Are we Solving the Wrong Problems?

Sacred Cows, Meatloaf, and Solving the Wrong Problems... by Christofer Hoff

Just as I finished up a couple of posts decrying the investments being made in lumping device after device on DMZ boundaries for the sake of telling party guests that one subscribes to the security equivalent of the 'Jam of the Month Club,' (AKA Defense-In-Depth) I found a fantastic post on the CERIAS blog where Prof. Eugene Spafford wrote a fantastic piece titled 'Solving Some of the Wrong Problems.'

When I first learned C programming the idea that I had to manage my applications use of memory gave me an intense dislike of the language. To this day I refuse to write anything in C., Of course, I use other "C syntax" languages such as Perl and PHP which in the end are written in that language so I am just a guilty as any C programmer of contributing to the spread of software riddled with security faults.

Which is why I read the writings of security professionals such as Christofer Hoff. I have been reading the "Rational Security" blog only for a short time but in that time I have come to respect this writer thinking. I have often asked myself similar questions about information security.

AJAX Toolkits

Ajaxian conducted a recent survery on Ajax toolkits/frameworks. The "winner" was Prototype ( a new one to me ) which is a Ruby-based framework. Wow! I did not realise there were so many AJAX frameworks out there! I use Sajax ( it is simple ) and have been experimenting with Backbase ( too complex for me ). PHP turns out to be the most popular server-side web development platform. Good news for me. I have been using PHP more often than Perl now.  I have been using the Sajax toolkit for a few months now and I really like it.  True to it's name it is simple to setup and use.  I tooled around with Backbase but...the learning curve and complexity required more time than I have patience for.  I also very quickly tired the Dojo AJAX toolkit/framework.  I think that one has potential ( easy to use and lots of features ) and I may come back to it later. Using Ajax from Perl

Using Ajax from Perl by Dominic Mitchell

If you're even remotely connected to web development, you can't have failed to have heard of Ajax at some point in the last year. It probably sounded like the latest buzzword and was one of those things you stuck on the 'must read up on later' pile. While it's definitely a buzzword, it's also quite a useful one.

Found this very useful article on I've recently added some asynchronous JavaScript calls to my Perl code. The feedback from users has been positive.