|
Some say we're living in a "post-PC" world, but malware on PCs is still a major problem for home computer users and businesses. The examples are everywhere: In November, we reported that malware was used to steal information about one of Japan's newest rockets and upload it to computers controlled by hackers. Critical systems at two US power plants were recently found infected with malware spread by USB drives. Malware known as "Dexter" stole credit card data from point-of-sale terminals at businesses. And espionage-motivated computer threats are getting more sophisticated and versatile all the time. Think before you click, and never run as root.
|
|
|
|
|
This attack underscores the security problem posed by third party code. In this case, the vulnerable application was probably not coded by Yahoo! team, and not even hosted on Yahoo’s server farm, leaving Yahoo! with the full responsibility for securing the application on one hand, and a very limited capability to actually control the code, on the other hand.
Apart from the SQL injection bit, this reminds me of the way David gained access to the WOPR in WarGames[^] 30 years ago - There was an open line at our division in Sunnyvale. The phone company screwed up.[^].
Soren Madsen
"When you don't know what you're doing it's best to do it quickly" - Jase #DuckDynasty
|
|
|
|
|
Microsoft is trying again to help their target developers fix their sites. They have launched modern.ie[^] to provide tools and guidance.
One of the first benefits is a page scanner you can point at your site to get a nice report of known or possible issues with the site. For example, did you know a certain orange Web site is using jQuery 1.6.2? If you ran that site through the scanner you'd see that it's a possible issue, complete with guidance on what to do with that information.
They've also partnered with BrowserStack to give you three months worth of their browser testing service for free (regular USD19/month). This allows you to view your page(s) in a variety of browser/OS combinations (complete with add-ins for Chrome, Firefox and Visual Studio to make popping up those scans easier). Sadly, it looks like this requires a Facebook login.
--------------
TTFN - Kent
|
|
|
|
|
Kent Sharkey wrote: For example, did you know a certain orange Web site is using jQuery 1.6.2? I don't know what it was about it, but that tickled my funny bone. Thanks!
|
|
|
|
|
Twitter (you may have heard of them) has released one of their internal frameworks: Flight[^]. It's a 100% buzz-word compliant JavaScript library that allows items on Web pages to communicate with one another via events, without requiring any knowledge of one another. (MIT-licensed)
--------------
TTFN - Kent
|
|
|
|
|
Clean up your CSS, and save a little bandwidth while you're at it. CSS files tend to accumulate cruft (and worse). The CSS Trashman[^] will refactor your existing CSS code and give you a clean new file to start fresh.
--------------
TTFN - Kent
|
|
|
|
|
|
(Crippled with Laughter)
|
|
|
|
|
Seems like it's time to move to Java 7 for those using Java on Windows without a commercial license. However, this is what everyone was worried about when Oracle bought Sun. Fortunately, I don't use Windows, so this does not affect me in the least, especially as I don't use Java browser plugins.
|
|
|
|
|
|
The Chrome comic book was originally designed as a limited edition print book for journalists all the way back in 2008. What you may not have known is that it's also a fantastic read for any web developer. Released during the week of our first Chrome launch, the comic described our multi-process architecture, how the V8 JavaScript engine works, predictive DNS lookups (for optimizing based on your usage patterns) and many technical architectural concepts in a way that was surprisingly accessible to the everyday user. The original is an expensive collectible today. Here's a full-quality PDF version to enjoy instead.
|
|
|
|
|
January has been a very bad month for Ruby on Rails developers, with two high-severity security bugs permitting remote code execution found in the framework and a separate-but-related compromise on rubygems.org, a community resource which virtually all Ruby on Rails developers sit downstream of. Many startups use Ruby on Rails. Other startups don’t but, like the Rails community, may one day find themselves asking What Do We Do When Apocalyptically Bad Things Happen On Our Framework of Choice? I thought I’d explain that for the general community. Executing arbitrary code: words that should send shivers down any dev's spine.
|
|
|
|
|
Terrence Dorsey wrote: Executing arbitrary code: words that should send shivers down any dev's spine
Oh, I don't know. I see code almost every day that I'd like to summarily execute.
|
|
|
|
|
|
You're doing it wrong.
Really horrible code should be dragged into a filthy, deserted, vermin infested alley; have its legs and jaw broken; and then be shot in the gut. We can then take bets on if bloodloss, sepsis, or the rats finish it off.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Way back in the day, when I first really got into real Mac programming I used an old IDE called Think Pascal. One of the cool things about it was that unlike Think C, it allowed programming with proportional fonts. I typically used Geneva to code in Pascal and Monoco to program in C. I later switched to doing almost all my coding in Visual Studio which didn’t work well with proportional fonts.... [Then] someone mentioned to me that Xcode actually works with proportional fonts... Have you ever tried coding with proportional fonts?
|
|
|
|
|
Yeah, 5 minutes!
I guess it's an acquired taste... but fixe sized font is good to edit mulitple lines at a single time (with VS!!)
BTW, you can choose proportional font for code in VS too!
My programming get away... The Blog...
Taking over the world since 1371!
|
|
|
|
|
Have a blog? With small adjustments, you can noticeably improve its typography. Your readers will thank you for it. This guide will help you understand the typographic foundations that will improve the readability of your articles. Good reading starts with a good layout...
|
|
|
|
|
I don’t feel that the way DirectX has been handled in recent years has been a positive thing. A number of technical decisions were made that were unfortunate, and then a number of business and marketing type decisions were made that compounded the problem. Many of the technologies (DirectInput, DirectSound, DirectShow) have splayed into a mess of intersecting fragments intended to replace them. The amount of developer support for Direct3D from Microsoft has been unsatisfactory, and anecdotal reports of internal team status have not been promising. Somebody told me a year or two back that the HLSL compiler team was one person. That’s not something you want to hear, true or not. Worst of all, though, was the communication. That’s the part that bugs me. You’ll understand if I am not in a hurry to start coding for your newest framework.
|
|
|
|
|
This is very unfortunate. What happens when decisions are not made with strategic thinking. Sort of like the mess the US Economy is in.
|
|
|
|
|
Wait, so what is the proposed replacement for DirectX? I highly doubt Microsoft are considering OpenGL.
=====
\ | /
\|/
|
|-----|
| |
|_ |
_) | /
_) __/_
_) ____
| /|
| / |
| |
|-----|
|
=====
===
=
|
|
|
|
|
OpenGL rules, it has a software renderer fallback, something that DirectX never offered.
Wout
|
|
|
|
|
DirectX remains!!!
But instead of XNA (shameless plug, although I should be, it's no where near ready...) you can use my WinRT binding for DirectX!
http://directwinrt.codeplex.com/[^]
Just did some D2D work lately, this API is almost usable now!
My programming get away... The Blog...
Taking over the world since 1371!
|
|
|
|
|
I am writing a multi-discipline article for quite some time. I was using OpenGL at first, later changed to XNA so that I did not have to write my own 3D model importer; On hindsight, I should have sticked with OpenGL, One good side-effect OpenGL has to offer, is that I can easily port my code to WebGL (if browser support) where my users can watch the preview before they click OK to make video on the server.
|
|
|
|
|
If you ever connected to the Internet before the 2000s, you probably remember that it made a peculiar sound. But despite becoming so familiar, it remained a mystery for most of us. What do these sounds mean? As many already know, what you're hearing is often called a handshake, the start of a telephone conversation between two modems. The modems are trying to find a common language and determine the weaknesses of the telephone channel originally meant for human speech. Below is a spectrogram of the handshake audio. It's an older article, but when was the last time you had to dial up?
|
|
|
|