yppasswd writes: A zero day vulnerability (CVE-1012-4681) was found in JRE 1.7, affecting the Java browser plugin and allowing the attacker to circumvent the plugin sandbox and take control of the machine. According to researchers the vulnerability is, actually, split in two distinct bugs and exploits against the bug are already circulating in the wild. As of writing, Oracle hasn't provided a fix yet, so the best bet for now seems to be either disabling Java in your browser or reverting to 1.6.x which should not be affected.
Sooner Boomer writes: "I'm a member of a long-running mail list. We recently migrated back to it from years-long trials with efforts involving google and yahoo groups. The legacy mail list does not allow the posting of binary files, so no pictures, PDFs, or similar files can be shared. The folks are not very tech savy, and don't want to download/install programs like what are needed for dropbox and other services. Other web free sites such as Photobucket are picture and video only. What other free solutions are there to allow the list members to share files, preferably with password protection to try to limit it to only the list members?"
judgecorp writes: "Hackers supporting Julian Assange have been hitting various websites in protest... including a politician who opposed Assange's extradition. Labour MP Peter Hain said the hit on his site was an attack on free speech which was irrational given Assange's manifesto. On Tueday, NullCrew hit Cambridge University in a pro-Assange attack which leaves observers wondering — what did the University have to do with it? In March, the students even welcomed him to their debating club, the Union Society."
Barence writes: Microsoft is charging British users more to upgrade to Windows 8 than their US counterparts. Microsoft's UK press office has told PC Pro that the price will be set at £39.99 in the UK — a straight dollar to pound conversion — even though at current exchange rates, $39.99 equates to £25.30. Even if the US price doesn't include sales tax, British buyers are still around £10 worse off than their US counterparts.
Michael Ross writes: "Of all the open source content management systems used for building websites, Drupal has a reputation for being one of the most flexible and powerful available, but not the easiest for web designers to use. Drupal version 7 has made some strides in alleviating those flaws, but there is still much progress to be made. During the past few years, a number of books have been published that explain how Drupal designers can do custom theming, but they tend to focus on the technical details of the theme layer, and not the practice of web design when using Drupal as a foundation. That rich yet neglected subject area is the focus of a new book, Drupal for Designers: The Context You Need Without the Jargon You Don't.
The book's author, Dani Nordin, is a Massachusetts-based web designer and the founder of The Zen Kitchen, a UX design business. The book was published by O'Reilly Media, on 1 August 2012, under the ISBN 978-1449325046. The publisher's page offers a description of the book, the table of contents, an author bio, and some free sample content (the first chapter). This publication is a compilation of three previously-released short guides — Planning and Managing Drupal Projects, Design and Prototyping for Drupal, and Drupal Development Tricks for Designers — with additional material. All of these books were written by Dani Nordin, and comprise the "Drupal for Designers" series by O'Reilly Media. (My thanks to the publisher for a review copy of this particular title.)
The book's material spans 328 pages, and is organized into seven parts, which do not include the introduction or the first chapter. The seven parts — each comprising at least two chapters — are largely presented in the same order that a typical reader would want to learn and implement the recommendations: Discovery and User Experience; Sketching, Visual Design, and Layout; Setting Up a Local Development Environment; Prototyping in Drupal; Making It Easier to Start Projects; Working with Clients; and Sample Documents.
Unlike most introductory Drupal books, this one wisely begins with a helpful dictionary of Drupal terminology. The first chapter also discusses the phases that compose a typical Drupal project lifecycle. Sandwiched in between is some guidance on where to place custom code in a Drupal directory system. The author advises that "Any module, theme, or other customization that you create for your site should always reside in sites/all" (page 2, and also reflected on pages 1 and 5). That may be true of contrib modules and themes, but certainly not custom ones, which are better located in sites/default or sites/[domain name]. She states that a child theme should be "stored separately in sites/all/<client_name>" (page 4). Actually, they should be placed in "sites/default/themes" or the themes subdirectory of a domain name directory. Finally, she recommends that for a multisite installation, one should keep "everything in sites/all" (page 5). Lumping everything into the "all" subdirectory would defeat the fundamental mechanism of multisite, which allows one to host multiple sites on a single Drupal installation, with their custom files and settings separated by domain name.
The first part of the book is loaded with valuable counsel on how to conduct the discovery phase of a website project, including coverage of project goals, user experience (UX), mockup tools, user personas, wireframes, prototypes, and the key components of a short-form project brief. It is evident from the narrative that the author is drawing upon a great deal of real-world experience, as well as lessons learned from other veteran web designers. The only blemish is where the author refers to "the project brief in Section 8" (page 45, repeated on page 254), and yet there appears to be no such section in the book. Perhaps she means Appendix A, which has an example project brief.
Once a design team has completed and received sign-off on a project brief — as well as any wireframes and other helpful preliminaries — a logical next step is to build the initial visual design. In the second part of the book, the author demonstrates how she uses sketches, style tiles, layout elements, greyboxing, grid systems, and Fireworks templates for crafting a visual design for a website. Throughout these chapters, she uses a redesign of her own personal website to illustrate the material. Both this part and the previous part of the book contain little information that is specific only to Drupal; thus, it could be useful to designers building websites using other CMSs.
Some readers of the book may already have up-to-date Drupal environments installed and configured on their development web servers. For those who do not, Part III will likely be appreciated, especially if the reader is using a Mac machine, because that is the environment to which the text and screenshots are geared. The author contends that "Windows seems to add an annoying layer of complexity to most of the command-line stuff" (page 102). Yet from my own experience, installing and using Git and Drush on a Windows PC is largely the same as in a Linux environment. Most developers complain that the main hurdle is Git's unintuitive workflow, which is independent of the operating system. The author touches upon some other tools, such as LESS and phpMyAdmin. Chapters 9 and 10 focus on Drush and Git, respectively. The last chapter in this section steps the reader through installing MAMP and Drupal. The discussion is generally comprehensible, except for the first paragraph on page 132, which is arguably the most confusing in the entire book. For instance, echoing a misstep seen earlier, it advises that all changes to your Drupal site should be stored in the sites/localhost directory, which contradicts the advice on the previous page, that all customizations to the site should be located in the sites/all directory.
The fourth part of the book covers prototyping in Drupal: gleaning from the client the information needed to define the content types for the website; choosing the appropriate modules for implementing the desired functionality; using views for displaying data; improving the HTML generated by views; creating custom Drupal themes; and using LESS to better manage the CSS within a theme. The advice is on target, except for the recommendation to use the Submit Again module, which does not have a Drupal 7 release, and has been replaced by the Add another module. Readers who are having difficulty locating the User Reference module mentioned by the author (page 187), can find it as a submodule in the References project. Lastly, the author instructs the reader to enable any base theme used (page 217), but actually it does not need to be enabled; installation alone is sufficient.
Part V, the briefest of them all, explains how to utilize the Features module, as well as Drush Make and installation profiles. Part VI comprises three chapters which offer guidance on how to propose an estimate for new projects, how to push back on unreasonable client requests, and how to learn from and document a finished project. This material is so closely related to that presented in the first part of the book — project discovery, planning, project briefs, etc. — that these final three chapters should have been incorporated into that earlier part. In fact, the first paragraph of this part states that it describes a phase of the discovery process that should be conducted prior to the phase described in Part I. Nonetheless, the author provides smart tips on some of the more difficult aspects of project management. The last part of the book comprises three appendices with sample documents — specifically, a project brief, a work agreement, and a project proposal.
On the publisher's page for the book, no errata have been reported, at this time. That is likely because the book appears to contain remarkably few errata: "What if there was" (pages 81 and 245; "was" should be "were"); "get familiar [with] the command line" (page 108); "a couple of" (page 172; should be "a few," as it is referencing three bullet points); ".less" (page 208, twice; should be "LESS"); "carpal tunnel[s]" (page 231); "original code [for] a feature" (page 242); and ".tpl" (page 266; should be ".tpl.php"). This is certainly a low number of errata for a technical book of this size. Kudos to the author and the O'Reilly editing team.
Overall, the book's style is clear and conversational, with only a few rough patches. Incidentally, the terms "directory" and "folder" are synonymous, but newbie readers who do not understand this could be confused when the two terms are used interchangeably, especially within the same sentence (e.g., page 109). Interspersed at various points in the text are interviews with people involved in web design, entitled "From the Trenches," which add perspective from designers other than the author. The reader will also find some natural humor and humility, which is always welcome in a technical work.
The author and publisher have made good use of the many screenshots, showing sample designs, Drupal user interface pages, etc. Unfortunately, for the Drupal pages, the admin theme used is the default, Seven, which results in black text on a gray background — a poor choice for such wide screenshots being compressed into small images on the page. Consequently, much of the text is barely legible, especially for anyone with imperfect eyesight.
From a technical point of view, the information provided is accurate and worthwhile. The only serious problem is the misleading advice, noted above, concerning the placement of custom modules and themes within the directory structure of a Drupal project — which was undoubtedly unintentional. The reader will encounter some HTML markup, a lot more CSS, and a minimal amount of PHP code. All of it is neatly formatted, and the only apparent problem is where a snippet of example code includes invalid nested "<?php" tags (page 188).
Despite these minor blemishes, this is one of the better-written Drupal books on the market. Web designers who will be working on Drupal projects, should be well rewarded in choosing this book as a solid starting point for their studies.