September 20, 2008 2:28pm
Habari 0.5.1 has been released. This is a security fix and you should update immediately if you're running 0.5. If you're running trunk, you should svn up, making sure you back up your data if you haven't updated for a while, as we recently merged some significant schema changes for the upcoming 0.6 release.
April 15, 2008 10:10am
You should never ever modify core files in WP. If you find you have to, file a ticket for a new hook or filter so your modifications can be a plugin — it makes things so much easier.
January 17, 2008 12:00pm
Using public anonymous data from the 1990 census, Latanya Sweeney found that 87 percent of the population in the United States, 216 million of 248 million, could likely be uniquely identified by their five-digit ZIP code, combined with their gender and date of birth. About half of the U.S. population is likely identifiable by gender, date of birth and the city, town or municipality in which the person resides. Expanding the geographic scope to an entire county reduces that to a still-significant 18 percent.
December 30, 2007 11:23am
JSON makes very good use of Javascript’s literal object notation. But it’s a consequence of this fact that a JSON message can conveniently be processed by reading it into a variable and then running eval on the variable. [...] The moment you do this, of course, you expose your code to a Javascript injection attack.
October 1, 2007 2:52pm
If your web application hosts any valuable information at all, it’s prudent to expect that some significant proportion of your users will eventually have their accounts hijacked.