properly use biometrics is to use it for identification, not for authentication. Giving biometric information to the government for authentication purposes, is dangerous. The government probably doesn't understand this topic very well, so they will probably use it in the wrong way (for authentication). Because they believe it to be more secure (thanks to all the sales talks of companies selling biometric stuff), you end up having an even more bigger problem than now in case of identity theft.
No, that's the old way. In a modern world, automated guns are placed at the corner of every street. It will open fire at everything that sounds like a gunshot. The only way to stop shootings like this. And it will make the excuse "guns don't kill people, people do" invalid. Developing, installing and maintaining such automated guns will also create a lot of jobs. It's gonna be great.
We recently bought a Windows 10 laptop for our oldest son. (for schoolstuff, games, etc). He wanted to use Skype, because that's what his friends use for talking while gaming. Skype... what a piece of **** software. After setting up a Microsoft account, Microsoft comes with some bullshit in order to get our phone number (blah blah account abuse blah blah we need to send SMS). Windows 10 and all other Microsoft is nothing but shitty spyware.
For communication during games, me and some friends use Teamspeak. No bullshit, not spyware, no hustle, it just works. One of these days, I'll offer my son and their friends an account at my Teamspeak server as well. After 2 days, Microsoft already made me hate Skype.
How the hell did their PGP key even end up on their webserver?!?!?
This is an insult to anyone working hard to make the best of information security. Equifax deserved it!!