Search Results

Search found 623 results on 25 pages for 'joel coel'.

Page 4/25 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Partition of tables in MySQL

    - by Joel
    Hello, I have read that in a case where a table has many columns, but most of the time only one of them is used (say a title column in a forum post), a way to increase performance would be a partition to two tables, where one will contain only the title and the other one will contain the other columns (such as the forum post body). However, in case I use select ForumTitle from Forum; won't that be good enough to prevent the load of all columns (such as the forum post's body) to the memory, and eliminate the need of partition? Thanks, Joel

    Read the article

  • Publishing news feeds automatically

    - by Joel
    Hello, I have a website which generates hourly updates to users. I want to allow these updates to show up as News feeds in Facebok. I opened a Facebook Connect application. Through my site I receive the extended persmission to post news to the users' news feeds. My question is can I automatically post news feeds to these users without them being logged in to my site? That is, sending hourly news feed to all users using a cron job. Thanks, Joel

    Read the article

  • Loading zsh as the default shell in gnu screen

    - by joel
    Hello, Im using KUbuntu 10.04 (Lucid Lynx). I have installed zsh and screen. I have set zsh as the default shell, by setting Command to zsh in Settings-Edit Current Profile of the terminal. But,when i launch screen,the bash shell is loaded. If i run the command zsh, then zsh starts but the following message is displayed: "/home/joel/.zshrc:36: Can't add module parameter `mapfile': parameter already exists" Also,zsh is invoked for only the current screen instance and i have to invoke it manually again for other instances. So,is there any way to make screen load zsh by default and invoke it automatically for every instance ? Thank You

    Read the article

  • What is the standard way to parse floats at runtime in C?

    - by Joel J. Adamson
    Hello, I have a scientific application for which I want to input initial values at runtime. I have an option to get them from the command line, or to get them from an input file. Either of these options are input to a generic parser that uses strtod to return a linked list of initial values for each simulation run. I either use the command-line argument or getline() to read the values. The question is, should I be rolling my own parser, or should I be using a parser-generator or some library? What is the standard method? This is the only data I will read at runtime, and everything else is set at compile time (except for output files and a few other totally simple things). Thanks, Joel

    Read the article

  • Making a jQuery selection in IE on html added via .load()

    - by Joel Crawford-Smith
    Scenario: I am using jQuery to lazy load some html and change the relative href attributes of all the anchors to absolute links. The loading function adds the html in all browsers. The url rewrite function works on the original DOM in all browsers. But In IE7, IE8 I can't run that same function on the new lazy loaded html in the DOM. //lazy load a part of a file $(document).ready(function() { $('#tab1-cont') .load('/web_Content.htm #tab1-cont'); return false; }); //convert relative links to absolute links $("#tab1-cont a[href^=/]").each(function() { var hrefValue = $(this).attr("href"); $(this) .attr("href", "http://www.web.org" + hrefValue) .css('border', 'solid 1px green'); return false; }); I think my question is: whats the trick to getting IE to make selections on DOM that is lazy loaded with jQuery? This is my first post. Be gentle :-) Thanks, Joel

    Read the article

  • How do you make thumbnails of videos? Using flowplayer free.

    - by joel
    I'm making a "video sharing site" just for learning and fun. I am using FlowPlayer as my player for videos. Now Im gonna make a page that will list every video, and a want preview picture of the video. Like: http://www.youtube.com/videos How do you do that? With the player or can you do it with php?? Ive looked true Flowplayer forums. But I cant find anything. Would really appricate some help. Joel

    Read the article

  • Recognizing the source of Facebook application user

    - by Joel
    Hello, When serving an iframe application in Facebook, is there anyway I can know when a user visits my site through Facebook as an application or if he reached the site directly (typed my domain URL in the browser)? I know I can check if the user has a cookie (named "u") which tells me that the user used facebook to get an access_token. However, if the user visited the application one minute ago and got the access_token cookie, but then typed the URL in the browser, checking for the existence of the cookie will return TRUE, although the visitor arrived to the site directly. Thanks, Joel

    Read the article

  • Converting paragraph tags with RegEx

    - by Joel
    I need to replace all <p> tags with <br /> tags within a string. The problem is that the <p> tag can have attributes in it , such as <p align="center"> so I want to delete all occurrences of an opening tag of a paragraph, no matter what attributes are in it, and replace them with <br />. I am using PHP and had no success getting to the right expression with the preg_replace function. Any help would be appreciated! Joel

    Read the article

  • I don't get object-oriented programming

    - by Joel J. Adamson
    Note: this question is an edited excerpt from a blog posting I wrote a few months ago. After placing a link to the blog in a comment on Programmers.SE someone requested that I post a question here so that they could answer it. This posting is my most popular, as people seem to type "I don't get object-oriented programming" into Google a lot. Feel free to answer here, or in a comment at Wordpress. What is object-oriented programming? No one has given me a satisfactory answer. I feel like you will not get a good definition from someone who goes around saying “object” and “object-oriented” with his nose in the air. Nor will you get a good definition from someone who has done nothing but object-oriented programming. No one who understands both procedural and object-oriented programming has ever given me a consistent idea of what an object-oriented program actually does. Can someone please give me their ideas of the advantages of object-oriented programming?

    Read the article

  • I can't update my system properly, "no package header" error

    - by joel
    Every time I try to run sudo apt-get update or try running updates from the GUI interface I run into the following problem or something similar: Reading package lists... Error! E: Encountered a section with no Package: header E: Problem with MergeList /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_precise_restricted_binary-i386_Packages E: The package lists or status file could not be parsed or opened. I've tried purging using sudo rm -rf <filename> where <filename> is the listed file above, and then running sudo apt-get update to fix it (as listed elsewhere in this forum) and no luck, just keep getting this message. I'm running Ubuntu 12.04 and this is getting really frustrating... I just want a system that runs smoothly and doesn't require it's hand to be held when it comes to updates. Tried the solutions posted below and am still receiving the same errors, sample output: W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_main_binary-amd64_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_main_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_restricted_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_universe_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_multiverse_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_universe_source_Sources Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_restricted_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_universe_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_multiverse_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-backports_universe_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_main_source_Sources Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_universe_binary-amd64_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_main_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_universe_binary-i386_Packages Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise_main_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_main_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_main_i18n_Translation-en Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_multiverse_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-updates_universe_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-backports_main_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-backports_multiverse_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-backports_universe_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_main_i18n_Translation-en%5fCA Encountered a section with no Package: header W: Failed to fetch gzip:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_precise-security_multiverse_i18n_Translation-en%5fCA Encountered a section with no Package: header E: Some index files failed to download. They have been ignored, or old ones used instead.

    Read the article

  • Does a site's bounce rate influence Google rankings?

    - by Joel Spolsky
    Does Google consider bounce rate or something similar in ranking sites? Background: here at Stack Exchange we noticed that the latest Google algorithm changes resulted in about a 20% dip in traffic to Server Fault (and a much smaller dip in traffic to Super User). Stack Overflow traffic was not affected. There was an article on WebProNews which hypothesized that bounce rate might be a ranking signal in Google's latest Panda update. According to Google Analytics, these are our bounce rates over the last month: Site Bounce Rate Avg Time on Site ------------- ----------- ---------------- SuperUser 84.67% 01:16 ServerFault 83.76% 00:53 Stack Overflow 63.63% 04:12 Now, technically, Google has no way to know the bounce rate. If you go to Google, search for something, and click on the first result, Google can't tell the difference between: a user who turns off their computer a user who goes to a completely different web site a user who spends hours clicking around on the website they landed on What Google does know is how long it takes the user to come back to Google and do another search. According to the book In The Plex (page 47), Google distinguishes between what they call "short clicks" and "long clicks": A short click is a search where the user quickly comes back to Google and does another search. Google interprets this as a signal that the first search results were unsatisfactory. A long click is a search where the user doesn't search again for a long time. The book says that Google uses this information internally, to judge the quality of their own algorithms. It also said that short click data in which someone retypes a slight variation of the search is used to fuel the "Did you mean...?" spell checking algorithm. So, my hypothesis is that Google has recently decided to use long click rates as a signal of a high quality site. Does anyone have any evidence of this? Have you seen any high-bounce-rate sites which lost traffic (or vice-versa)?

    Read the article

  • I don't get object-oriented programming

    - by Joel J. Adamson
    Note: this question is an edited excerpt from a blog posting I wrote a few months ago. After placing a link to the blog in a comment on Programmers.SE someone requested that I post a question here so that they could answer it. This posting is my most popular, as people seem to type "I don't get object-oriented programming" into Google a lot. Feel free to answer here, or in a comment at Wordpress. What is object-oriented programming? No one has given me a satisfactory answer. I feel like you will not get a good definition from someone who goes around saying “object” and “object-oriented” with his nose in the air. Nor will you get a good definition from someone who has done nothing but object-oriented programming. No one who understands both procedural and object-oriented programming has ever given me a consistent idea of what an object-oriented program actually does. Can someone please give me their ideas of the advantages of object-oriented programming?

    Read the article

  • Patching and PCI Compliance

    - by Joel Weise
    One of my friends and master of the security universe, Darren Moffat, pointed me to Dan Anderson's blog the other day.  Dan went to Toorcon which is a security conference where he went to a talk on security patching titled, "Stop Patching, for Stronger PCI Compliance".  I realize that often times speakers will use a headline grabbing title to create interest in their talk and this one certainly got my attention.  I did not go to the conference and did not see the presentation, so I can only go by what is in the Toorcon agenda summary and on Dan's blog, but the general statement to stop patching for stronger PCI compliance seems a bit misleading to me.  Clearly patching is important to all systems management and should be a part of any organization's security hygiene.  Further, PCI does require the patching of systems to maintain compliance.  So it's important to mention that organizations should not simply stop patching their systems; and I want to believe that was not the speakers intent. So let's look at PCI requirement 6: "Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of these vulnerabilities are fixed by vendor- provided security patches, which must be installed by the entities that manage the systems. All critical systems must have the most recently released, appropriate software patches to protect against exploitation and compromise of cardholder data by malicious individuals and malicious software." Notice the word "appropriate" in the requirement.  This is stated to give organizations some latitude and apply patches that make sense in their environment and that target the vulnerabilities in question.  Haven't we all seen a vulnerability scanner throw a false positive and flag some module and point to a recommended patch, only to realize that the module doesn't exist on our system?  Applying such a patch would obviously not be appropriate.  This does not mean an organization can ignore the fact they need to apply security patches.  It's pretty clear they must.  Of course, organizations have other options in terms of compliance when it comes to patching.  For example, they could remove a system from scope and make sure that system does not process or contain cardholder data.  [This may or may not be a significant undertaking.  I just wanted to point out that there are always options available.] PCI DSS requirement 6.1 also includes the following note: "Note: An organization may consider applying a risk-based approach to prioritize their patch installations. For example, by prioritizing critical infrastructure (for example, public-facing devices and systems, databases) higher than less-critical internal devices, to ensure high-priority systems and devices are addressed within one month, and addressing less critical devices and systems within three months." Notice there is no mention to stop patching one's systems.  And the note also states organization may apply a risk based approach. [A smart approach but also not mandated].  Such a risk based approach is not intended to remove the requirement to patch one's systems.  It is meant, as stated, to allow one to prioritize their patch installations.   So what does this mean to an organization that must comply with PCI DSS and maintain some sanity around their patch management and overall operational readiness?  I for one like to think that most organizations take a common sense and balanced approach to their business and security posture.  If patching is becoming an unbearable task, review why that is the case and possibly look for means to improve operational efficiencies; but also recognize that security is important to maintaining the availability and integrity of one's systems.  Likewise, whether we like it or not, the cyber-world we live in is getting more complex and threatening - and I dont think it's going to get better any time soon.

    Read the article

  • Issues running commands

    - by Joel
    Every time I run a command I get this back. E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied) E: Unable to lock directory /var/lib/apt/lists/ E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied) E: Unable to lock the administration directory (/var/lib/dpkg/), are you root? christopher@christopher:~$ This didn't start happening until I changed my device name.

    Read the article

  • Git-based storage and publishing, infrastructure advice

    - by Joel Martinez
    I wanted to get some advice on moving a system to "the cloud" ... specifically, I'm looking to move into some of Windows Azure's managed services, as right now I'm managing a VM. Basically, the system operates on some data stored in a github git repository. I'll describe the current architecture: Current system (all hosted on a single server): GitHub - configured with a webhook pointing at ... ASP.NET MVC application - to accept the webhook from git. It pushes a message onto ... Azure service bus Queue - which is drained by ... Windows Service - pulls the message from the queue and ... Fetches the latest data from the git repository (using GitLib2Sharp) onto the local disk and finally ... Operates on the data in git to produce a static HTML website hosted/served by IIS. The system works really well, actually ... but I would like to get out of the business of managing the VM, and move to using some combination of Azure web and worker roles. But because the system relies so heavily on the git repository on the local filesystem, I'm finding it difficult to figure out how to architect in the cloud. I know you can get file system access, so in theory I could just fetch the repository if there's nothing on disk ... but the performance/responsiveness of the system sort of depends on the repository being available and only having to fetch diffs, which is relatively quick. As opposed to periodically having to fetch the entire (somewhat large) git repository if the web or worker role was recycled, or something. So I would love some advice on how you would architect such a system :) Ultimately, the only real requirement is to be able to serve HTML content that's been produced from the contents of a git repository (in a relatively responsive manner, from a publishing perspective) ... please feel free to ask any clarifying questions if there's something I omitted. Thanks!

    Read the article

  • Why do programmers seem to be such bad spellers?

    - by Joel Etherton
    Programming languages are very precise tools based on explicit grammars. They're very picky, and when being used they require an exacting amount of detail. C#, for instance, is case sensitive so even getting the case of an argument wrong will cause an error. Questions asked all over the StackExchange are replete with misspellings, grammatical errors, and other problems that seem to indicate a lack of attention to detail when it comes to the language itself. Now, I understand there are a lot of programmers out there whose native language is not English, and I am not directing this question (rant one might say) at them. I'm referring to the individuals who are clearly from an English speaking background who refuse to pay attention to these simple details. I am not perfect by any means, but I try to use the language correctly so that my meaning will be understood correctly. I find programmers misspelling variable names, classes, and all manner of words in any kind of technical documentation they might write. I have had to withstand code where I am repeatedly referring to the subit[sic] button or HttpWebResponse reponse. The general complaint about bad spelling is one thing, and it will always be there. I accept that. But my question/comment is about the proclivity of bad spelling within the programming community. I would think that people who deal with such exacting tools to be more naturally predisposed towards proper spelling. Yet this doesn't seem to be the case.

    Read the article

  • Buy vs. Build - FTP Service

    - by Joel Martinez
    We have a need to FTP files that are generated by our system, so we're trying to decide whether we should spend the time to build something that meets our criteria (relatively easy, .NET has FTP functionality built in, among other more advanced libs from 3rd parties). Or if we should buy something off the shelf. Our requirements are roughly: Must be able to trigger a file send programmatically Needs to retry N number of times (configurable) Queryable status of FTP requests Callback on completion or fail of an FTP request I don't need to be sold on the relative simplicity of building something like that for myself. However I do want to do the due diligence of seeing what products are available ... because if something does exist that matches the requirements above, I wouldn't mind paying for it :-) Any thoughts or links would be greatly appreciated. Thanks!

    Read the article

  • What should every programmer know about web development?

    - by Joel Coehoorn
    What things should a programmer implementing the technical details of a web application before making the site public? If Jeff Atwood can forget about HttpOnly cookies, sitemaps, and cross-site request forgeries all in the same site, what important thing could I be forgetting as well? I'm thinking about this from a web developer's perspective, such that someone else is creating the actual design and content for the site. So while usability and content may be more important than the platform, you the programmer have little say in that. What you do need to worry about is that your implementation of the platform is stable, performs well, is secure, and meets any other business goals (like not cost too much, take too long to build, and rank as well with Google as the content supports). Think of this from the perspective of a developer who's done some work for intranet-type applications in a fairly trusted environment, and is about to have his first shot and putting out a potentially popular site for the entire big bad world wide web. Also, I'm looking for something more specific than just a vague "web standards" response. I mean, HTML, JavaScript, and CSS over HTTP are pretty much a given, especially when I've already specified that you're a professional web developer. So going beyond that, Which standards? In what circumstances, and why? Provide a link to the standard's specification.

    Read the article

  • What's the difference between cheap and expensive domain registrars?

    - by Joel
    A few years ago I registered a domain with Network Solutions. In recent years I've been using cheaper services such as namecheap, powerpipe etc. Every time that I need to renew some of the older domains with Network Solutions I am surprised at how much expensive they are. What is the reason for the price differences between the services? Why should I use a service like Network Solutions if there are so many companies out there that offer domain registration for a very cheap price?

    Read the article

  • Setting up Beats audio on HP Pavilion m6

    - by Joel Auterson
    I have an HP Pavilion m6-1054sa laptop, with a Beats subwoofer on the bottom. The normal laptop speakers work fine under Ubuntu but the Beats speaker(s?) does not. Anyone know how to get this working? Here's my lspci output, if it helps... 00:00.0 Host bridge: Intel Corporation Ivy Bridge DRAM Controller (rev 09) 00:01.0 PCI bridge: Intel Corporation Ivy Bridge PCI Express Root Port (rev 09) 00:02.0 VGA compatible controller: Intel Corporation Ivy Bridge Graphics Controller (rev 09) 00:14.0 USB controller: Intel Corporation Panther Point USB xHCI Host Controller (rev 04) 00:16.0 Communication controller: Intel Corporation Panther Point MEI Controller #1 (rev 04) 00:1a.0 USB controller: Intel Corporation Panther Point USB Enhanced Host Controller #2 (rev 04) 00:1b.0 Audio device: Intel Corporation Panther Point High Definition Audio Controller (rev 04) 00:1c.0 PCI bridge: Intel Corporation Panther Point PCI Express Root Port 1 (rev c4) 00:1c.1 PCI bridge: Intel Corporation Panther Point PCI Express Root Port 2 (rev c4) 00:1d.0 USB controller: Intel Corporation Panther Point USB Enhanced Host Controller #1 (rev 04) 00:1f.0 ISA bridge: Intel Corporation Panther Point LPC Controller (rev 04) 00:1f.2 RAID bus controller: Intel Corporation 82801 Mobile SATA Controller [RAID mode] (rev 04) 00:1f.3 SMBus: Intel Corporation Panther Point SMBus Controller (rev 04) 01:00.0 VGA compatible controller: Advanced Micro Devices [AMD] nee ATI Thames XT/GL [Radeon HD 7600M Series] (rev ff) 07:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. Device 5289 (rev 01) 07:00.2 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 0a) 08:00.0 Network controller: Intel Corporation Centrino Wireless-N 2230 (rev c4)

    Read the article

  • How do I make custom bootsplash and wallpapers [closed]

    - by joel
    Possible Duplicate: How to customize live Ubuntu CD? I would like to customize my Ubuntu install with my own Wallpaper. I know where to change the wallpapers I copy my wallpaper in /usr/share/wallpapers and then modify the contests/xml file in order to use it but thats about it. how can I also change the following with the same Image: the login image(lightdm) boot screen and shutdown screen(plymouth)

    Read the article

  • America The Vulnerable

    - by Naresh Persaud
    At the Executive Edge this week, Joel Brenner shared his perspective on the state of cyber-security. Today our most critical military and corporate secrets are under attack. In his presentation, Joel shared his perspective on how organizations can can better prepare for the changing security climate. The amount of state sponsored espionage has highlighted weaknesses in our national security infrastructure. The Internet was primarily intended to provide a means of collaboration for non-commercial entities. Today it is the backbone of our digital commerce and digital experience and it was not designed to secure the activities and data we share today.  Check out "America The Vulnerable" and learn more. 

    Read the article

  • Dynamic audio score/music

    - by Joel Martinez
    I'm interested in developing a game who's background music changes with the mood and scenario of the game's action. Of course many existing games do this (halo for example), but I was interested in any resources/papers/articles talking about the techniques to develop a system like this. I have some ideas, and I understand that this will be equally challenging to implement at the code level as it will be to come up or acquire music that fits this model. Any links or, answers with ideas in them would he appreciated. Edit: this is the kind of info I'm looking for :) http://halo.bungie.org/misc/gdc.2002.music/

    Read the article

  • What should a developer know before building a public web site?

    - by Joel Coehoorn
    What things should a programmer implementing the technical details of a web site address before making the site public? If Jeff Atwood can forget about HttpOnly cookies, sitemaps, and cross-site request forgeries all in the same site, what important thing could I be forgetting as well? I'm thinking about this from a web developer's perspective, such that someone else is creating the actual design and content for the site. So while usability and content may be more important than the platform, you the programmer have little say in that. What you do need to worry about is that your implementation of the platform is stable, performs well, is secure, and meets any other business goals (like not cost too much, take too long to build, and rank as well with Google as the content supports). Think of this from the perspective of a developer who's done some work for intranet-type applications in a fairly trusted environment, and is about to have his first shot and putting out a potentially popular site for the entire big bad world wide web. Also: I'm looking for something more specific than just a vague "web standards" response. I mean, HTML, JavaScript, and CSS over HTTP are pretty much a given, especially when I've already specified that you're a professional web developer. So going beyond that, Which standards? In what circumstances, and why? Provide a link to the standard's specification. This question is community wiki, so please feel free to edit that answer to add links to good articles that will help explain or teach each particular point. To search in only the answers from this question, use the inquestion:this option.

    Read the article

  • PCI Compliance Book Suggestion

    - by Joel Weise
    I am always looking for good books on security, compliance and of course, PCI.  Here is one I think you will find very useful. "PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance" by Branden Williams and Anton Chuvakin.  [Fair disclosure - Branden and I work together on the Information Systems Security Association Journal's editorial board.]   The primary reason I like this book is that the authors take a holistic architectural approach to PCI compliance and that to me is the most safe and sane way to approach PCI.  Using such an architectural approach to PCI is, in my humble opinion, the underlying intent of PCI.  Don't create a checklist of the PCI DSS and then map a solution to each.  That is a recipe for disaster.  Instead, look at how the different components and their configurations work together in a synergistic fashion.  In short, create a security architecture and governance framework (the ISO 27000 series is a good place to start) that begins with an evaluation of the requirements laid down in the PCI DSS, as well as your other applicable compliance, business and technical requirements.  By developing an integrated security architecture you should be able to not only address current requirements, but also be in a position to quickly address future ones as well.

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >