International PHP Magazine has just republished an article I wrote entitled, “PHP Cryptography: An Introduction Using Mcrypt” in its entirety on their web site. The complete article including source code is now available online for the first time right here. I am pleased to see such an important security topic getting greater exposure in the …
Thanks to fellow Serendipity user Norbert Mocsnick for pulling this roster of PHP users from Zend: “Hewlett-Packard, Boeing, Lufthansa, Dresdner Bank, Disney Online, Yahoo!, Lycos, Sprint, T-Mobile, Orange, Nortel Networks, Lucent, WallStreetOnline and Siemens.” This helps answer the question, “Who are the enterprise?” but raises another: “Where have they been?” My experience so far has …
OK, so maybe Chris didn’t say “security is what happens between input and output.” But I do. The truth is that a PHP developer really only has control over these two deceptively simple components of the application. Sure, there are scads of other types of attacks–attacks relatively beyond the control of the PHP developer, involving …
PHPDeveloper just reported that the phpBB development server has been hacked by a politically motivated group. More details and the response from the phpBB group are on the phpBB site. What strikes me most is the phpBB slogan: “creating communities.” Why would anyone want to maliciously thwart that? I guess in a meritocracy like open …
Chris Shiflett has an interesting post on his blog wherein he declares that all PHP security vulnerabilities come from either a lack of flitering input or escaping output. In fact, he’s betting $100 that the next 4 of 5 vulnerabilities that get reported by PHP|Arch will confirm his proclamation. My question is: what other kind …
With an exciting development project ahead, some of which David alluded to in a recent blog entry, I am looking closely at what has worked in the past. I had good success implementing some of the strategies of Extreme Programming (XP) and to that end I am now partway through Extreme Programming Applied (the one …
