04 Jan '13, 10pm

Ruby on Rails è vulnerabile! via @rickymeggiato

è uno strumento per lo sviluppo di applicazioni web. è molto potente, abbastanza semplice da usare e, per questo, diffuso. Va da sé che scoprire una sua vulnerabilità, dal punto di vista della sicurezza informatica, non fa dormire sonni tranquilli a chi lo utilizza. Anche perché una vulnerabilità alla così detta SQL Injection è importante. In buona sostanza, tramite questa, un criminale informatico può inserire nell’applicazione del codice malevole. Ahia. I gestori di Ruby on Rail, per fortuna, sono prontamente corsi ai ripari: le versioni 3.2.10, 3.1.9 e 3.0.18, infatti, risolvono il problema. Ma, ovviamente, chi non lo ha fatto, si deve aggiornare. In caso contrario, i rischi sono elevati, anche se non é automatico che qualunque applicazione sviluppata sia attaccabile. Il meccanismo con cui agisce la vulnerabilità è un po’ complesso e, se smanetti con RoR,

Full article: http://blog.wired.it/hackinsider/2013/01/04/ruby-on-rails...

Tweets

Ruby on Rails: vulnerabilità SQL Injection

blog.html.it 04 Jan '13, 11am

Recentemente è stata individuata una vulnerabilità a carico di Rails SQL che riguarderebbe tutte le versioni di Ruby on Ra...

Ruby on Rails Designer - Sass & Rails - oDesk: ...

odesk.com 05 Jan '13, 3am

Rails and Sass programmer to change an existing ecommerce website to 1) create a new front page that will allow project po...

Ruby on Rails Web Development For Rapid Development:

Ruby on Rails Web Development For Rapid Develop...

talentsfromindia.com 05 Jan '13, 8am

Ruby on Rails, often known as ROR or Rails is an open source web development application framework for the Ruby programmin...

Five Reasons Why We Use Ruby on Rails

Five Reasons Why We Use Ruby on Rails

infront.com 05 Jan '13, 6pm

When we have intital discussions with potential website clients, one thing we always talk about is our Content Management ...

Por qué aprender Ruby on Rails

Por qué aprender Ruby on Rails

cristalab.com 03 Jan '13, 8pm

Una de las cosas que me dejó el 2012 fué conocer Ruby on Rails. Luego de haber navegado un poco por PHP, haber conocido Co...

Senior Ruby on Rails developer by deepblueforce...

freelancer.com 02 Jan '13, 1pm

+ HAML templating and SASS style generation + High respect for standards eg. W3C produce valid, error free readable code +...

SQL Injection Flaw Haunts All Ruby on Rails Ver...

threatpost.com 03 Jan '13, 3pm

All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an atta...

Ruby on Rails SQL injection issue

Ruby on Rails SQL injection issue

lwn.net 03 Jan '13, 1am

Ruby on Rails SQL injection issue [Posted January 3, 2013 by corbet] Ruby on Rails SQL injection issue [Security] Posted J...

Ruby Job: Ruby on Rails Developer @WeedMaps at ...

jobs.rubyinside.com 02 Jan '13, 7am

WeedMaps is an established and profitable technology company, creating software in the fast-growing (medical) marijuana in...

El año no puede empezar mejor con esta interesa...

trabajosrails.com 02 Jan '13, 6am

Un Desarrollador Ruby on Rails con ganas de incorporarse al equipo de The Cocktail. Alguien con experiencia en el campo de...

Hotel reveal deal website in Ruby on Rails by s...

freelancer.com 30 Dec '12, 4am

I need a website similar to http://www.hotwirerevealed.com/ created in Ruby on Rails. The website should reveal deals from...

Resolving to learn to code in 2013? Check out @thisishackeryou's Ruby on Rails course - it begins Jan. 21st:

Resolving to learn to code in 2013? Check out @...

hackeryou.com 31 Dec '12, 9pm

About Brad: Brad's tech career had humble beginnings as an IT specialist, but his interests quickly blossomed into softwar...

#OWASP [Rails] Re: CSRF tokens for mobile apps ...

netrubyonrails.blogspot.com 29 Dec '12, 3pm

Hey Jim, don't be a jerk, especially when your answer is wrong. Using <%= form_authenticity_token %> doesn't work because ...

Check out "Essential Ruby & Rails" with .@mjord...

skillshare.com 29 Dec '12, 2pm

individual/peer group exploration 1-6 hrs Guided tutorials and videos on Ruby installation and advanced exploration made a...