Archive

Posts Tagged ‘web’

All Ruby On Rails Versions Suffer SQL Injection Flaw

January 3rd, 2013 01:35 admin View Comments

Programming

Trailrunner7 writes with the news as posted at Threatpost (based on this advisory) that “All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an attacker to inject code into Web applications. The vulnerability is a serious one given the widespread use of the popular framework for developing Web apps, and the maintainers of Ruby on Rails have released new versions that fixes the flaw, versions 3.2.10, 3.1.9 and 3.0.18. The advisory recommends that users running affected versions, which is essentially anyone using Ruby on Rails, upgrade immediately to one of the fixed versions, 3.2.10, 3.1.9 or 3.0.18. The vulnerability lies specifically in the Ruby on Rails framework, and it’s presence doesn’t mean that all of the apps developed on vulnerable versions are susceptible to the bug.”

Source: All Ruby On Rails Versions Suffer SQL Injection Flaw

What Turned VR Pioneer Jaron Lanier Against the Web

December 28th, 2012 12:46 admin View Comments

Social Networks

i_want_you_to_throw_ writes “Details of Jaron Lanier’s crusade against Web 2.0 continue in an article at Smithsonian Magazine. The article expands upon Lanier‘s criticism of Web 2.0. It’s an interesting read, with Lanier suggesting we are outsourcing ourselves into insignificant advertising-fodder and making an audacious connection between techno-utopianism, the rise of the machines and the Great Recession. From the article: ‘As far back as the turn of the century, he singled out one standout aspect of the new web culture—the acceptance, the welcoming of anonymous commenters on websites—as a danger to political discourse and the polity itself. At the time, this objection seemed a bit extreme. But he saw anonymity as a poison seed. The way it didn’t hide, but, in fact, brandished the ugliness of human nature beneath the anonymous screen-name masks. An enabling and foreshadowing of mob rule, not a growth of democracy, but an accretion of tribalism. … ‘This is the thing that continues to scare me. You see in history the capacity of people to congeal—like social lasers of cruelty. That capacity is constant. … We have economic fear combined with everybody joined together on these instant twitchy social networks which are designed to create mass action. What does it sound like to you? It sounds to me like the prequel to potential social catastrophe. I’d rather take the risk of being wrong than not be talking about that.’”

Source: What Turned VR Pioneer Jaron Lanier Against the Web

What Turned VR Pioneer Jaron Lanier Against the Web

December 28th, 2012 12:46 admin View Comments

Social Networks

i_want_you_to_throw_ writes “Details of Jaron Lanier’s crusade against Web 2.0 continue in an article at Smithsonian Magazine. The article expands upon Lanier‘s criticism of Web 2.0. It’s an interesting read, with Lanier suggesting we are outsourcing ourselves into insignificant advertising-fodder and making an audacious connection between techno-utopianism, the rise of the machines and the Great Recession. From the article: ‘As far back as the turn of the century, he singled out one standout aspect of the new web culture—the acceptance, the welcoming of anonymous commenters on websites—as a danger to political discourse and the polity itself. At the time, this objection seemed a bit extreme. But he saw anonymity as a poison seed. The way it didn’t hide, but, in fact, brandished the ugliness of human nature beneath the anonymous screen-name masks. An enabling and foreshadowing of mob rule, not a growth of democracy, but an accretion of tribalism. … ‘This is the thing that continues to scare me. You see in history the capacity of people to congeal—like social lasers of cruelty. That capacity is constant. … We have economic fear combined with everybody joined together on these instant twitchy social networks which are designed to create mass action. What does it sound like to you? It sounds to me like the prequel to potential social catastrophe. I’d rather take the risk of being wrong than not be talking about that.’”

Source: What Turned VR Pioneer Jaron Lanier Against the Web

Popular WordPress Plugin Leaves Sensitive Data In the Open

December 26th, 2012 12:01 admin View Comments

Security

chicksdaddy writes in with a warning about a popular WordPress plugin. “A security researcher is warning WordPress users that a popular plugin may leave sensitive information from their blog accessible from the public Internet with little more than a Google search. The researcher, Jason A. Donenfeld, who uses the handle ‘zx2c4′ posted a notice about the add-on, W3 Total Cache on the Full Disclosure security mailing list on Sunday, warning that many WordPress blogs that had added the plugin had directories of cached content that could be browsed by anyone with a web browser and the knowledge of where to look. The content of those directories could be downloaded, including directories containing sensitive data like password hashes, Donenfeld wrote. W3 Total Cache is described as a ‘performance framework’ that speeds up web sites that use the WordPress content management system by caching site content, speeding up page loads, downloads and the like. The plugin has been downloaded 1.39 million times and is used by sites including mashable.com and smashingmagazine.com, according to the WordPress web site.”

Source: Popular WordPress Plugin Leaves Sensitive Data In the Open

Ask Slashdot: What Was Your Favorite Web Comic of 2012?

December 26th, 2012 12:15 admin View Comments

It's funny. Laugh.

skade88 writes “It’s time to do another year-end best-of roundup! Today’s topic is web comics. What was your favorite web comic of 2012? Feel free to use the following categories, or make up your own. 1) Best overall web comic series of 2012. (Any web comic that produced content in 2012). 2) Funniest web comic of 2012. (This one represents the single funniest comic of any web comic series. Provide links!) 3) Best art in a web comic of 2012. (Web comic from 2012 with the most amazing art ever). 4) Web comic that was most relevant to you in 2012. (This one is even more subjective than the others).”

Source: Ask Slashdot: What Was Your Favorite Web Comic of 2012?

Spider Discovered That Builds Its Own Spider Decoys

December 18th, 2012 12:25 admin View Comments

Science

OakDragon writes “A newly discovered species of spider — apparently of the genus Cyclosa — has been discovered in the Peruvian Amazon. The spider builds an elaborate decoy out of web, twigs, and other scraps, which appears to be a much larger spider. The spider will even cause the decoy to move, marionette-style, by shaking the web.”

Source: Spider Discovered That Builds Its Own Spider Decoys

Ask Slashdot: How Does an IT Generalist Get Back Into Programming?

December 18th, 2012 12:50 admin View Comments

Programming

CanadianSchism writes “I’ve been in the public sector for the past 6 years. I started off doing my work study in web design and a bit of support, eventually going through the interview process to fill in a data processing technician post, and getting the job. The first four years of my work life were spent in various schools, fixing computers, implementing new hardware, rolling out updates/ghosting labs, troubleshooting basic network and printer problems, etc. I was eventually asked to work on the administrative information systems with an analyst, which I’ve been doing for the past 2 years. That’s consisted of program support, installing updates to the pay/financial/purchasing/tax/energy systems, taking backups on SQL servers, etc. I’ve never had the opportunity to take time for myself, and jump back into my first love: programming. I’ve picked up Powershell books (have two here at the office), but haven’t gotten anything down yet, as there are always other projects that come up and whittle my attention to learning a language down to zilch. This new year will see a change in that, however. I’ll be setting aside an hour every day to devote to learning a new language, in the eventual hope that I can leave this company (take a sabbatical) and hop into the private sector for a few years. My question to you all is, what language should I start with, to learn and get back into the principles of programming, that will help me build a personal portfolio, but will also lend to learning other languages? At this point, I’m not sure if I’d like to make/maintain custom applications, or if back-end web programming would be more interesting, or any of the other niches out there.”

Source: Ask Slashdot: How Does an IT Generalist Get Back Into Programming?

W3C Finalizes the Definition of HTML5

December 17th, 2012 12:25 admin View Comments

Programming

hypnosec writes “The Worldwide Web Consortium (W3C) has announced that it has finalized the definition of HTML5 and that it is ready for interoperability testing. HTML5 hasn’t been given the status of standard yet but it is feature complete now, giving developers a stable target to develop their web applications. The W3C said in the announcement ‘HTML5 is the cornerstone of the Open Web Platform” and that it provides an environment which can utilize all of a device’s capabilities like videos, animations, graphics and typography. The HTML5 specifications still have a long way to go before they hit the Recommendation status. HTML5 will have to go through a round of testing that looks specifically into interoperability and performance after which time it will be given a Candidate Recommendation title.”

Source: W3C Finalizes the Definition of HTML5

The Web We Lost

December 14th, 2012 12:29 admin View Comments

Social Networks

An anonymous reader writes “Anil Dash has an insightful post about cutting through the social media hype to see all of the social functionality we’ve lost on the web over the past decade. ‘We’ve lost key features that we used to rely on, and worse, we’ve abandoned core values that used to be fundamental to the web world. To the credit of today’s social networks, they’ve brought in hundreds of millions of new participants to these networks, and they’ve certainly made a small number of people rich. But they haven’t shown the web itself the respect and care it deserves, as a medium which has enabled them to succeed. And they’ve now narrowed the possibilities of the web for an entire generation of users who don’t realize how much more innovative and meaningful their experience could be. … We get bulls*** turf battles like Tumblr not being able to find your Twitter friends or Facebook not letting Instagram photos show up on Twitter because of giant companies pursuing their agendas instead of collaborating in a way that would serve users. And we get a generation of entrepreneurs encouraged to make more narrow-minded, web-hostile products like these because it continues to make a small number of wealthy people even more wealthy, instead of letting lots of people build innovative new opportunities for themselves on top of the web itself.’”

Source: The Web We Lost

The Web We Lost

December 14th, 2012 12:29 admin View Comments

Social Networks

An anonymous reader writes “Anil Dash has an insightful post about cutting through the social media hype to see all of the social functionality we’ve lost on the web over the past decade. ‘We’ve lost key features that we used to rely on, and worse, we’ve abandoned core values that used to be fundamental to the web world. To the credit of today’s social networks, they’ve brought in hundreds of millions of new participants to these networks, and they’ve certainly made a small number of people rich. But they haven’t shown the web itself the respect and care it deserves, as a medium which has enabled them to succeed. And they’ve now narrowed the possibilities of the web for an entire generation of users who don’t realize how much more innovative and meaningful their experience could be. … We get bulls*** turf battles like Tumblr not being able to find your Twitter friends or Facebook not letting Instagram photos show up on Twitter because of giant companies pursuing their agendas instead of collaborating in a way that would serve users. And we get a generation of entrepreneurs encouraged to make more narrow-minded, web-hostile products like these because it continues to make a small number of wealthy people even more wealthy, instead of letting lots of people build innovative new opportunities for themselves on top of the web itself.’”

Source: The Web We Lost

YOYOYOOYOYOYO