GoogHOle Exploits GMail, Picasa and 200K Other Sites
Original post provide by Slashdot: ITGiorgio Maone writes “Multiple Google-targeted exploits disclosed in the past 3 days could compromise your GMail account, steal your pictures from Picasa or impersonate you on almost 200,000 big sites which outsourced their search engines (vulnerabilities included in the price). If even Google, a very reactive company when web security matters, does face this kind of problems, how serious is the threat and what can you do, as a “normal” web user, to protect yourself?”
Read more of this story at Slashdot.
OpenAjax Alliance Announces New Initiatives For Secure Mashups And Mobile AJAX
OpenAjax Alliance has revealed new initiatives for secure mashups and mobile AJAX, as well as a new white paper on AJAX security. As AJAX and mashups continue to gain widespread acceptance under the Web 2.0 umbrella, it is critical for organizations to understand these threats and to avoid them by adhering to some best practices.
O'Reilly Ruby Blog: 7 Reasons I Switched Back To PHP After 2 Years On Rails
[...] The first few months showed good progress, and Jeremy could not have been more amazing, twisting the deep inner guts of Rails to make it do things it was never intended to do. But at every step, it seemed our needs clashed with Rails' preferences.
Rob Allen's Blog: Luke - Lucene Index Toolbox
Rob Allen quickly points out a tool that Lucene users (Zend Framework and otherwise) can use to check out the contents of their indexing files. If you want to understand what's in your Zend_Search_Lucene index files, then download Luke (http://www.getopt.org/luke/) and point it at the directory containing your index files.
Community News: Latest PEAR Releases For 09.24.2007
Latest PEAR Releases:CodeGen_MySQL_Plugin 0.9.1devCodeGen_MySQL 0.9.1devVersionControl_SVN 0.3.1Net_LDAP 1.0.0RC4Testing_FIT 0.2.2Net_UserAgent_Detect 2.4.0Text_Diff 0.3.0DB 1.7.13PHP_CodeSniffer 0.9.0
Laszlo And CounterPath Solutions Join Forces To Bring VoIP Technology To Laszlo Webtop
The companies are joining forces to build CMC (CounterPath Multimedia Communicator) WebPhone, a softphone that is rapidly furthering Laszlo?s vision of one-click, universal communications by tightly merging the voice application with Webtop?s existing Mail and Contacts applications? all accessible from a single Web browser.
More Articles:
Secunia.com: Mandriva Update For PHP
As per this new Secunia advisory, the Mandriva group has officially released updates to their PHP packages: Mandriva has issued an update for php. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions, malicious users to bypass certain security restrictions, gain escalated privileges, disclose potentially sensitive information, or cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions and cause a DoS.
Community News: PHPPodcasts.com Launched
Currently, there's four podcasts under the PHPPodcast umbrella Zend's own PHP Abstract, php|architect's Pro PHP podcast, the phpBB podcast and the CakePHP group's own podcast, The Show. Know of a PHPrelated podcast that you think should be added to the site?
Christopher Jones' Blog: Book Review: PHP Oracle Web Development
Christopher Jones has posted a review of one of the latest PHPrelated books published by Packt Publishing PHP Oracle Web Development: Yuli Vasiliev has put a lot of realworld PHP and Oracle experience into his book PHP Oracle Web Development. The book's reviewer, Arup Nanda, was, amongst other things, Oracle's DBA of the Year in 2003.
Greg Beaver's Blog: Working Towards Pyrus And PEAR2, Check It Out Or Miss Out
Greg Beaver talks about a big push that he's making towards PEAR2 by working hard on an integral piece of the puzzle the Pyrus installer. I'm churning out code to turn its installer, Pyrus, from vaporware into actual code. Along these lines, there has been significant progress.
Community News: MySQL AB Project Officially Supports PDO
There's budgets and time lines for the project so things are already moving along and developers to the project will soon be assigned. Lukas also mentions updated on PHP's side validating that the documentation for the extensions (mysql and mysqli) are up to date and correct.