Nov
11
2008
0

Safer Software Practices

Wordpress

Wordpress

I’ve been upgrading to the latest releases of WordPress as soon as each one comes out.  And, its a good thing too.

Over the last week or two a website named “Wordpresz.org” ((I’ve edited the link so that it goes to WordPress.org instead.  I don’t want contribute to these hackers fooling anyone else.)) was discovered.  The people who created this website were using a vulenerability in WordPress version 2.6.2 to redirect users to their website.  Their website purported to release WordPress version 2.6.4[1].  The problem was that they had hacked one file in the installation package to create a bigger security vulerability.

This just goes to show that:

  1. Monitor for Updates. Many programs these days automatically check to see if new versions are available.  If the program does not have this feature[2] , its a good idea to check about once a month or so.
  2. Update Frequently. Not all software updates are equal.  If the program is being updated to fix security vulnerabilities or improve the program’s stability, you definitely want to install the update.  This website’s installation of WordPress was already “inocculated” against this kind of attack because I had alled version 2.6.3 almost as soon as it came out.
  3. Use Official Sources. WordPress is open source software built using PHP and MySQL.  Since the program is open source, its easier to modify the code. ((As Uncle Ben said, “With great power comes great responsibility.”))  The themes and plugins available through WordPress.org are reviewed by other users for malicious code and for possible improvements.  If you’re not certain how to examine source code for malicious code, its best to only use official sources.
  1. The latest version is 2.6.3 which is just version 2.6.2 with a small but important security fix. []
  2. Or if you turn it off, as I sometimes do. []
Jul
14
2008
0

Updated Calculators – a work in progress

Lately I’ve been working on cleaning up all of the calculators and making them easier to use. You can see the latest version here. Hopefully in the very near future these “updated” calculators will replace the ones currently available on this site. I’m retooling these calculators because the current calculators were built specifically for the old site. This also gives me a good excuse to implement some of the improvements I’ve been kicking around.

  • Improved graphical user interface. I find this new layout more intuitive. Let me know what you think about it.
  • More calculators. I have a working retroactive benefits calculator that can be plugged right into the new calculators. Got an idea for a new calculator? Drop me a line and let me know!
  • Help information. The current calculators don’t offer a lot of help information – except when you try to do something wrong. I’ve designed these new ones to give a lot more feedback.
  • Quicker load times. The current calculator page takes about a full second to load up. That’s too long!

My arbitrary self-imposed target date to get the new calculators working is July 23, 2008 – the one year birthday of this website. I’ll have to find some screenshots of the original site for you to snicker at. It was pretty ugly.

Use of this site constitutes agreement to its Terms of Use, Privacy Policy and Legal Disclaimer.
Copyright 2007 - 2017 - PDRater – PD calculators and Jay Shergill
Powered by WordPress | Aeros Theme | TheBuckmaker.com WordPress Themes