08 Feb '13, 6pm

Even if you don't use Ruby or Rails, embedding third party JS from a site that does could hurt you. by @jefflembeck

Look for analytics providers and other folks on that list who have instructed you to embed JS on your website. If I do this exercise, I come up with at least three results here. Do any of them use Ruby on Rails? (Are you sure? Remember, if they have at least one Rails app on their network…) Great. If they didn’t patch in a timely manner, you should assume that JavaScript you’re embedding on your website is in the hands of the enemy. It is now a cross-site scripting vulnerability against every page it is embedded on. Do you embed it on e.g. log in pages or anywhere your admins expose their own all-powerful admin cookies? Boo, now the enemy has your password / cookies / etc. Patrick McKenzie, What The Rails Security Issue Means For Your Startup

Full article: http://alistapart.com/blog/post/derailing-security-bugs

Tweets

“Clean #Energy Tied to National Security, Offic...

defense.gov 07 Feb '13, 9pm

Clean Energy Tied to National Security, Official Says By Claudette Roulo American Forces Press Service WASHINGTON, Feb. 7,...

Ruby Weekly issue 131 is out: (tons of goodies ...

rubyweekly.com 07 Feb '13, 3pm

Topaz: A New Ruby Implementation Built on RPython A brand new Ruby implementation built upon RPython, a 'restricted' varia...

4 ways SMBs can enhance IT security and protect themselves from hackers

4 ways SMBs can enhance IT security and protect...

sgentrepreneurs.com 01 Feb '13, 1am

4 ways SMBs can enhance IT security and protect themselves from hackers February 1, 2013 by Guest Contributor By Philippe ...

Follow the companies you want to work for on so...

clearedjobs.net 04 Feb '13, 12pm

Keeping yourself relevant, fresh and up-to-date can be a part-time job. But spending just 15-30 minutes per week on Linked...

Hey guys, do you think this is #bullshit ? Let'...

spectrum.ieee.org 06 Feb '13, 8pm

At first I thought this was one of those IT urban legends, like the “disappearing warehouse ” story, but according to Veri...

measuring spring via a magnoliometer @gr8gardens @Tregothnan @edenproject #spring #magnolias

measuring spring via a magnoliometer @gr8garden...

seasaltcornwall.co.uk 08 Feb '13, 12pm

We’re always bragging about the climate in Cornwall. You know the sort of thing – the first daffs in the UK, hardly an...

“Programmer Bob”: Latter-Day Tom Sawyer or Mass...

spectrum.ieee.org 31 Jan '13, 7pm

At first I thought this was one of those IT urban legends, like the “disappearing warehouse ” story, but according to Veri...

Get warned quickly of Ruby vulnerabilities to f...

ruby-security.com 10 Feb '13, 6pm

The Ruby security newsletter Always up to date on vulnerabilities and security features for Ruby and all the gems you need...

10 tips to make sure you stay safe #online, in conjunction with Safer Internet Day #SID

10 tips to make sure you stay safe #online, in ...

e27.sg 06 Feb '13, 3am

Never reveal your personal information because you don’t know who might be watching you. Refrain from putting personal det...

Costa Rican scientists trial aquatic agriculture to boost food security: Costa Rican researchers are pioneering

Costa Rican scientists trial aquatic agricultur...

enn.com 02 Feb '13, 1pm

RELATED ARTICLES 'Aquaponics' Help Islanders Cultivate Crops and Raise Fish October 26, 2012 08:47 AM Take biofuel crops o...

For those concerned about @padrinorb in the lig...

padrinorb.com 04 Feb '13, 4pm

Rails and the Ruby community had their fair share of security vulnerabilities in the recent days. Where does that leave Pa...

New Blog Post :: Learning Ruby on Rails

New Blog Post :: Learning Ruby on Rails

heatherburke.co.uk 08 Feb '13, 11am

I have been using Ruby on Rails for about 2 years and nowadays I use it for developing almost all of my web applications. ...

A look at the (now patched) security of [Kim Dotcom's] MEGA cloud storage service

A look at the (now patched) security of [Kim Do...

hackaday.com 29 Jan '13, 10pm

MEGA is a new, encrypted cloud storage system founded by [Kim Dotcom] of MegaUpload fame. They’re selling privacy in that ...

12 reasons to start using a bicycle for transportation #IWIYW via @MotherNatureNet

12 reasons to start using a bicycle for transpo...

mnn.com 07 Feb '13, 4pm

We're continuing our look at smart ways to start saddling up and using bicycles for real transportation. We've always take...

Ruby on Rails receives its third security patch...

infoworld.com 29 Jan '13, 7pm

Developers of the Ruby on Rails Web development framework released versions 3.0.20 and 2.3.16 of the software on Monday in...