483 items tagged “security”
2002
How the RIAA was hacked
The Register: Want to know how RIAA.org was hacked? They had an un-password-protected admin panel listed in their robots.txt
file. Muppets.
Magic quotes solution
Pink Goblin (otherwise known as HarryF) explains why magic quotes are evil. This is an issue that every PHP developer should be aware of, as it can cause all kinds of problems in your scripts if you ignore it. He suggests using a custom myAddSlashes()
function which only calls addslashes() if magic quotes are turned off. I have an alternative solution—chose your preferred setting (quotes on or off) and apply it at run time to all incoming data in one go. My code for doing this is available here. By a bizzare coincidence I wrote the script this morning, then spotted a link to the Pink Goblin article on tidak ada literally five minutes after finishing it.
Palladium
Via Boing Boing: Seth Schoen’s notes on Palladium after a meeting with Microsoft. Cory Doctorow points out that Seth is probably the most knowledgeable tech person to have been briefed on Palladium by MSFT without signing an NDA
and his post certainly makes interesting reading. Palladium has had a lot of coverage since the Newsweek article announcing it first broke, with Robert Cringely providing some of the best analysis (in my opinion at least). The Register also has a story about Palladium which introduces some more information and guestimates on a shipping schedule.