Data Circle

LiveJournal XSS Security Challenge at Slashdot

LiveJournal has launced an XSS Security Challenge which currently offers a free permanent account (like a paid account but does not have to be renewed, plus there are some other bonus features) to anyone who finds a Cross Site Scripting (XSS) security hole in the CVS code for the site. There’s also the possibility of additional rewards later on, once the Six Apart lawyers have decided on any rules for the challenge. If you know a reasonable amount about JavaScript, you could be in with a chance to not only fix a bug in software used by millions of people every day but also collect a bounty at the same time. What more could you ask for?

New theme competition at Photo Matt

There’s a new WordPress 2.0 theme competition with a selection of prizes ranging from an iPod video to a Belkin wireless router.

I’m looking forward to seeing the results that this competition brings, because I know I’m going to have to update all my blogs from 1.5 to 2.0 at some point and having some great new themes available will certainly provide an incentive to perform the upgrade sooner rather than later.

In a message entitled GPL V3 and Linux – Dead Copyright Holders sent to the Linux Kernel Mailing List on Wednesday, Linus Torvalds explained why the Linux kernel will not use the third version of the GNU GPL which is currently being drafted. He makes an interesting point that I hadn’t considered before – that the “or, at your option, any other version” clauses isn’t actually part of the licence. He’s also firmly against the conversion by the sounds of things, ending his email with “Conversion isn’t going to happen”.

Further coverage

• Linus Says No GPLv3 for the Linux Kernel at Slashdot
• Torvalds Says No GPLv3 For Linux at Beta News

Many people, including myself, have never really got the hand of how the Debian release scheme works. What’s the different between stable, unstable and testing? What are all these strange codenames that appear to be references to the Disney film Toy Story? Although there is some official release documentation, it’s not very clear and is spread out over several different documents.

Thankfully, PerfDave has written a document entitled Debian Release Nomenclature, which explains the whole process in a much more concise and simplified manner than the official Debian documentation. It’s a useful piece of material to read for anyone running a Debian machine (even though I’m a FreeBSD man normally, the virtual machine providing backup mail and DNS services for most of my domains runs Debian).

Adium, the popular multi-protocol instant messaging software for OS X, has updated to version 0.88. Most of the changes are bug fixes for problems that I haven’t noticed myself, but it’s good to see that the software is still receiving regular updates. The major change as far as I can see is that Adium is now a universal binary, which means that it is made to run on Macs with either PowerPC or Intel chips without having to resort to dynamic binary translation.

Free Apress Programming Books via Forever Geek

Apress, one of the well known computer book publishers, is giving away free copies of selected titles as PDFs from their web site. There’s a range of titles available, including Writing Perl Modules for CPAN, which I found very useful when I was writing a custom RTF module at work recently.

If you’re interested in any of the topics covered by the books, I’d recommend that you take a look at them. In my opinion, Apress generally publishes good quality material, and if you don’t like the book it’s not cost you anything more than the time to download it.

N.B. The free books page asks for your email address in order to sign you up for the Apress newsletter, but you don’t have to give it if you don’t want to.

PHP’s “doggie” easter egg via SitePoint

Apparently by appending different query strings to PHP scripts, you can get various “easter egg” images to appear. Rather amusing, although you do wonder why developers bother putting features like these into what is supposedly a serious scripting language.

More Information

• PHP 4.x URL Easter Eggs at The Easter Egg Archive

Found this via Parm on UNaXcess: IA-32 Intel® Architecture Software Developer’s Manuals, available for download or in printed form. Extremely useful if you’re doing any sort of low level development/programming aimed at Intel’s 32 bit processors – somewhat above my level of expertise though.

There is an interesting article on SitePoint at the moment, entitled Top 7 PHP Security Blunders. It’s lacking detail for most of the security issues raised, but it’s a useful article nevertheless. If it stops just one newbie PHP developer from making a major security blunder then it will have been worth the time spent writing the article, in my opinion.

PSP Quake 2 Public Beta in 3 days at Forever Geek

If McZonk keeps to his word, we should see a public beta of Quake II for the PSP in the next few days. As I’ve mentioned before, I don’t own a PSP myself, but if I did then Quake II would definitely be one of the first pieces of software I’d be installing. I’‘m amazed that someone has managed to create such a cool project in their spare time, and even now he’s still tackling problems such as the effects of clipping, although my knowledge of computer graphics is fairly limited so I’m not entirely sure what the clipping problem is.