WordPress 3.6 vulnerability explored: The serialisation vulnerability which was fixed in WordPress 3.6.1 is looked at in detail by its discoverer in a blog posting which explores the issue of passing user content through unserialize() and why it can blow up so badly.
Container power: Containers revolutionised the shipping industry… could they do the same for the cloud? There’s a lot of activity around container based clouds which we’re looking into. One of the big drivers is Docker, which lets makes lightweight containers easy to build and run, and then there’s the orchestration layers like the open source PaaSs Deis which uses Docker, Chef and Heroku Buildpacks and Flynn which uses Docker and builds on Dokku. There’s something big going on there.
Java “Sinatra” Spark: Micro web frameworks are extremely handy; they let the web reach into places you wouldn’t normally implement the web in. Sinatra showed how you can do it in Ruby and, inspired by Sinatra, there’s Spark for Java. It looks like a quick way to bring a web server into Java applications and wire it in in a readable form.