Free and Open Source blogger with an attitude
It’s has been raining in my hometown, the rain stops for a couple of hours and then it starts again… it has been like this for days. The weather forecast predicted that this pattern will continue for at least a week.
Well, better get umbrella for tomorrow then, because we’re gonna celebrate HARI RAYA AIDILFITRI!!!!
Selamat Hari Raya and Independence Day to all of you!!!
Had problem with PHP XCache with my server configuration, seems I must spend another hour fixing this… it totally blows…
It is undeniable that Web services and AJAX-ified interfaces are the trend now. Application that utilizes internet to retrieve data (such as mobile application or other thin client) uses web services alongside with its data format. AJAX-ified interface and website gives a modern and edgy look can make websites more attractive and can create great impression to the users.
However the issue of the web application security would still remain the same, if not more challenging, since there are so many ways to exploit the vulnerability of websites that utilizes Web Services and AJAX transfers on the background.
Therefore, it is imperative to use the right technique in order to evaluate the security of these services before deploying them out in the open.
For that matter, now I’m currently reading Ajax Security (Hoffman,B. & Sullivan, B.) and Securing Ajax applications (Wells, C.) which in my opinion is a pretty good start for somebody like me to understand common methods for securing web services and websites which uses AJAX heavily.
Hopefully the situation would improved as there are a lot of campaigns around to raise the state of awareness of web application security.
I’m not a PHP developer by profession, nor I’m very good at it, there are times where I was required to write PHP web application for my daytime job. While it is still a simple application, nevertheless I grew fond of the simplicity of PHP application development and deployment (though some aspects of the language still confuses me, and sometimes the maintenance is a PITA).
I haven’t developed any PHP application for the masses yet, but if I do, I imagine it would benefit from the use of Cloud, therefore my latest wishlist is this book: PHP Development in the Cloud
The book is written by Ivo Jansch and Vito Chin, and it covers Cloud Computing Characteristics and Models, Cloud Computing Architecture and Scalability and how to prevent bottlenecks, Working with Popular Cloud Infrastructures and Platform (covers Amazon, Google and Rackspace) and Working with Popular Cloud Software and Services (OpenID, OAuth, CRM, Maps and Storage).
The book is available from in paperback format from online bookstore (Amazon, Barnes & Nobile, etc) or in digital form from PHP Architect website
A bit of advice when starting up an e-commerce (especially storefront) site, please use proper e-commerce software for the job. Do not ‘force’ a general-purpose (CMS) to be an e-commerce site via plugins (or *cough* *cough* ‘component’), it’s gonna be a pain-in-the-ass to secure ’em.
So do yourself (and the sysadmin guys) a favor, use a proper e-commerce software platform or just turn to blogger.com for selling your stuffs…
*Note that I’m not a legal expert or an attorney, this is just based on my personal experience and internet search*
There are people who asked me about why bother to release a piece of software or code under Open Source License instead of putting it in Public Domain.
First of all it is a matter of personal choice if write the code or the said work on your own, . But if you release your work under open license (open source or creative commons), you can still retains the copyright (ownership) of the materials that you’ve released. Technically, people who used your work has to adhere to the copyright license terms of your choosing, including freeing you from liabilities if the software is broken or causes harm. Licensing your work will acknowledge you as the owner and those who used your application, and you retain legal rights for your work.
On the other hand — once you have put your work on Public Domain, you will lose your rights on the work, as the work would have no copyright-owner and isn’t protected by copyright law. So people are free to use the materials without any restrictions at all, including to incorporate the material into their work and make it proprietary and subsequently copyrighted it without legal repercussion. You will lose the legal right on your work.
Public domain isn’t a license, it is merely a statement that the software was given to the public and to make things more complicated, some countries disallow public domain material, meaning that the writer will not be protected by the copyright law if the software causes harm to others (the ABSOLUTELY NO WARRANTY and LIMITED WARRANTY, or AS IS clause).
Remember: Public Domain is not recognized internationally and is not stipulated under Berne Convention and in some countries, the author can’t disclaim moral rights.
Therefore, it is more wise to release the the software under a permissive license (copyright), rather than releasing it under public domain right away.
References
1. Creative Commons vs Public Domain
2. Is Public Domain software Open-Source ?
3. Why the Public Domain isn’t a License?
4. Why public domain release is a bad idea
