dsandler.org: Its past & future

Most people that start off blogging seem to arbitrarily choose whatever solution they trip across first, or whichever one seems like the least work. I actually started a “home-grown” solution via Flash and XML, which worked fine after I figured out some of Flash’s XML-reading quirks, but it wasn’t a very advanced application from a point of view of functionality. (Text plus optional pic, tied to date.) When I decided to stop producing a static site in favour of a blog, I created some accounts in LiveJournal and Blogger, but gave them up because customisability didn’t seem to be encouraged (or easy to achieve). Even managed to install and try MoveableType as well, just before the big 3.0 license fiasco, and while I did like it, I was a little frightened off by the community “retaliation” happening because of 3.0. WordPress was next in line, and I loved it. Easy install, easy (well, relatively easy) customisation, plenty of great templates, and a vibrant community effort behind it. It took less than two days to produce basically everything that would form a million monkeys typing.

Now, there’s a new entry over at dsandler.org: The past and future of dsandler.org. (Or, how I learned to stop worrying and love WordPress.) He goes over the multiple solutions he examined before finally choosing WordPress:

And damn if it doesn’t work. From a features standpoint, WP includes fifteen different kitchen sinks, but the administrative UI is totally manageable (and the template functions are reasonable, if not always totally consistent) . The third-party developer community is active and prolific, and I quickly found an implementation of almost every feature I had imagined for the site (including next-day/previous-day links). And after a little time with the PHP code, I became pretty comfortable that I’d be able to hack together whatever I needed if I couldn’t find it elsewhere.

Benedelman: Who Profits from Security Holes?

I have a feeling that this article from Benedelman.org, Who Profits from Security Holes?, is going to get a lot of traction on certain blogs and news sites:

How bad is this problem? How much junk can get installed on a user’s PC by merely visiting a single site? I set out to see for myself — by visiting a single web page taking advantage of a security hole (in an ordinary fresh copy of Windows XP), and by recording what programs that site caused to be installed on my PC. In the course of my testing, my test PC was brought to a virtual stand-still — with at least 16 distinct programs installed. I was not shown licenses or other installation prompts for any of these programs, and I certainly didn’t consent to their installation on my PC.

Ironically, I just gave a workshop session on malware to some non-profit organisations. In recent months, I’ve had to change it from being exclusively on virus issues, and now it’s about 50% on spyware. This was a direct result of the number of technical support calls I’ve received recently: about 3/4 of them were problems related to spyware infestation, including pornographic pop-ups, multiple “search-bars”, frequent slow-downs, instability, and all the other usual suspects. Most of the time, the caller isn’t even aware of what spyware is.

In the session, I find it useful to talk about spyware as a pretty flower you find in a field and bring home to plant in your garden, only to find its bloom fading fast, its roots choking out the rest of your plants and its runners spreading to the neighbours’ gardens. Most of the participants don’t understand how networks and executables work, but they understand the nature of a weed. I can’t think of a better comparison.