Hello Pete, > Please clarify: Okay, I give it a try. :-)
> What you are suggesting is that > * php and python are a "cms" I know they are never and should also never used as "CMS" (Content-Management-System). Maybe it was a bit unclean here, I mean real CMS' like Drupal,WordPress (can be used as CMS, too) and many others. > * and that they have security holes. They (Drupal/WordPress are good examples) really have a lot holes, just checkout www.securityfocus.com and they brothers (not the whistle-blower websites). > * This allow me to take over either the server itself "Dynamic websites" could punch another hole into your server, you cannot crack down static HTML pages itself, but maybe the server software (Apache,Lighttpd,Tomcat,etc.). Well, what I mean here is, Curt should be careful in choosing a "dynamic website software" like all these CMS' are. They have pros and cons and a big con is a no longer maintained project for example. And what if Curt sleeps, that normally happens, and it was found out that the choosen software has a security hole like remote-inclusion or SQL injection, if it a database-driven software? If you know these script-kiddies who "needs" to take over 500 servers in the Internet because their teacher was to rude to them and www.flightgear.org is one of them, look even my little project got already attacked more than 900 times since 1st Jan this year... :( And hopefully all got stopped by my (already released and) patched security software "Cracker Tracker Standalone". > * or change DNS entry If he runs a buggy DNS server, yes. DNS poisoning could be a problem. > * above is everyone's wish. ??? Maybe not. ;) > Is thats the Google AppEngine then yes, but its the same as ANY host, > including the server under your bed, regarding security. What is the > safest place. When did you last change the lock's on you garden shed? I'm not talking about physical security, that would be far to expensive for me. :) I mean software security. > Please explain more about this proprietary website engine? > Do you work for Microsoft? That is my guess and I hope you are not using > ANYTHING proprietary browser to express upon. No, I never worked for them. :) And I use free software here. Linux-only since Dec. 1999. :D > Also can you please host for free a "system" whereby I can hit it as 3 > million a month == once a second, and accommodate a million of those > hits in one day = slashdot? Nope, my "server" is not a cluster and I cannot host slashdot. :/ > > That means u need globally distributed with memcahe? First my server needs more RAM, only 512 MB installed. ;) Second, I need more money to pay for it. > NO you cant.. so stop talking about shit your don't understand, until > you've researched the problem more and also having actually experienced it. I can feel glad that my server was never taken over, except since I use that extra security software which is no bigger than an include file. And I understand how many traffic Curt's server has to handle. That's why I mirror some parts of "his" software on my server. BTW: That minds me to mirror the f***ing big EXE file on my server... > Get a life!! > the xhtml group is disbanded. Job is/was done and spec completed. > That current spec is html5; that where its at, are you using a modern > browser with css3..? Does Epiphany support it? Maybe, I don't know. :( But how many websites I regularly surf to has CSS 3? And HTML 5 is multi-media extended, XHTML is basicly a clean XML. > please dump ie6 and netscape now and update to firefox or opera. WTF is IE6??? A worm or trojan horse? ;-) And I also use FF 3 here. :) Roland
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev
_______________________________________________ Flightgear-devel mailing list Flightgear-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/flightgear-devel
