This episode did not go according to plan. We had expected to have phpBB Developer DavidMJ on as a guest today, but unbeknownst to us at the time, he had a family emergency and was unable to make it, so we ended up coming together with a pretty good show while we stalled and took comments from our live listeners (six of whom were phpBB team members!). This episode was recorded right before the release of phpBB3 RC-6 and the ensuing chaos that has followed the release, which you can read a bit about in the previous post on this blog, and which will be discussed more thoroughly on next week’s episode. We do hope to try to bring DavidMJ on sometime in November, with more details coming soon.
In this episode we talk a bit about the phpBB Security Team and Incident Investigation Team and about what those teams do, and also briefly discuss some common security vulnerabilities common in PHP code that both the developers and MOD authors need to look out for. We do a little bit more coverage of the just-about-to-be-released RC-6, and wander off for a few minutes into a discussion of Mac security vs. Windows security. (It’s not as bad as you might think.) Then, Jeffro calls in and asks us to talk a bit more about just how private private messaging is, and we also talk about changes in phpBB3 styles vs. phpBB2 styles and possible enhancements to phpBB MODding in the long-term future.
The MOD of the Week is Notify Admin on Registration for phpBB3 by ameeck, and the Style of the Week is Playstation for phpBB3 by Scott Stubblefield.
phpBB Weekly is a proud member of the Tech Podcast Network. Check them out for other great technology podcasts.
Tags: changes, chaos, DavidMJ, developer, episode, guest, Incident Investigation Team, Jeffro, MODding, phpBB2, phpBB3, Release Candidate, security, Styles
October 15th, 2007 at 4:09 am
[...] Listen to podcast @ phpBB Weekly [...]
October 15th, 2007 at 6:45 am
I think you misunderstood the comment I left.
The comment I left talked about several things, including D/DoS, code auditing, and so on.
October 21st, 2007 at 9:12 am
The debate on private messaging was interesting. One thing that was brought up was the issue of administrators investigating an issue when a user is spammed or receives a hateful message.
There should be a feature in place for administrators to view these private messages without having to resort to manually going into the database. Perhaps a button on every received PM which will allow a user to submit a special PM report (similar to a post report). The original message is submitted along with the sending username and a note from the user reporting it. This feature would only be accessible by Administrators.
While this could be a MOD, I think it should be a part of phpBB itself.
July 9th, 2008 at 6:26 pm
[...] Episode #034: David and Douglas on Mac Security vs. Windows Security (1:00:37) [...]