Category: Web work

These days, most of my work is very related to the online world. Building web sites, reviewing web applications, integrating with web services, coordinating people who are far away from each other, etc. Whenever I find a new tool or service or an innovative, interesting idea about working online, I share it in this category.

Alex Stamos : AppSec is Eating Security

I’m throwing this into the pile of arguments for “security and privacy are little but myths” discussions.  If top of the top companies, with multi-million budgets and hundreds or thousands of top security professionals get compromised, how realistic is it for the average Joe to protect his business?  I say – not very.

I think 80% of problems can be prevented with the 20% time and effort investment: minimize attack surface by removing and disabling everything you don’t need or use and limiting access to everything else, use layered defense where possible, use encryption where possible and strong passwords if you have to, don’t rely on security through obscurity, have log analyzers and/or intrusion detection system installed, etc.  But most importantly, make peace with the fact that being compromised is not the question of “if”, but “when”.  Prepare yourself.  Have an offsite backup and know how to restore your services in a completely new environment, if necessary.

And as far as your privacy goes, if you put anything private on the Internet, as well, prepare for it to be stolen and leaked.  If it never happens, consider yourself lucky.  Otherwise, just learn to deal with it.  It’s very unpleasant in a variety of ways, but seldom deadly.

Via EtherealMind.

Google releases Polymer 1.0, production ready

At a recent Google I/O 2015 conference, a production ready version 1.0 of Polymer library was announced.  If you are not familiar with this tool, and a brief description like:

The Polymer library is designed to make it easier and faster for developers to create great, reusable components for the modern web.

doesn’t help much, then you should definitely check the Get Started section.  You’ll love it!  Once you know what it does and how it works, check the current Catalog of the elements.

Via The Next Web.

Claim to fame : phinx LONGBLOB

My largest claim to fame in the Open Source software just got merged in – a pull request to the phinx project, adding support for MySQL’s LONGBLOB (as well as TINYBLOB and MEDIUMBLOB).  Phinx is the PHP tool for database migrations.  It’s used, among others, by the CakePHP 3 framework.

The patch itself was rather simple and I was surprised that it hasn’t been done by someone else earlier (there was an open issue requesting this for more than a year).  Phinx already had support for BLOB, and for TINYTEXT, MEDIUMTEXT, TEXT, and LONGTEXT.  So practically all I had to do was a bit of copy-paste and find-replace.  Gladly, there were some unit tests in place already, preventing me from breaking a thing or two.

What I found interesting though, wasn’t the patch itself, but the support of the CakePHP community (thank you guys!).   Every few days someone (even core CakePHP developers) would “thumbs up” the pull request to draw the attention of the maintainer to it.  Some people pulled the branch and tested it.  Some wrote comments.  That was awesome and quite inspiring!