Now I've been website developer for a pretty long time now (seven years to be exact) and I must say it's been a wonderful learning experience with no shortages of surprises along the way. Now these surprises, have been mostly good, as I've been constantly amazed at what the development of the web would bring us next. I've also seen my fare share of nasty surprises that've come along for the ride.
Since I started on this beautiful journey, I've been witness to the hype associated with technologies such as Javascript, Java Applets, DHTML, ASP, PHP and more recently Web 2.0(If I may call is a web tehnology when they first made their debut on to the web scene. But not all have stood the test of time due to various deficiencies in their substance as effective web technology solutions. The advent of Open Source and it's principles didn't make things any easier or clearer for that matter. A lot of the technologies I mentioned above didn't quite make the cut but some did such javascript and PHP which have become strong forces to reckon with. I am a bit skeptical though of what Open Source has done to the development of the web.
Take the introduction of open source platforms such as Joomla, which I must say have a done a lot for the standardization and development of Rapid application building of websites and applications. Touted as a Content Management System or CMS, with all the functionality you could ever want to include in your website. It doesn't end there, it goes further on to provide you and me the ability to extend it(joomla) with your own extensions and plugins which end up either compromising your Joomla! installation or making it one of a kind.
I've found using Joomla! a joy, as it provides me the time to focus on making a website that is refreshing, specific and that users truly enjoy. Less time is spent of making sure the website is stable or that the architecture is extensible. On top of all that the time with which I can deliver a website has dramatically been sliced and diced. Albeit I have found though that Joomla! is not necessarilty the Swiss army knife of tools for making websites. It doesn't always fit everything. Like a friend of mine explained to me, some people use it for everything like online brochures?? Use HTML for goodness sake! Which brings me to some of the perils or dangers of Joomla.
A few days ago while doing my regular morning rounds around the web I noticed that the Joomla website, i.e. the official Joomla website had been hacked. i was just like wow! And after doing a few preliminary checks through google I noticed that a number of other websites had also been hacked and all of them were joomla based. 422 to be exact within a very short space of time. When I got in touch with some of my White Hat Hacker friends online they showed me how the hack was done on one of their own websites which had Joomla installed and I was, once again shocked!
By simply manipulating the URL of a joomla site which normally includes something like index.php?option_com... a hacker could actually trick Joomla(And I'm refering to Joomla! 1.54 and below) into taking him to the reset password page i.e. for the administrator account. I watched in awe as the hacker walked me through which brought me to thinking about writing this article. I know that many other web platforms have their wn fare share of problems but when the developers of that platform get hacked themselves and their website goes down?? You've gotta wonder. There are however numerous tools i.e. Plugins, extensions and components which you use to secure your Joomla installation but with the large fanbase that Joomla has someone is bound to be tinkering while the rest of us are admiring the work done by the Joomla team.
So please beware out there, if you're using Joomla please update regularly to the latest versions of whatever release you're using. But then again my real advise to you is make sure you're using platforms, scripts and web technologies for the correct scenario or purpose. You'll be leaving yourself wide open to a whole host of things.
2 comments:
I agree with you on your conclusion. I would like to point out that while it is necessary and highly encouraged by vendors and devlopers alike, updating the current versions of software is not usually given high priority by people who should know better.
On Open Source software, i howeevr beg to differ. I a, a fan of F/OSS. As aprogrammer/developer i would think you would appreciate the benefits of F/OSS. F/OSS can be customised, it encouraes innovations by programmers particularly the new programmers, it is cheaper for organisations as their own programmers can customise the software without incurring huge costs from the developers for customisations,etc.
I am sure you get my drift on the benefits of F/OSS. If you really stop to think about it, how many F/OSS applications , services and/or operating systems are in use on the WWW? and how many proprietary applications do the same? How extensive are the uses of these applications?
Let me know what you think, i might be biased but what ha driven the web and the development of the web in your opinion?
Hi Sally, sorry for the loooooong time it took for me to reply. to say I've been swamped is an understatement.
But thank for your comment and I would like to continue the discussion further and generate some dialog on the issues you've touched on.
I think we agree on the fundamental issues here but I suspect that our perceptions of proprietary software as compared to open source software may differ.
I'm a big fan of OSS but at the same time I have my reservations due to the openess of it all and the fact that some follow unwritten codes of conduct in OSS cirlces and some don't.
What proprietary software brings to the table should not be ignored just becoz it's not free. In fact it brings to the fore accountability and whole range of other benefits which are often ignored. I'm going to be writing a few articles on this and other related issues. Thanks again for your comment Sally.
Post a Comment