Articles about ruby on rails

ruby slippers

Flaw-finding Ruby on Rails bot steams past humans

Boffins at MIT have designed a Ruby on Rails interpreter that can find code flaws much faster than fleshy programmers. Dubbed Space, the software has been tested against 50 popular web applications written in Rails, and found 23 previously undiagnosed security flaws. None of the programs required more than 64 seconds for a …
Iain Thomson, 15 Apr 2016

Extortion racket borks Basecamp servers with 20Gbps web bombing

Users of Basecamp's project management software experienced an outage this morning, with more possible in the future, after the company was blown off the internet in a distributed denial-of-service attack when it refused to pay off crooks. The attack hit at 0846 Central Time (1346 UTC) on Monday and knocked the company's …
Iain Thomson, 24 Mar 2014

RoR Paperclip infested by content type spoofing bug

Ruby on Rails developers using the Paperclip uploader to receive files need to update to a new version, after a developer turned up an XSS bug in the software that could possibly be extended to remote code execution. The new version, here, implements stricter incoming file typing to eliminate the bug. What Egor Homakov …
Cloud security

THOUSANDS of Ruby on Rails sites leave logins lying around

A security researcher has warned that a Ruby on Rails vulnerability first outlined in September is continuing to linger on the Web, courtesy of admins that don't realise a vulnerability exists in its default CookieStore session storage mechanism. The weakness affects some big names, with the research turning up names like …
The Register breaking news

Ruby on Fails: Zombie SERVER army built thanks to Rails bug

A critical vulnerability in trendy web programming kit Ruby on Rails is being abused to conscript hacked website servers into a growing botnet army. A security bug (CVE-2013-0156) in the open-source application framework was patched in January, but months later many website owners have failed to apply the update, leaving code …
John Leyden, 30 May 2013
The Register breaking news

Ruby 2.0.0 adds syntax sparkle, boosts performance

The Ruby community announced the first stable release of Ruby 2.0 on Sunday, exactly 20 years to the day since Ruby creator Yukihiro "Matz" Matsumoto first conceived of the language on February 24, 1993. Ruby 2.0.0-p0, as the release is formally known, represents the first major revision of the language since Ruby 1.9 was …
Neil McAllister, 26 Feb 2013
The Register breaking news

Ruby off the Rails: Enormo security hole puts 240k sites at risk

Popular programming framework Ruby on Rails has two critical security vulnerabilities - one allowing anyone to execute commands on the servers running affected web apps. The newly uncovered bugs both involve the parsing and handling of data supplied by visitors to a Rails application. The CVE-2013-0156 hole is the more severe …
John Leyden, 10 Jan 2013
The Register breaking news

Ruby on Rails has SQL injection vuln

The maintainers of Ruby on Rails are warning of an SQL injection vulnerability which affects all versions of the popular Web framework. They advise that users should immediately apply an upgrade available here. Designated CVE-2012-5664, the maintainers explain the bug this way: “Due to the way dynamic finders in Active Record …

Job ad seeks 'mediocre' developers

Are you just scraping by coding in Ruby? Are you not prepared to pull infinite all-nighters? Are you less than amazingly fast? If you answered yes to any or all of the above, worry not: Melbourne, Australia, company Flippa has advertised for “Mediocre Ruby Devs”. The ad is not entirely serious, as Flippa does want good …
Simon Sharwood, 30 Jul 2012
The Register breaking news

Node.js sees Windows compatibility as key to success

The creator of Node.js says he wants to avoid the mistakes of other development environments, and support cross-platform systems as much as possible. Ryan Dahl, who devised Node.js as a way of running JavaScript on the server side, was speaking in a group session with Rackspace and Microsoft at the first Node Summit in San …
Iain Thomson, 24 Jan 2012
The Register breaking news

Ruby on Rails cloud envelops PHP shop

Engine Yard – a San Francisco startup offering a "platform cloud" for Ruby on Rails applications – is buying Orchestra, a Dublin-based outfit that provides a similar service for PHP applications. On Tuesday, Engine Yard announced a definitive agreement to purchase Orchestra, saying it intends to expand its existing platform to …
Cade Metz, 23 Aug 2011
The Register breaking news

Heroku: A development cloud for all seasons

Heroku began life as an online service for building, hosting, and readily scaling Ruby on Rails applications. But the "platform cloud" has since expanded beyond the decidedly hip net programming language, embracing two other decidedly hip options: Node.js and Clojure. In May, the Heroku rolled out a new …
Cade Metz, 11 Jul 2011
The Register breaking news

Ruby shines in North American developer survey

Ruby use is up 40 per cent amongst North American software developers since 2008, according to a new study from Evans Data. Despite the jump in popularity, Ruby still occupies a relatively small niche in the developer community as a whole, the company says. Only 14 per cent of developers polled in North America use Ruby at …
Austin Modine, 23 Jun 2009

EnterpriseDB chases Oracle and MySQL on Web 2.0

LinuxWorld Having spent three years trying to get purchase on Oracle's mighty database business, EnterpriseDB is embracing Web 2.0 developers with a bundled version of Postgres. EnterpriseDB - whose existing database product is a version of Posgres that's sold under a commercial license and that the company claims is compatible with …
Gavin Clarke, 10 Aug 2007

Create a news alert about ruby on rails, or find more stories about ruby on rails.

Biting the hand that feeds IT © 1998–2018