Judging from the table names in the article, it looks like they are maintaining virtually all of their data in a single database hosted on a machine that is connected to the Internet and accessible by anyone. This is a grave mistake in my opinion, regardless of whether they are using 3rd party software or not.
I was browsing the developers section earlier today when one entry sounded familiar. I read it again and found out that it was a journal entry I submitted to the frontpage back in August but it was rejected. Somehow the story made it to the developers section a couple of days ago without crediting me. Notice how it starts with "writes" without any us
One day after the Senate voted 63-37 for lifting the restrictions imposed in 2001 on federal funding of embryonic stem cell research, President Bush killed a bill that he claimed would sanction "the taking of innocent human life." The vetoed bill, the Stem Cell Research Enhancement Act, would have scrapped limits on federal funding, but it failed to reach the two-thirds majority in its Senate vote which would have overturned
John Dvorak writes on CSS after working on redesigning his weblog, the article ended up being extremely funny. From the write-up:
As we move into the age of Vista, multimedia's domination on the desktop, and Web sites controlled by cascading style sheets running under improved browsers, when will someone wake up and figure out that none of this stuff works at all?!
After the first announcement last October, Yahoo and Microsoft said they have begun a limited public test to allow users of Windows Live Messenger and Yahoo Messenger with Voice to connect to each other through either service, exchange messages, check their friends' online presence, view status messages and share emoticons. Users can register to a limited pub
HD Moore, the creator of the Metasploit toolkit, announced publishing details on one browser vulnerability per day for the month of July. Moore says on the Month of Browser Bugs blog that published information will be carefully chosen to demonstrate the concept without disclosing enough details that may lead to remote code execution. The blog currently contains vulnerabilities f