August 2011 – ZekeWS

I’m really liking Lenny Kravitz’s new album, “Black and White America.”

Time warp at my desk

Using an IBM Model M keyboard next to a Magic Trackpad is like time-traveling three and a half decades every time you move your hands.

Every single declared GOP candidate is running WordPress or Drupal.

Feels good to be a Drupal and WordPress dev.

6 presidential candidates use WordPress as their CMS | WP Journo: WordPress CMS & Journalism.

Photo: Geek joy from @TheRealNimoy

Turns out the Postal Service does indeed deliver from Vulcan.

The Web is the best app store

Funny how things have come full circle:

Apple releases iPhone, tells the market that third parties should make web apps
The market isn’t ready for web apps, pressures Apple into releasing a native app SDK and distribution channel
The market can’t tolerate Apple’s control over the app store, circumvents it with web apps (Kindle and Readability moved to web apps because they couldn’t generate revenue in the app store; Facebook is even rumored to be working on a whole mobile web app platform)

I’ve always believed that the Web is the best platform out there: it’s open, free (as in free speech), and flexible. Apple did a great job with the original iPhone of making web apps work great on smartphones, and they’re continuing to do so. (MobileSafari is still by far the best mobile browser out there in terms of performance and support for modern HTML5 and CSS3 features.) But the best part is that web apps work on any device with a web browser, so software developers don’t have to maintain several different native apps for different operating systems.

Obviously there are still challenges for making web apps as functional as native ones – things like notifications, multitasking, and user interfaces are still not as straightforward as they are on native apps – but I’m convinced that they already work great for many uses, and will be more and more relevant in the future of mobile devices.

Important security note for WordPress users

There’s a vulnerability in a piece of software called timthumb.php that is used by some self-hosted WordPress themes and plugins for image manipulation (not WordPress.com.)

If you have shell access to your web server, go to your web root directory and run:

find -name timthumb.php

(If you can’t do it through the shell, check your hosting control panel’s file manager for a search function or ask your host to run the search for you.)

If you find timthumb on your server, figure out what plugins/themes use it and delete them for now. (I found that WP Featured Content Slider and Featured Post with thumbnail are among the affected plugins.) If removal isn’t an option, get a developer who knows their way around WordPress to safely delete the timthumb library without breaking the rest of your site.

Find full technical details at Zero Day Vulnerability in many WordPress Themes | mm.