patio11 - Slashdot User

Submission + - Security Lessons Learned From The Diaspora Launch (kalzumeus.com)

Submitted by patio11 on Thursday September 23, 2010 @08:55AM

patio11 writes: Diaspora, the privacy-respecting OSS social network, did a code release last week. It included several severe security bugs. This post walks through the code, showing what went wrong, and what it would let an attacker do to someone who was using Diaspora.

Comment Re:Text only cache (Score 1) 773

by patio11 on Thursday June 17, 2010 @11:14PM (#32609454) Attached to: Falsehoods Programmers Believe About Names

While I'm busy replacing the pile of molten slag that is my VPS, you can find the whole thing here, served as all static (including assets):

http://www.bingocardcreator.com/kalzumeus-cache/names.html

Comment Re:As the author of RFC 2100... (Score 2, Funny) 773

by patio11 on Thursday June 17, 2010 @10:36PM (#32609260) Attached to: Falsehoods Programmers Believe About Names

After Reddit got done with the site yesterday, I decided "Sure, why not upgrade to Wordpress 3.0. I'll just turn off caching for a little while and..."

Falsehoods Programmers Believe About Names 773

Posted by timothy on Thursday June 17, 2010 @09:57PM from the can't-we-stick-to-slashdot-user-ids? dept.

Jamie points out this interesting article about how hard it is for programmers to get names right. Since software ultimately is used by and for humans, and we humans are pretty tightly linked to our names (whatever the language, spelling, or orthography), this is a big deal. This piece notes some of the ways that names get mishandled, and suggests rules of thumb (in the form of anti-suggestions) to encourage programmers to handle names more gracefully.

Slashdot Top Deals