Monthly Archives: April 2010

WordPress hysteria rant – Be proactive not reactive

Posted on by
Reply

So it seems that i am being verbally bludgeoned to write, so if that was the request, then here we go.

Firstly there was no official word from WordPress for about 3 days. 3 days of radio silence while security “sources” had posted this information for public consumption for some time.

So i do not know what you want the community to do? Sit and close their eyes, and act like nothing is happening? Read no news sites or blogs until there is word from the official provider of the product.

If there was an actual breach and users had not been vigilant, i think you (annoymous) would not be as adamantly posting, and sending slightly over-zealous commentary?

To make it worse there was a code review for WordPress 3.0 beta Continue reading

Google chrome wins the HTML 5 compatibility test. IE very far behind

Posted on by
Reply

As the big year in web development continues HTML5 is getting even closer to becoming more standard. This has been helped by Google’s Chrome browser has scoring high marks on an the HTML 5 compatibility test according to geektechnica.com.

It is an interesting site where you can read about some of new developments in HTML 5 and try the browser compatibility test page where you can see how your browser stacks up out of a total score of 160 points.

It was interesting to note that Chrome finished first with 137/160, Safari second with 113/160, Opera third with 102/160, Firefox a sluggish 100/160, and the usual suspect Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9 )scoring a blazing 19/160 points.

The finals results were: Continue reading

WordPress hack fix – Check your permissions

Posted on by
3

It seems after the brief period of quiet and uncertainty the main cause of the vulnerability attacking WordPress blogs was revealed. The security magazine over at darkreading.com noted that is was the storing of critical information as plain text in the database is what left users exposed.

Earlier i had noted that there was a problem with sites going down, and on a variety of different hosts as a result of some malware, that used SQL injections.

“The attacker basically created a scanner to locate all configuration files containing incorrect permissions” – darkreading.com

Continue reading

HTML 5 preview and editable to-do list in 60 seconds

Posted on by
3

So i have to admit that one of my favorite new applications is Screener. What screenr allows you to do is to easily, quickly and painlessly record a desktop session, whether you are on a Mac, PC, or linux computer using a java applet (which is pretty fast).

Once you record your screencast, you can then manage and administer your own channel similar to a Youtube or Vimeo channel. You get the benefit of a sleek player that clearly distinguishes itself from the rest, simple and has basic sharing capabilities.

Here is a demo by Netuts of an editable list that takes advantage of HTML 5 and the localStorage attribute and works with compatible browsers. Continue reading

WordPress 3.0 Beta first code review complete

Posted on by
Reply

As the WordPress community eagerly awaits the final release of WordPress 3.0 it is always good news when you see positive reviews from Alex King, the WordPress innovator with plugins like the widely used Twitter Tools, the Carrington theme framework, and the WordPress ShareThis plugin, on how things progressed. This is also pretty re-assuring as this is essentially the first comprehensive code review of this type that they have done for the upcoming version.

At the moment WordPress is going through a major transition from version 2.0 released in December 24th 2005 to WordPress 3.0 Beta and 3.0 final scheduled for release in May 2010 according to WPDevel.

For those who have seen the gradual ascent of WordPress into the platform it is now, Continue reading

Add your linkedIn profile on your site or WordPress blog – no coding

Posted on by
3

Recently i was working with the Facebook AP again, before i did my presentation at the Seattle PHP meetup . At the time one of the potential ideas was the linkedIn API and how to integrate linkedIn to your site, but obviously facebook was the API in demand.

As i was playing around with the linkedIn API and i managed to stumble upon the widgets that are one the developer site, and thought it would interesting to add them to your WordPress site.

I am sure that this is ideal for portfolio or sites, real-estate agents, companies adding some social networking flair to their site Continue reading

WordPress blogs getting HACKED! no fix as of yet?

Posted on by
5

UPDATE:

No official patch but there is a fix for this now. You can find out  more here… – April 12th 2009

Unfortunately today i read some bad news as SC magazine (April 9th 2010) reported that indeed some WordPress blogs had indeed been hacked! A while ago did write about security and permissions, and this came after working finding a malicious theme that attempted to execute and hack into a WP site from the the themes functions.php.

It seems that Themelab aptly wrote an article called “Dirty WordPress Hack Going Around, Cloaked to Search Engines” , as they noticed there was indeed a vulnerability and potential for SQL injection, or in lay man’s terms “hacking“. The article is dated March 1st 2010, and at the time they noted that,

This particular hack uses some particularly dirty methods which include inserting spam keywords into your own content, which is probably to control your keyword density.

They also point to a trick known as cloaking to inject data into your content, Continue reading