DeeEmm

Pragmatism in code

Waxing lyrical about life the universe and everything software related since lunchtime 2006.

National Cyber Security Awareness Week

This week is National Cyber Security Awareness Week here in Australia.

National Cyber Security Awareness Week is an annual initiative of the Australian Government held in partnership with industry, community and consumer groups and state and territory governments.

It is designed to raise awareness among Australians of cyber security risks and simple steps they can take to protect their personal and financial information online.

National Cyber Security Awareness Week 2010 is from 6 to 11 June. It will promote six easy tips for better online security:

...
Continue reading
1253 Hits
0 Comments

Dolphin Orca Update

The Dolphin forum, or Orca, as it is known, was a parallel stand alone development that was integrated as a module into the Dolphin 7 release. This module is a massive improvement over the previous integration in Dolphin 6, and has provided an easier opportunity to improve it.

Many Dolphin users are unhappy with the features supplied with the standard forum module, often opting to replace it with other forums such as phpBB or IPB. This has mixed success, as often the integrations are simply iframe hacks, or miss out important aspects such as avatars or messaging. This is where Orca is already a step ahead. The integration is already completed, it is a core part of the Dolphin product, and so already has all of the needed variables and data available to it, to use in improving its features.

We have been working on an update to Orca, to add in the missing features that many complain about, these are usability features for both users and administrators alike, as well as the creation of a set of moderation tools.

The project is in it's very early stages, and only in Alpha release, but as it's based on a functional product, we already have a demo set up. This will be updated as the project progresses.

...
Continue reading
3122 Hits
0 Comments

Dolphin 7 Security Vulnerability Exposed

It would seem that this weekend has been an active time in the CMS community for security vulnerabilities, first Joomla issue a patch for a potential XSS issue, and now Boonex's Dolphin package has been raising some eyebrows with, an as yet unresolved security issue that exposes the database name, username and password, in plain text to the browser via a verbose error report. This report is triggered by any number of bugs, and could easily be used to compromise a website or server.

The security 'hole' had previously been reported and raised as an issue with the Dolphin developers, who's response was that it had been addressed. Amusingly this seems not to have been the case, with the latest attention being that the bug has now been witnessed on the Boonex admin test site, and the resulting full error report published. - http://www.boonex.com/unity/forums/topic/Hey-BoonEx-Notice-Something-.htm There is some further discussion in the blogs as well - Major Security Risk: Information and Temporary Solution

The community were quick to act, with a couple of suggested workarounds published on modmysite - http://www.modmysite.com/general-issues-comments-questions/10491-db_full_visual_processing.html#post39764 as well as on the Boonex site, but there has been no official response.

As of the time of this post, some three days after the original post, Boonex have still yet to comment, and there has been no official patch available to address the issue.

...
Continue reading
7353 Hits
4 Comments

Joomla 1.5.18 Released

XSS Vulnerability addressed.

Joomla 1.5.18 has recently been released and includes a security update to fix a core XSS vulnerability. All Joomla users are advised to upgrade. More details about the vulnerabilty can be found on Joomla's developers board HERE.  If you wish to stay abreast of the latest security announcements and updates for Joomla, you are advised to keep a check on the Joomla Developer Vulnerability News Feed.

 

More information on the 1.5.18 release, including the downloads can be found on the product release page - HERE

...
Continue reading
1993 Hits
0 Comments

Free Mods Released

It's been a very busy week here in the software office. Hot on the heels of the recent Flat Comments and Group Forum Posts Block mods, we have a further three - yes that's THREE!! new mods available in the store, plus a re-released oldie.

Whats more, three of the mods are free!

The first mod is a re-release of our Login redirect mod for Dolphin 6. Whilst this has been available for download over at Boonex.com, for some reason it was omitted from the store, so we added it in. You can download it HERE

Next up is Auto Friend on Join. This is another Dolphin 6 mod that has been updated to work with Dolphin 7. The Mod automatically adds a friend to the joining members profile - a bit like Tom on myspace. This mod differs a little as it will add select the friend it adds based on the gender of the joining member. It can be set  to add either a friend of the same sex, or opposite sex. Get it HERE

...
Continue reading
2659 Hits
1 Comment