That's fine, but it still looks like Windows 3.11. Only OS/2 diehards will accept such an interface. I tell you: stick with this Windows 3.11-like interface and it will fail, again.
Cool! Hopefully they change the interface to a more modern one. Because no matter how good the underlying kernel and system is, it will totally ruin the overall experience for sure.
Woaw, you clearly know what you are talking about. Good arguments too. You must be some Code Writing Guru.
Anyway, just wanted to let you know that all my PHP based websites are running fine for many, many years. Without patching that is. And yes, they've seen a lot of hack attempts. None was successful.
Take a look at the security_audit script. Run it and it will tell you what needs your attention with respect to SQL injection and cross-site scripting.
XSLT prevents XSS, because every output will be escaped by default. Printing output as it is (printing HTML tags unescaped) requires adding the XML parameter 'disable-output-escaping="yes"'. By doing so, you are clearly warned. Fuck it up and it is clearly your own stupid mistake.
SQL injection is prevented the same way. The SQL library won't accept queries with quotes. The security_audit script sees when variables (possible user-input) is used to create a query string. Yes, SQL injection can be done by doing so, but if you chose to ignore the warnings, it's your own fault.
Banshee also has a good session library. Unlike the session handling in many other frameworks, this one works transparent with $_SESSION and stops session hijkacing.
No, there is no reason for me to fork it. The approach is simply different from many other frameworks. Others require to update/patch of a regular basis. In Banshee, the core libraries don't change much. They're safe and good. Just unzip the tarball, remove the default modules you don't need, add your own custom modules and the website is done. Many other frameworks allow you to run many websites with just one CMS installation. That's insane. With Banshee, every website has its own separate codebase. Who cares about a few MB's of harddisk space these days. It's harddisk space vs the certainty that my website remains stable. Updating the core CMS code because one website requires it might break others. Because of that, I happily waste a few MB's on my terrabyte harddisk to gain a lot of certainty and stability.
No, Banshee is not the ultimate solution or the silver bullet. But it is rock solid, fast and proven secure. I've built many websites with it, never needed to update / patch any of them and they all run or ran for many years without any trouble or any hack. And yes, many of them have seen a lot of hack attempts. And that's worth a lot to me. No Wordpress, Drupal or Joomla user can say the same thing.
PHP has nothing to do with it. PHP is just as secure / insecure as any other language. It's the fact that PHP is easy to learn, easy to use and easy to deploy that attracts many people, including noobs. It's the noobs that cause the problems.
To prove that PHP can be used to create a rock solid and secure website, take a look at the Banshee PHP Content Management Framework. I dare you to try it. You will be suprised by its security, flexibility, easiness and speed.
Sure. But you expect a computer to always detect any kind of object on a runway? How can it know about an emergency situation on board of a plane? You expect every plane to have some sort of button panel on board for every kind of situation? Pregnant woman in labor? Press this button. Aggressive passenger? Press this button. Passenger with heart attack? Press that button. A plane in trouble leaked fuel on the runway. How's a computer supposed to detect that?
Yes, these are exceptional situations. But it is exactly these kind of situations where things can go from bad to catastrophic if the right decisions are not made. And I don't trust a computer to be able to do that. At least not better than a human being.
I don't agree. 16 GB is more than enough for. It was enough on my iPhone 4 and it surely is on my iPhone 6. For me the iPhone is what it is: a phone. Talking to people, texting, chatting, reading e-mail and surfing the web. That's about it. For all the other computer stuff, I have a laptop.
No. I'm a 39 year old IT security professional. Seen a lot of systems, seen a lot of code, seen a lot of things going wrong. Simply because of this. This is more than 30 years of computer experience speaking. Back to you.
Computers are good at doing things that it has been programmed to do. When everything goes as plan, nothing unpredicted happened, everything will be fine. But when some unpredicted situation appears, unforseen bad weather, failing engine or equipement on board of an airplane, an object on the runway, you name it, that's where the computer will fail. And those are the moments when the judgement of a person, an aircontroller, is needed. An unmanned air traffic control tower? I'm not sure, but it sounds like a recipe for accidents to me.
Some time ago I read that Suckerberg promised that no Facebook account would be required and there would be no sending of information back to Facebook... Right... Why do I not believe that?
This endless PHP bashing is getting a bit sad. Sure, earlier versions of PHP did have some bad things, but with PHP 5 it's very easy to create solid applications. You still may not like PHP, that's fine. In that case the only wise thing to do is to choose something else. But for any badly written application in PHP 5 I'm 100% sure that the programmer is to blame, not the language. Yes, looking at all the other modern programming languages these days, that I think that's the case for all of them. But PHP 5 is a modern and mature programmming language and has everything you need to write a modern web application. It can easily compete with the others.
To all those PHP-haters: bash and whine whatever you like. The world doesn't care. Look at the statistics: PHP is used much by many. It's here to stay. Grow up and move on.
Myself, I use PHP a lot. I've written my own framework. I really like PHP, because it's easy to use and specially because it's so easy to deploy. Easier than many other languages. I'm really looking forward to what PHP 7 has to offer.
This is insane! What's next? Being sued by an architect for a photo of a building? By a webdesigner for a screenshot? By a cars manufacturer for a photo of one of their cars? By parents for a photo of their child? By god for any photo you make?
Slashdot Mirror
No, I'm not. I'm comparing the usage of both in relation to the level of security they offer. Totally different.
Using a fingerprint for authentication is like using one unchangable password for every system. Bad practice!
That's fine, but it still looks like Windows 3.11. Only OS/2 diehards will accept such an interface. I tell you: stick with this Windows 3.11-like interface and it will fail, again.
Cool! Hopefully they change the interface to a more modern one. Because no matter how good the underlying kernel and system is, it will totally ruin the overall experience for sure.
Woaw, you clearly know what you are talking about. Good arguments too. You must be some Code Writing Guru.
Anyway, just wanted to let you know that all my PHP based websites are running fine for many, many years. Without patching that is. And yes, they've seen a lot of hack attempts. None was successful.
Bye,
A self-trained PHP monkey
Take a look at the security_audit script. Run it and it will tell you what needs your attention with respect to SQL injection and cross-site scripting.
XSLT prevents XSS, because every output will be escaped by default. Printing output as it is (printing HTML tags unescaped) requires adding the XML parameter 'disable-output-escaping="yes"'. By doing so, you are clearly warned. Fuck it up and it is clearly your own stupid mistake.
SQL injection is prevented the same way. The SQL library won't accept queries with quotes. The security_audit script sees when variables (possible user-input) is used to create a query string. Yes, SQL injection can be done by doing so, but if you chose to ignore the warnings, it's your own fault.
Banshee also has a good session library. Unlike the session handling in many other frameworks, this one works transparent with $_SESSION and stops session hijkacing.
No, there is no reason for me to fork it. The approach is simply different from many other frameworks. Others require to update/patch of a regular basis. In Banshee, the core libraries don't change much. They're safe and good. Just unzip the tarball, remove the default modules you don't need, add your own custom modules and the website is done. Many other frameworks allow you to run many websites with just one CMS installation. That's insane. With Banshee, every website has its own separate codebase. Who cares about a few MB's of harddisk space these days. It's harddisk space vs the certainty that my website remains stable. Updating the core CMS code because one website requires it might break others. Because of that, I happily waste a few MB's on my terrabyte harddisk to gain a lot of certainty and stability.
No, Banshee is not the ultimate solution or the silver bullet. But it is rock solid, fast and proven secure. I've built many websites with it, never needed to update / patch any of them and they all run or ran for many years without any trouble or any hack. And yes, many of them have seen a lot of hack attempts. And that's worth a lot to me. No Wordpress, Drupal or Joomla user can say the same thing.
The bet is on! Bring it on. I double dare you!! And if you're as tough as you sound, in time you will admit you are wrong.
PHP has nothing to do with it. PHP is just as secure / insecure as any other language. It's the fact that PHP is easy to learn, easy to use and easy to deploy that attracts many people, including noobs. It's the noobs that cause the problems.
To prove that PHP can be used to create a rock solid and secure website, take a look at the Banshee PHP Content Management Framework. I dare you to try it. You will be suprised by its security, flexibility, easiness and speed.
By the time you find the right emoji, you already forgot what you wanted to .... uhm ....
That's not what I'm saying. And my use case is definitely not different from 99.9% of all smartphone users.
No, I simply don't take video's.
Sure. But you expect a computer to always detect any kind of object on a runway? How can it know about an emergency situation on board of a plane? You expect every plane to have some sort of button panel on board for every kind of situation? Pregnant woman in labor? Press this button. Aggressive passenger? Press this button. Passenger with heart attack? Press that button. A plane in trouble leaked fuel on the runway. How's a computer supposed to detect that?
Yes, these are exceptional situations. But it is exactly these kind of situations where things can go from bad to catastrophic if the right decisions are not made. And I don't trust a computer to be able to do that. At least not better than a human being.
I do a lot more on my iPhone, but nothing that requires more than 16GB. And my iPhone 6 didn't cost me 600+ dollar. :)
But that doesn't make the 16GB version a strategic mistake. The absence of a 32GB version is.
I don't agree. 16 GB is more than enough for. It was enough on my iPhone 4 and it surely is on my iPhone 6. For me the iPhone is what it is: a phone. Talking to people, texting, chatting, reading e-mail and surfing the web. That's about it. For all the other computer stuff, I have a laptop.
No. I'm a 39 year old IT security professional. Seen a lot of systems, seen a lot of code, seen a lot of things going wrong. Simply because of this. This is more than 30 years of computer experience speaking. Back to you.
Computers are good at doing things that it has been programmed to do. When everything goes as plan, nothing unpredicted happened, everything will be fine. But when some unpredicted situation appears, unforseen bad weather, failing engine or equipement on board of an airplane, an object on the runway, you name it, that's where the computer will fail. And those are the moments when the judgement of a person, an aircontroller, is needed. An unmanned air traffic control tower? I'm not sure, but it sounds like a recipe for accidents to me.
Some time ago I read that Suckerberg promised that no Facebook account would be required and there would be no sending of information back to Facebook... Right... Why do I not believe that?
Banshee
Banshee
Please, explain to me in what ways it's superior?
This endless PHP bashing is getting a bit sad. Sure, earlier versions of PHP did have some bad things, but with PHP 5 it's very easy to create solid applications. You still may not like PHP, that's fine. In that case the only wise thing to do is to choose something else. But for any badly written application in PHP 5 I'm 100% sure that the programmer is to blame, not the language. Yes, looking at all the other modern programming languages these days, that I think that's the case for all of them. But PHP 5 is a modern and mature programmming language and has everything you need to write a modern web application. It can easily compete with the others.
To all those PHP-haters: bash and whine whatever you like. The world doesn't care. Look at the statistics: PHP is used much by many. It's here to stay. Grow up and move on.
Myself, I use PHP a lot. I've written my own framework. I really like PHP, because it's easy to use and specially because it's so easy to deploy. Easier than many other languages. I'm really looking forward to what PHP 7 has to offer.
Or the quite unknown Hiawatha webserver. A very good alternative to the well known Apache webserver and completely written by one person.
This is insane! What's next? Being sued by an architect for a photo of a building? By a webdesigner for a screenshot? By a cars manufacturer for a photo of one of their cars? By parents for a photo of their child? By god for any photo you make?
If mbed TLS isn't and OpenSSL is, than it says more about FIPS than about mbed TLS.