My Master's paper for my academic specialty is a proposal for a computer system that would allow a common activity in this field to happen on a sort of centralized website. I think my idea is fairly detailed and good, but a lot of the people and institutions in my field aren't very computer-savvy. I don't think I am a good enough programmer to build the entire thing myself -- it doesn't have to ultimately be Wikipedia-size, but if successful, it would have several tens of thousands of users, and things like security would be important.

How would you recommend I proceed? Get some (bad) working code and early adopters and iterate? Try to organize a team of planners and programmers? Try to get funding first? Any tips?

http://blog.jprosevear.org/2011/05/13/webgl-security/

But if you are vulnerable to automated attacks, then you most certainly are also vulnerable to directed attacks, no? The attacker can just use a known (or new) attack against WordPress once they see that that is what you are running:

"Aha! From the Meta Tags I can tell they're running WordPress. Looks like it's version X. I'll do a POST to site/wp-admin/tiny-mce/lang/en-us/takefile.php of a PHP script. If they didn't apply the patch that was released yesterday I should be able to upload my PHP script which will allow me write access or at least read access..." If you were not up-to-date in your install (or if you haven't audited any plugins you used), then the entire hack might takes just a few minutes, and could be done by someone with only rudimentary skills.

No?

A non-custom CMS like WordPress is very often the target of massive automated attacks: a new bug is discovered in WP and a tool is written to seek out vulnerable installations and exploit that bug. If you have the skill or $$ to pour over the code, you can probably find your own bugs before they become publicly known.

On the other hand, if your site is specifically targeted, then your custom CMS is as vulnerable or more than the WordPresses out there. You might have a bit of security through obscurity (in a standard WP install, the attacker might know file names and locations, variable names, classes, etc.) but this will probably do you little good if you weren't able to harden the code.

Lesson: you are screwed if a rich, powerful, or smart attacker singles you out. A standard CMS can land you in hot water if you don't have a knowledgeable person administering it (and who has that?).

Your analysis seems messed-up to me. I assume you are referring to this chart http://www.conceivablytech.com/wp-content/uploads/2011/02/browser2.jpg Chrome's rate of growth might have slowed a bit, but it still grew by what looks like 10%. IE has had negative growth pretty consistently. Safari's growth rate seems to be much lower than Chrome's. Since your understanding of the data seems so far off the mark, I doubt your conclusions are accurate.

The conceptions of what we "do" with music and film have been limited by the sales and "IP" models. Remixing, adding/replacing tracks, mashups, even sampling, all come about as a consequence of ignoring the "consumption" model as you describe it. So does all "traditional" or "folk" music. There are places that film and music can go that we can't easily think of today. Try to come up with your own examples of what can be done. If you can't think of anything or if your ideas don't seem all that revolutionary or important, maybe you're not an artist.

Since when does MS have the right to say "To get software truly correct..."? They KNOW how to make software secure?

My 3 year old son urges me to download games on the iPhone. I get all the free ones listed for each category and listed under "most popular." He and I agree that 99% of the games we see are some of the worst crap you can imagine. There are a few types:

* Stuff that requires a lot of downloading, rendering, entering passwords, connecting to various multiplayer networks, answering their questions, etc. It takes 5 minutes before the game starts, but by then, we've both lost patience.

* The games are obnoxiously crippled -- they offer only teases, or they constantly try to trick you into clicking to their ordering system, or their ads, or they suddenly stop in the middle of play. You feel interrupted, short-changed, and ripped off.

* The games themselves strike us as weirdly unimaginative. The graphics are retreds of crap I've been seeing since the 80s, or else they look like the standard manga stuff. They often have cliched, muzak-style "soundtracks" and have the game equivalents of a laugh-track: clapping, "awww"-ing, etc.

In sum: these games suck. How they can represent some sort of billion-dollar-industry is so baffling that I suspect a hyped bubble; I can't imagine masses of people paying for this junk. It's more fun to kill time by flipping a coin. It feels like there are no original artists in the game-making work, just "industry" hacks. Maybe one day game-making will somehow be more democratic like website creation and some will try to innovate.