The SSL Heartbleed bug explained in 30 seconds

Another excellent comic by xkcd (a site that publishes dev/op/web-related comics, usually nailing things right to the head): This time explaining one of the worst bugs in IT history, the OpenSSL “Heartbleed Bug” (links to official bug page). For everybody who lived under a rock in the last days: Several weeks ago a bug in the open source OpenSSL library (that is used in, well, nearly everything that uses SSL, from major websites to NAS systems, from Android to routers) was discovered and major websites were informed secretly (to prevent criminals getting notice on that). The bug is basically a broken parameter check that allows the user/attacker to request a “full” memory dump. A full memory dump. With passwords, SSH keys, etc. in it.

A few days ago, TheVerge wrote an article about the bug, reaching mass attention, opening heaven for cyber-criminals. Side-fact: It’s interesting to see the extreme mass of news coverage created by bugs in (open source) software these days: Heartbleed and Apple’s OpenSSL bug (test site) have made it to the #1 article in quality newspapers, tv news and for sure online newspapers all over Europe. Somebody ran a mass test against the top1000/top10.000 pages in the world, checking major websites for vulnerability – and listed the results here on GitHub. This list is unproven, but the names are awesome. Note that this list has been created after the bug went viral, so we don’t talk about a theoretical bug here.

You can make a basic check for the bug on this Heartbleed test site.

The SSL Heartbleed bug explained in 30 seconds

Interesting: code of the same application in PHP, Python, Ruby, Closure, node.js, Java and Go

How blind people use websites (video with Sina Bahram, blind accessibility researcher)

How to install / setup PHP 5.5.x on Ubuntu 12.04 LTS

[Link] How to create, read, update and delete (CRUD) with PDO, MySQLi and MySQL the right way (prepared statements)

[Link] Improving Smashing Magazine’s Performance: A Case Study

How to get a single table out of a massive MySQL .sql database backup file (mysql dump splitter)

Vote for “Hack” for HipHop/HHMV support (future style PHP) in PHPStorm 8

GitHub rolls out .PSD diff and viewing

Awesome next-gen PS4 graphics in “The Order: 1886”

Jonathan Snook – CSS is a Mess – How to organize CSS in big projects (54min video talk)

A perfect video tutorial to get started with xdebug in PHPStorm

Debug PDO with this one-line function. Yeah!

A collection of beautiful ajax loaders / spinners in pure .svg / CSS

How blind people use websites (video with Sina Bahram, blind accessibility researcher)

[Link] How To Install October CMS on a VPS running Ubuntu 14.04

[german] Modernes Frontend-Development mit Bower, Grunt, Yeoman (45min Video, Thorsten Rinne auf der IPC2013)

How to setup / install PHP 5.6 on Ubuntu 14.04 LTS

GAMESCOM 2014: Awesome Next-Gen ingame graphics

Preview-release of (my) “php-mvc” project (a simple php mvc barebone)

-45% (or even 50%) off on DesignWall today

Europeans: Get ready for OFFF conference / festival in Barcelona, May 2014

Interesting talk on modernizing a legacy PHP codebase

Harper Reed – The magic and mystery of Big Data (30min video from Webstock’15)

Frontend Ops Conf 2014 – Sarah Goff-Dupont: Git, Continuous Integration and Making It Pretty (31min video)

How to install/setup a basic LAMP stack (Linux, Apache, MySQL, PHP) on Ubuntu 14.04 LTS