Tech Firm Ubiquiti Suffers $46M Cyberheist

Published: August 9, 2015

“This fraud resulted in transfers of funds aggregating $46.7 million held by a Company subsidiary incorporated in Hong Kong to other overseas accounts held by third parties.”

Networking firm Ubiquiti Networks Inc. disclosed this week that cyber thieves recently stole $46.7 million using an increasingly common scam in which crooks spoof communications from executives at the victim firm in a bid to initiate unauthorized international wire transfers.

[Source]

This is an old crime in new (and more expensive) clothing. Wire transfer fraud has been around for as long as wire transfer has existed.

WordPress 4.2.3 Security and Maintenance Release

Published: July 26, 2015

WordPress recently posted news of version 4.2.3, a security and maintenance release:

WordPress 4.2.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

[Source]

Via Security Week.

JavaScript You Need to Know For a Job

Published: June 5, 2015

How much JavaScript do you need for an entry-level job?

Jeff Cogswell recently posted some guidelines.

The absolute basics

  • Variables
  • Functions
  • The difference between null and undefined
  • And so on

Beginner’s List

  • Know the different ways to create objects, such as using the “new” keyword, as well as just declaring an object (such as ‘x = {a:1, b:2};’).
  • Know what a prototype is, what the “this” variable does, and how to use both.
  • Know the difference between a list and an object (and how a list is technically both, and can be used as both).
  • Know that functions are objects that can be passed as parameters into other functions and returned from other functions.
  • Know what closures are and how to use them. This might seem like an advanced topic, but when working with functions returning functions, it’s easy to introduce bugs if you’re not careful.
  • Know how to use functions such as the list’s map and filter functions. With this in mind, I encourage you to read this specification and learn the methods available on all types of objects.
  • Understand the built-in objects (they’re constructors!) and how to use them, including Function and Array (with capital F and A).
  • Know your way around the developer command line and debugger. All the major browsers provide these now.

Document Object Model

The DOM (Document Object Model) is the browser’s representation of a Web page. Vital aspects include:

  • Accessing the DOM directly from JavaScript. For example, know how to locate elements through calls such as getElementById, getElementsByClassName, getElementsByTagName, and so on. Also know how to use the newer selector methods: querySelector, querySelectorAll.
  • Accessing the DOM using jQuery. Again, jQuery isn’t part of JavaScript, but a lot of employers expect you to know it. Know the difference between $(‘a’) and $(‘.a’). A simple dot changes everything.
  • Understand the global object, how the browser provides the global object, and how you access it through your JavaScript programming. (Answer: The browser provides the window object (lowercase w) as the global object.)
  • Understand why the browser is the service implementing the global object and what happens when you move JavaScript code outside of the browser, such as to Node.js.

A lot of documentation presents the DOM API using what looks like C-language interfaces. That’s because under the hood, the objects likely are C objects. You access these objects through your JavaScript code. For example, when you call getElementById, you get back an element. But under the hood, that object is a C object with properties and methods.

Advanced

  • Know how to call bind, call, and apply on a function, what the differences are, and why you would need to use them.
  • Know the different ways to create objects, including Object.create, and when you’ll need the hasOwnProperty method.
  • Know the different ways of implementing object-oriented programming, especially inheritance.
  • Know what promises are, and learn two important asynchronous libraries: async and Q. They’re used a great deal in server-side Node.js programming, but can also be a huge benefit in browser programming.
  • Learn server-side Node.js programming. It will really force you to become a JavaScript guru.

Source: JavaScript You Need to Know For a Job

Via Slashdot: How Much JavaScript Do You Need To Know For an Entry-Level Job?

This comment from Slashdot has good advice for the aspiring programmer:

If you want an entry level programming job and don’t have any experience, you’d had better made something non-trivial on your own time that you can show in an interview and explain the code. If I’m skimming your code and I see you picked a certain data structure or implemented a algorithm when there is more than one way to do it, you should be able to explain your reasoning for coding it the way you did. Also make sure you learn at least the basics of one of the popular frameworks and use it in your demo.

So make a Javascript web app, or something on the server side with a free or low cost hosting account. Make it functional, make it as bug proof as you can, make the code clean and easy to read, and be prepared to show it to a skeptical audience. Think of your interview as an audition and your code as the music you’re going to play.

If you can’t make something to show, you don’t know enough Javascript yet.

[Source]

Pixel art using style sheets

Published: May 21, 2015

Una Kravets makes pixel art using style sheets:

Pixel art by Una Kravets

What exactly is making those little pixels? If the title didn’t give it away, it’s the CSS3 multiple box shadow property. Each pixel is it’s own, individually placed box shadow. These are strung together via a comma-separated list. You can have as many box-shadows as you want on a div.

[Source: Sass Pixel Art]

Via BoingBoing.

Is Agile Development a Failing Concept?

Published: May 17, 2015

Agile is a popular software development methodology.

But how well does Agile work? Is it failing us?

And: how can we do better?

Andy Hunt argue[s] that Agile has some serious issues. Specifically, Hunt thinks a lot of developers out there simply aren’t adaptable and curious enough to enact Agile in its ideal form.

‘Agile methods ask practitioners to think, and frankly, that’s a hard sell,’ Hunt wrote. ‘It is far more comfortable to simply follow what rules are given and claim you’re ‘doing it by the book.”

[Source: Slashdot]

See also Agile software development.

Belgian regulators demand Facebook stop tracking logged-out users

Published:

“The Belgian data protection authority has told Facebook to stop tracking users who logout or those that have never registered for the social network.”

The Belgian privacy commission has told Facebook to stop tracking the internet activities of people who have not registered with the site or have logged out, after a “staggering” report showed alleged breaches of EU privacy law.

“Facebook tramples on European and Belgian privacy laws”, the data protection authority said in a statement. “Facebook has shown itself particularly miserly in giving precise answers,” it continued, adding that the results of its investigation were “disconcerting” and that it would take legal action if its recommendations were not followed.

Willem Debeuckelaere, president of the Belgian privacy commission, said that the way Facebook is treating its users’ private lives “without respect needs tackling”, and that “it’s make or break time.”

According to a report commissioned by the Belgian data protection agency Facebook has been tracking users on a long-term basis who visit any page — be it a fan page, profile or any other portion of the site that does not require a Facebook account to visit — belonging to the Facebook.com domain.

The opinion published on Friday noted that because Facebook has the power to link internet users’ browsing habits to their real identity, social network interactions and sensitive data including medical information, religious, sexual and political preferences, it is in a unique position compared to most of the other cases of so-called “third-party tracking”.

[Source: The Guardian]

Via BoingBoing.

Microsoft Edge logo

Published: May 5, 2015

Consider the logo for the new Microsoft Edge browser:

Microsoft Edge logo

Now consider Sega’s iconic game hero Sonic the Hedgehog:

Sonic the Hedgehog

Coincidence? Clever marketing ploy? Ninja-style infiltration of Microsoft by Sega?

You be the judge.

Axure: free licenses for students and teachers

Published: March 17, 2015

Axure, the widely used wireframing tool, issues free licenses to students and teachers:

If you are a student enrolled in a high school, university, community college, or extension/certificate program, you are qualified to receive a free educational license of Axure RP Pro.

If you are a teacher interested in using Axure RP Pro for a class, we provide an educational license for you and a second educational license for use on classroom or lab computers.

[www.axure.com/edu]

About Axure:

Axure RP Pro is a wireframing, rapid prototyping, documentation and specification software tool aimed at web and desktop applications. It offers drag and drop placement, resizing, and formatting of widgets. Axure supports prototyping Rich Internet Applications by mapping desired interface behaviors (such as displaying or hiding an element) in response to actions like mouse clicks or touch gestures. Axure RP generates HTML web sites and Microsoft Word documents as output.

[Wikipedia]

Fair use: a guide for artists

Published:

This may be useful to web designers:

The College Art Association has created a Code of Best Practices in Fair Use for the Visual Arts, helping the field of people who make, study and showcase the visual arts figure out how to make a fair use call. The field is abuzz with the news, and even in related fields, word is out — musicians are interested, too.

Fair Use for the Visual Arts

Via Boing Boing.

Spirit Monster

Published: April 21, 2013

I recently worked on the Spirit Monster web site.

The site uses jCart, which I modified to send an email (rather than sending the user to PayPal).