phpBB Weekly #033
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
Download MP3 Episode (28.5 MB)
Episode Duration: 1:14:08
On This Episode: Douglas Bell (Fountain of Apples) and David Lewis (Highway of Life)
Well, this episode of phpBB Weekly certainly did not run as intended. We had planned to have guests from the Tech Podcast Network join us to talk about their experiences with bulletin board-based websites, but to our surprise, none of them have worked with them before! Then, TalkShoe surprised us when they ended up doing a hardware move (and not warning us about it until half an hour into the show), which forced us to record this episode off of TalkShoe. And then, David ended up having to do the second half of the show from a car en route to the airport to catch a flight after the show, resulting in, well, not the greatest audio quality possible. Nevertheless, we did have a good (albeit technical) episode.
On this episode, David and I start out by welcoming the five (count them, five) new members of the Moderator Team, whom are cherokee red, ChrisRLG, darcie, dellsystem, and will_hough. We then take a look back at what caused the phpBB.com Outage last weekend, including what caused it, how serious it was, and how the teams have responded to it.
For the main part of the show, David takes a look at the many changes that will be coming in phpBB 3.0.RC6, including a new location for download.php, new dynamic login forms, the new use of check_form_key() and add_form_key() on all forms, new option so that you don’t have to use MD5 hashing anymore if you don’t want to, checking for the ‘IN_PHPBB’ constant in all files, and a number of other minor changes. MOD authors may want to check and see if their phpBB3 MODs will be RC-6 compatible.
The MOD of the Week is Last Posts Titles for phpBB2 by LEW21 and the Style of the Week is Sniper_Blue for phpBB3 by Sniper_E.
phpBB Weekly is a proud member of the Tech Podcast Network. Check them out for other great technology podcasts.
4 Comments
RSS feed for comments on this post.
Isn’t Sniper_Blue one of the styles your able to use on Startrek Guide? Why wouldn’t David recognize it when you asked if he could look at it? lol Alittle funny to me..
Well, he was on the road–he was only connected by using one of those network cards you can get from cell phone networks, so he probably wanted to conserve as much bandwidth as possible for the Skype call.
The fact that he didnt look is fine. He shouldnt look if hes driving down the road. I just meant apon hearing the name of the style I would of thought he would recognize it right off the bat since its the only custom style on startrek guide.. Thats all..
I’ll be happy to talk about D/DoS, mitigation (you can’t prevent it), and how it can be things other than lots of requests.
To briefly explain, when you do code audits, you more or less have two choices:
- Being involved from the beginning, in the planning all the way through through to release, and then after release
- Having a stable codebase that doesn’t change, and you work off of that.
That isn’t to say that you can’t audit other times, but doing it those two ways, in my experience, makes it easier on the auditor(s).
The files are called user-facing files.
I think we need an explicit tag on this episode in iTunes.
Private Messages, phone calls, Instant Messages, etc. do have a reasonable expectation of privacy. (must … resist … US law … speak …). Just like inside your house in the US, you have a reasonable expectation of privacy, so do private messages. However, just like being in your house, that reasonable expectation of privacy can be changed, legally or illegally.