Drupalcon Szeged Videos! August 28, 2008
Posted by Robin in : Drupal, Game Maker , 2 comments
Image via Wikipedia For those like me that couldn’t attend in person, there are some Szeged videos floating around right now on archive.org (note: I didn’t make these, remember, I’m not there 
). Enjoy!
http://revver.com/video/1137068/drupalcon-2008-szeged-security-bof/
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=88636518-884a-4d19-95c9-125175579446)
Multimedia Churches Update - August 26, 2008 August 26, 2008
Posted by Robin in : MultimediaChurches , add a commentFor the time being, the MultimediaChurches.org website is redirecting to it’s category on my personal blog. I’m in the process of making a proper website for it, and until one is ready I didn’t want it to direct people into dead space.
I’ll post updates once the new website is available. And, at the same time, I’ll be announcing some additional services for Churches and Christian Ministries, so be sure to stay tuned!
Looking for work
Posted by Robin in : Drupal , 1 comment so far
Image by Always Be CoOL via Flickr Just a quick note that I’m activing looking for work again in Drupal development or system administration. You can can drop me a comment, or email me at robin @ robinmonks . com and I’ll be happy to send a copy of my resume right out 
I’ve worked with Drupal 5 and Drupal 6, and am proficient in setting up custom Drupal sites using Drupal’s full potential. I’d prefer a long term arrangement, but will consider short-term contract work as well.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=a8f1542c-4aa5-4696-ba73-a96c70a8ab8e)
Drupal Tutorials Day! August 25, 2008
Posted by Robin in : Drupal , 1 comment so far
Three great Drupal how-tos appeared in Drupal Planet today:
- Daily quality control checks with Coder
- Creating a list of users
- Build An Aggregation Site With Drupal (Part 1) (and Part 2) [Really detailed!]
I thought I’d take a moment and share these in case anyone missed them.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=cb0fdfcf-ebf7-4271-8b7c-8cbb2910de99)
GMking.org Blog » Really Long Distance Collaboration
Posted by Robin in : GMKing , add a comment
Image via Wikipedia Another post by me is up at the GMking Blog:
The GMking staff is extremely geographically diverse, which makes communication and decision making processes much harder. Many of our staff have an 8 hour or more time gap (which probably explains why some of us are such night-owls ).Robin Monks - GMking.org Blog, Aug 2008
Related articles by Zemanta
- Google to Connect to Other IM Networks Using Jabber Transports
- AOL Tests Jabber Gateway
- Slick IM for Windows Mobile
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=b1eb4a90-57d5-4b88-85b6-6fcc17b5ab40)
Drupal Databases: The Next Generation August 24, 2008
Posted by Robin in : Drupal , 5 comments
Image by palestrina55 via Flickr It sounds kinda like Star Trek, but trust me, this is a lot more exciting! Drupal 7 will access databases using PDO (PHP Data Objects), which allows Drupal to support many different Database Servers in the future (and will bring us one step closer to Drupal running on a SQLite3 flat-file database, woohoo!).
A few people covered the patch arriving in core. And now, even after this major 343.92 KB has been committed, there is still work to be done! A task list posting on g.d.o lists 11 issues (both bugs and features) that now need to be implemented because this patch has hit core. It feels like FormAPI all over again
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=b80f7d83-59e7-4b60-accd-af094ba807e8)
It pays to keep track August 23, 2008
Posted by Robin in : Drupal , 1 comment so far
Image by digitalART2 via Flickr One of my oldest non-committed Drupal core features is the deceptively-simply named “Add Referrer Banning“. It’s been around since 2005 when 4.6/4.7 was cool :) It’s been re-rolled 5 times, the last to make it compatible with the HEAD that will be 7.x, that was March 3 of this year.
Since then core has changed a lot, and most importantly, the core functionality that I was hooking into to add the referrering banning has been partially removed. So now I’m wiriting an even more complex patch; from 8KB to something around 30KB.
The lesson here? Whatch the queue and re-roll your patches frequently! Now, I need to get back to digging through system.admin.inc
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=b6034123-3efd-4be1-b780-2b838f1e9d20)
Security theater #1 - Using SSL for login | Heine August 22, 2008
Posted by Robin in : Drupal, Uncategorized , add a commentHeine from Drupal IRC was kind enough to explain the SSL issues that I mentioned here and here in much greater detail. Head to his blog for the full article. Thanks Heine!
Image via Wikipedia A quite popular activity among Drupal site owners and extension developers (drupal, firefox) is to make sure certain page requests happen over a secure HTTPS connection, whereas the majority of request is still done over an unencrypted HTTP connection. User logins are typically the target of this effort.
Now, unless your really value your password (because you happen to be Ben Bernanke and use the same password for the documents holding the future interest rate), this is only going to give you a false sense of security. I know, it is still a very warm and comfy feeling, but it won’t be so comforting when some clown sees Mike Perry’s presentation and takes away your site.
Security theater #1 - Using SSL for login | Heine.
Related articles by Zemanta
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=ef5d0b8d-abbf-46e3-aba6-e2f0f7a2e572)
Are HTTPS Drupal sites insecure? Not anymore!
Posted by Robin in : Drupal , 1 comment so far
Image via Wikipedia You might recall my previous article where I wrote:
Personally, I think it’s just spreading FUD; but Information Week is reporting that “Just over a week ago, security researcher Mike Perry presented information at the DEFCON security conference about a vulnerability that affects many SSL-secured Web sites, including Amazon, Facebook, Gmail, addons.mozilla.org, most Drupal sites, and many online merchants and banks. ”In the eyes of Robin Monks, Aug 2008
You should read the whole article if you havn’t already. Back? OK! So, after a call for some dev comments on the issue (thanks to John Wilkins and Christefano for the heads-up!), I can safely say this issue is fixed in DRUPAL-6 branch, HEAD, and about to be fixed in DRUPAL-5. So the fix will be in the next security release of Drupal 5 and 6, and also in Drupal 7. Go go Drupal devs!
Other cool stuff:
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=3a413dfa-33ea-44f5-b346-aa688827fe3a)
Is InformationWeek right? Are most all Drupal sites insecure? August 21, 2008
Posted by Robin in : Drupal , 4 comments
Image by sophiea via Flickr Personally, I think it’s just spreading FUD; but Information Week is reporting that “Just over a week ago, security researcher Mike Perry presented information at the DEFCON security conference about a vulnerability that affects many SSL-secured Web sites, including Amazon
I have no idea why Drupal would be mentioned by name in this manner, especially if it’s a problem with cookies and the SSL protocol.
Are there any Drupal core devs who would like to comment on this security issue? I’d love the write a follow-up blog post with the full story!
Related articles by Zemanta
- Gmail hacking tool to be released
- How not to get your Gmail hacked [Siilicon Valley Users Guide]
- SSL-encrypted Gmail not safe to ’sidejacking’ attacks, says researcher
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=9d97bbf0-eae6-4ebe-9c6c-339b13e23185)
