On Mon, Jul 16, 2012 at 02:06:04PM -0400, Ben Mendis wrote:
And Dan Kaminsky and Jeremiah Grossman are not the only two security
guys who have come to this conclusion.
Sure, PHP isn't my favorite language... but blaming bad code on PHP, and
assuming that changing the language is a panacea
On 12-07-16 at 11:38pm, Ben Mendis wrote:
Arguing which languages or coding styles do or don't produce secure
code is a religious argument, unless you have objective metrics to
back up your claims. And frankly, unless you're the one putting in the
hours to do the rewrite then the discussion
On 07/16/2012 01:07 AM, Matt Platte wrote:
On Sun, Jul 15, 2012 at 10:26:54AM +0200, Melvin Carvalho wrote:
On 15 July 2012 03:08, Nick M. Daly nick.m.d...@gmail.com wrote:
So, since there is a lot of concern about including PHP on the
What's are the issues with PHP?
I'm one of those
On 12-07-15 at 12:37pm, Jonas Smedegaard wrote:
On 12-07-14 at 10:53pm, bnewb...@robocracy.org wrote:
On Sat, 14 Jul 2012, Nick M. Daly wrote:
[Free alternatives to] RoundCube / SquirrelMail (webmail):
???
The (very minimal) NULL webmail client is written in C:
On Mon, Jul 16, 2012 at 3:28 AM, Jonas Smedegaard d...@jones.dk wrote:
On 12-07-15 at 12:37pm, Jonas Smedegaard wrote:
On 12-07-14 at 10:53pm, bnewb...@robocracy.org wrote:
[snip]
Right now - i.e. already in Debian (testing) - is CiderWebmail.
...but both my recommendations still stand:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In his 2010 Keynote at The Next HOPE, Dan Kaminsky pointed out the
following:
The bottom-line is that there just isn't a largemeasurable difference
in the security posturesfrom language to language or framework
toframework --specifically Microsoft
On Sun, 2012-07-15 at 12:37 +0200, Jonas Smedegaard wrote:
Correct, Diaspora is written in Rails, which unfortunately is
similarly
worrisome as PHP: even if (arguably) the underlying Ruby language has
saner coding style and community habits, Ruby on Rails tend to focus
on
rapidly mashing
On Sat, 14 Jul 2012 20:08:20 -0500
Nick M. Daly nick.m.d...@gmail.com wrote:
So, since there is a lot of concern about including PHP on the
FreedomBox, what are our solutions?
Static content would be good to keep on the table as an option, for
cases where it can be used.
Micah Lee from EFF
On 07/16/2012 09:56 PM, Sean Alexandre wrote:
Another comment from Micah's presentation was that some CMS systems
have the ability to generate static content. So you can create content
using CMS shortcuts, and then have it generate static content to put on
your website.
wget can be of help
On 12-07-16 at 02:06pm, Ben Mendis wrote:
Sure, PHP isn't my favorite language... but blaming bad code on PHP,
and assuming that changing the language is a panacea for security, is
pretty silly.
Is it me you call silly?
I believe I did not argue that security is only an issue with PHP, or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 16 Jul 2012, Jonas Smedegaard wrote:
On 12-07-16 at 02:06pm, Ben Mendis wrote:
Is it me you call silly?
I think the argument that the language can be used as a determining
factor or even as a metric for the security of an application
On 2012-07-14 at 20:08:20 -0500, Nick M. Daly wrote:
OwnCloud (file hosting):
???
git-annex assistant? (haskell)
http://git-annex.branchable.com/design/assistant/
I believe it will require something else for sharing, however
--
Elena ``of Valhalla''
On 15 July 2012 03:08, Nick M. Daly nick.m.d...@gmail.com wrote:
So, since there is a lot of concern about including PHP on the
What's are the issues with PHP?
FreedomBox, what are our solutions?
CryptoCat (secure chat):
CryptoCat Version 2 (???, in development)
Diaspora /
On 12-07-15 at 10:26am, Melvin Carvalho wrote:
On 15 July 2012 03:08, Nick M. Daly nick.m.d...@gmail.com wrote:
So, since there is a lot of concern about including PHP on the
What's are the issues with PHP?
The issue with PHP is the high risk of security flaws.
It is a mixture of a
On 12-07-14 at 10:53pm, bnewb...@robocracy.org wrote:
On Sat, 14 Jul 2012, Nick M. Daly wrote:
CryptoCat (secure chat):
CryptoCat Version 2 (???, in development)
End client XMPP+OTR clients plus Prosody running on the device? If
CryptoCat as-is is desirable, the server-side PHP
bnewb...@robocracy.org writes:
[...]
CryptoCat (secure chat):
CryptoCat Version 2 (???, in development)
End client XMPP+OTR clients plus Prosody running on the device?
I am not an expert but I tried prosody and I found it needs a SRV record
in order to receive connections because the
On 2012-07-15T15:53:32 CEST, Leandro Noferini wrote:
I am not an expert but I tried prosody and I found it needs a SRV record
in order to receive connections because the protocol XMPP. As SRV
requires a fixed ip address is this a problem for freedombox?
SRV records are not strictly required,
On Sun, Jul 15, 2012 at 10:26:54AM +0200, Melvin Carvalho wrote:
On 15 July 2012 03:08, Nick M. Daly nick.m.d...@gmail.com wrote:
So, since there is a lot of concern about including PHP on the
What's are the issues with PHP?
I'm one of those in-a-hurry developers Jonas mentions. He is
So, since there is a lot of concern about including PHP on the
FreedomBox, what are our solutions?
CryptoCat (secure chat):
CryptoCat Version 2 (???, in development)
Diaspora / Friendica (social networking):
Libertree (Ruby, Alpha)
RoundCube / SquirrelMail (webmail):
???
On Sat, 14 Jul 2012, Nick M. Daly wrote:
CryptoCat (secure chat):
CryptoCat Version 2 (???, in development)
End client XMPP+OTR clients plus Prosody running on the device? If
CryptoCat as-is is desirable, the server-side PHP code is 500 lines
including comments and could be ported
20 matches
Mail list logo
