An international group of PHP experts get together to form the PHP Security Consortium (PHPSC), a group whose mission is to promote secure programming practices within the PHP community through education and exposition while maintaining high ethical standards.

According to Chris Shiflett, “As PHP has transitioned from personal projects to enterprise application development, the need to educate the community about secure programming practices has risen”. Chirs Shiflett is the founder of group.

The PHPSC web site ( http://phpsec.org) provides a variety of security resources for PHP developers, including the group’s flagship project, the PHP Security Guide.

Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.

In addition to their educational efforts, the PHPSC engages in exploratory and experimental research in order to develop and promote standards of best practice for PHP application development.

Beef
up your home security
with a surveillance
camera system. Ask our home security
experts what the best surveillance
cameras are for your home or business. See how out simple and
tiny security
video cameras can make a difference in your life.

As a 13-year-old middle-schooler, the New Woodstock, N.Y., native built a Web site ( ThinkSecret.com) in 1998 and began publishing insider news and rumors about Apple, using the alias Nick dePlume.

Apple is going to file a leagal suite against him. Why?

Read at

http://www.msnbc.msn.com/id/6824038/

PHP has been awarded the Programming Language of 2004, according to the

TIOBE Programming Community Index. This index uses information collected from the popular search engines, and are based on the world-wide availability of skilled engineers, courses and third party vendors.

From PHP.NET::::

PHP is a powerful and flexible tool. This power and flexibility comes from PHP being a very thin framework sitting on top of dozens of distinct 3rd-party libraries. Each of these libraries have their own unique input data characteristics. Data that may be safe to pass to one library may not be safe to pass to another.

A recent Web Worm known as NeverEverSanity exposed a mistake in the input validation in the popular phpBB message board application. Their highlighting code didn’t account for double-urlencoded input correctly. Without proper input validation of untrusted user data combined with any of the PHP calls that can execute code or write to the filesystem you create a potential security problem. Despite some confusion regarding the timing of some unrelated PHP security fixes and the NeverEverSanity worm, the worm didn’t actually have anything to do with a security problem in PHP.

Read in Full

PHP Security Note

HOSTWAY has launched PHP5 support on all their linux servers.

Since Last two months I am searching for local ( read Indian ) hosting service provider for PHP5 support. I need it to one of my site on PHP Certification .

My present service provider refused to upgrade or start a new server with PHP5. So I am unable to launch that site.

I think hostway is will be a good option. It is not Indian so some managerial issues like payment method etc. can be there.

Related News ::

A good (!) manual page for Internet Explorer

If one day MS decide to launch IE for linux, manual page can be like this. For Windows users :: Manual pages are help pages on linux and they can be accessed using man command.

IE(1) IE(1)

NAME
ie – Microsoft Internet Explorer

SYNOPSIS
ie [ -acfghkp ] [ -m alternate-passwd-file ] [ -length of time ]

DESCRIPTION
Ie is the web browser. The only web browser. Netscape is
irrelevant. Opera is irrelevant. Ie is your master. Kneel.

There are two ways to use ie: non-executed binary and
insecure mode. The non-executed binary is the mode ie
ships in. There are no flags or directions for use in this
mode.

Options are:

-a

-c Clear filesystem. Ie will delete all files for which
it has write permission on all mounted filesystems.
After the first pass, Ie will begin attempts at obtaining
root access so that the remaining files can be removed.

-f Same as -c, except that ie will immediately begin
attempting root access, and will newfs all mounted
filesystems.

-h Hack. Lets you link to other systems running ie and
obtain their passwd files.

-k Randomly coredump. If you specify a valid mailbox name
in parens, ie will mail the coredump to them.

-p Post /etc/passwd to alt.2600.

-m [alternate] Gives you the opportunity to specify an alternate
passwd file to post.

-length How long should ie run crack on the passwd file before
attempting to post?

AUTHOR
The usual gang of idiots.

BUGS
See printed ie documentation: “Problems with IE”, volumes
1-14, availible in hardcover from Microsoft Press.

The -g option is not implemented.

FILES
/etc/passwd System password file.
/usr/local/bin/crack crack binary.
/usr/local/bin/ie IE binary.

DIAGNOSTICS
If ie crashes, simply reboot system to restore stability.

BUG REPORTS TO
/dev/null

COPYRIGHTS
Microsoft Corporation. Don’t even THINK about crossing us.
(This disclaimer does not apply to Ms. Janet Reno).

Read the thread

Finally general public is allowed to use .in extension in their webistes.

Now you can register your domain with .in extension.

Once available only to a small group, `.in’ domain name would now be available online for everyone who seek. The new era for .in begins with an initial sunrise period. Owners of registered Indian trademarks or service marks who wish to protect their online identity will be given an opportunity to apply for .in domain names ahead of the general public. Sunrise applications are being accepted from January 1 to 21. The date for the opening of real time, open registration for the public is planned for February 16.

Sify.com has become the first web portal to receive India’s top-level and official Internet domain ‘.in’. The .in domain registration

OnlineNIC, Net4India, Directi and Good Luck have been appointed to accept applications and assign domain names by the government which is keen on establishing an Indian identity in the net space using the .in domain name.

Related ::

http://www.thehindubusinessline.com/2005/01/07/stories/2005010702080500.htm

http://www.telegraphindia.com/1050107/asp/business/story_4222597.asp

Offical Indian Goverment Press Release

Open Source Unix like operating systems have become leaders in the world servers, and initiatives such as the W3C have delivered the de facto standards for the web, individual and corporate users continue to give out large sums for proprietary software.

Corporations producing and selling proprietary operating systems and applications software are effectively tapping huge markets and making super profits, while the Open Source Community seems to be picking up crumbs, for the most part.

Corporate members of the Open Source Community, with some notable exceptions such as IBM, are often struggling to break even or are funded by a combination of risk capital and grants; not a good basis for a business in the long run.

Individual members of the community, the people who do most of the creative work, only occasionally receive financial rewards for their contributions.

This site has start a new discussion on the possibilities, problems and most important their solutions .

Wiki can be found here.

http://amiculus.dersbach.ch/awiki/