Disqus - Latest Comments for markjaquith

Re: Laravel 5.7 From Scratch: Custom Events and Listeners

Mark Jaquith — Mon, 11 Feb 2019 23:56:41 -0000

Looks like a solution is being developed here: https://github.com/laravel/...

Re: IoT Home Router Botnet Leveraged in Large DDoS Attack

Mark Jaquith — Mon, 05 Sep 2016 09:17:27 -0000

How do you know traffic was coming from the routers and not from a compromised device behind the routers? Isn't NAT mostly undetectable from the outside?

Re: PHP Revolution: HHVM and WordPress 3.9

Mark Jaquith — Sun, 20 Apr 2014 23:31:41 -0000

I've been playing with HHVM and WordPress 3.9 today. Its performance is really impressive. But I don't think it's ready for production use quite yet. For instance, WordPress cookies aren't set properly when using HHVM (you'll be logged in the backend, but not on the front of your site). I opened a ticket for that. https://github.com/facebook...

But I expect that it'll be ready for tentative production use real soon. The great thing is that it's super simple to switch between PHP-FPM and HHVM... just a one-line change in your Nginx config.

Re: Why We Built Pantheon With Containers Instead of Virtual Machines

Mark Jaquith — Thu, 27 Mar 2014 01:30:13 -0000

Pretty sure you just responded to a spam comment that scraped content from this very blog post. :-)

Re: The npm Blog — npm's Self-Signed Certificate is No More

Mark Jaquith — Fri, 28 Feb 2014 16:37:35 -0000

I could maybe understand if it was because of the moderately course language (their house, their rules). If that's the case, they should ask @Rob Colbert if they could asterisk-out those bits and let the comment stand. Because they sure as heck need to be called out on the things Rob called them out on.

But then, @Sarah Nadav used even stronger language, and her comment is still standing.

Re: No, Rubbing Vicks Vaporub On Your Feet Does Not Prevent Coughing

Mark Jaquith — Fri, 15 Nov 2013 18:16:18 -0000

You seem to be confused about this. Menthol is an effective cough suppressant. I don't think there's any doubt about that. Try this as an experiment: put VapoRub on a child's feet. And then put your cheek to their cheek, so your head is the same distance from their feet as their head. Inhale. Can you smell the menthol? See, children's feet aren't very far away from their head. For the purposes required, it's close enough.

The reason for putting it on their feet instead of their chest is practical. You can put socks on their feet, denying them access to the VapoRub, and making for easy clean up in the morning. When it's on their chest, they have easier access to it, and can spread it around, making a mess.

I'm the most skeptical person you'll ever find. I think you got overenthusiastic here.

Now, as stated in the Facebook status, yeah, that's a bit much. "100% effective"? Almost nothing is 100% effective. But if menthol works as a cough suppressant, and if the child still has access to menthol vapors when the VapoRub is on their feet, maybe it's not a crazy suggestion.

Re: Developing for WordPress? Keep your shit secure

Mark Jaquith — Thu, 15 Aug 2013 14:50:02 -0000

I do agree with you in principle. The issue is that we usually don't have access to a good caching layer that could be used at this scale. On client sites where you control the stack, you might be able to make a different decision.

Re: Developing for WordPress? Keep your shit secure

Mark Jaquith — Thu, 15 Aug 2013 08:14:12 -0000

There is no faster-but-still-secure method in WordPress core. It's an expensive thing because HTML is not regular. Regular expressions can't parse HTML. If the normal avenues of injecting the data are protected, then you are good. If someone else has access through some other flaw, then they could just compromise posts or comments anyway, as core does KSES on save for those.

Re: Developing for WordPress? Keep your shit secure

Mark Jaquith — Thu, 15 Aug 2013 01:42:06 -0000

Nice post! Do note that KSES functions shouldn't be run on output on the front end… they’re too slow. If you need to allow *some* HTML, then use KSES on save and make DARN sure that there is no other way to get data into that storage location.

Re: Sass vs. SCSS: Which Syntax is Better? - Articles

Mark Jaquith — Wed, 14 Aug 2013 16:47:22 -0000

So Sass is better, but SCSS will win? :-)

Re: CDN Serving Dynamic PHP Pages

Mark Jaquith — Tue, 13 Aug 2013 17:35:46 -0000

If you can have multiple rules, you could also explicitly whitelist your /wp-content/ directory. Pretty cool that you can define rules that run at the CDN level! Is this strictly a "call us for pricing" add-on?

Re: Tracking: The NSA's Secret Surveillance Programs

Mark Jaquith — Sun, 09 Jun 2013 20:47:35 -0000

Not if it's encrypted. All your Facebook browsing is over SSL, so it's not expected that anyone would be able to see what was going on, even if they intercepted the traffic.

Re: Bradycardia & Cardiac Arrest for WordPress 3.6

Mark Jaquith — Mon, 13 May 2013 08:19:21 -0000

Google has the ability to write servers configured specifically for a persistent connection. We don't, so we have to poll.

Re: Principal Shuts Down Cosmetology Class Because One of the Students ‘Looked’ Gay

Mark Jaquith — Sat, 15 Sep 2012 23:25:25 -0000

Maybe if Kwamane tries to attend the principal's church, he'll shut that down, too.

Re: How to detect if a webfont really loaded II

Mark Jaquith — Mon, 03 Sep 2012 00:42:40 -0000

It probably should be fontDetect.

Re: A Ballot Measure in Florida Could Give Taxpayer Money to Religious Schools

Mark Jaquith — Sat, 25 Aug 2012 03:29:24 -0000

I'm completely in support of blocking the state from directly funding religious institutions. But the anti-school-choice talk by AU is a complete tangent and has nothing to do with state endorsement of religion. There are many ways that a voucher or refund program could be structured to avoid state endorsement of religion. And it shouldn't at all be a surprise that public schools want to continue receiving money for students who don't go to their school. Free money, man.

Re: My 10 Most Useful Shell Commands // Plasticmind Blog

Mark Jaquith — Wed, 22 Aug 2012 12:59:10 -0000

Note that if you're not using compression, you shouldn't use file redirection for mysqldump output. Use the -r switch to specify an outfile. Otherwise it garbles some characters.

Re: Hacked Reuters site had outdated WordPress install

Mark Jaquith — Wed, 08 Aug 2012 08:00:09 -0000

It is currently unknown how the attackers gained access to their site. Reuters isn't saying. While it is true that they were running an out-of-date version of WordPress, that doesn't mean that's how the attackers got in. Often, attackers get in some other way, and then once inside, begin looking for WordPress installs.

Re: Rogue Ad Attempted to Redirect Wired Readers

Mark Jaquith — Tue, 10 Apr 2012 23:02:53 -0000

at no time were any users exposed to potentially infectious malware

Can you really say that for sure? If it was redirecting to third party sites, those sites could have had malware.

This is and has been a huge problem with advertising networks. Everyone wants to throw in their own custom tracking code. So anything goes. Ad networks' response is to be reactive. If an ad misbehaves, they'll take it down. In the meantime, the reputations of all the sites where that ad was being served are being tarnished.

Re: Why Your Klout Score Doesn’t Matter

Mark Jaquith — Tue, 06 Mar 2012 03:21:01 -0000

Klout is just a tacky idea. Gamification is not beneficial when publicly applied to communications. You don't need a big orange number to tell you whether you value your communications and your social network interactions. That's why I quit.

Re: A better tool for cubic-bezier() easing

Mark Jaquith — Fri, 24 Feb 2012 04:16:43 -0000

It looks like that Webkit bug was fixed: https://bugs.webkit.org/sho...

Re: Judge Refuses to Shut Down Online Market for Used MP3s

Mark Jaquith — Tue, 07 Feb 2012 14:53:54 -0000

Apple does not sell MP3 files through iTunes.

Re: Anonymous for Good

Mark Jaquith — Fri, 27 Jan 2012 01:03:40 -0000

Idley [sic]?

Re: Groups Petition for Right to Hack the Xbox, Back Up DVDs

Mark Jaquith — Tue, 06 Dec 2011 03:04:19 -0000

Handbrake doesn't itself have the ability to decrypt DVDs.You need decrypting software already present on your computer for it to work. That's how they thread that legal issue.

Re: The three biggest myths about women in tech | VentureBeat

Mark Jaquith — Mon, 31 Oct 2011 14:48:28 -0000

There's no such thing as a "diverse" candidate, in terms of demographics. Every individual is a single data point. Diversity is a quality of the employee/candidate pool, not of individuals.