What disturbs me is anti-sec. Have you come across em? They attempt to hack me very often. They believe that methods used by hackers should NOT be disclosed in public, they believe security is essentially a hoax, an industry designed to breed fear, and they would do away with all the people like me who sit around trying to build anti-hacking systems. My experience of them is that they operate out of Eastern Europe, but I suppose that could be cover, and besides a movement of crazies like that is bound to grow! Look at the works of Abraham.

No I don't pay to much attention to the cracking community at all these day, although I do agree that the security companies do hype the "threats" up far more than they need to drive sales of firewalls, "Internet Security" packages.

Quote:

The Anti Security Movement (also written as antisec and anti-sec) is a movement opposed to the computer security industry. Antisec is against full disclosure of information relating to but not limited to: software vulnerabilities, exploits, exploitation techniques, hacking tools, attacking public outlets and distribution points of that information. The general thought behind this is that the computer security industry uses full-disclosure to profit and develop scare-tactics to convince people into buying their firewalls, anti-virus software and auditing services.
Movement followers have cited websites such as SecurityFocus, SecuriTeam, Packet Storm, and milw0rm to be targets of their cause, as well as mailing lists like "full-disclosure", "vuln-dev", "vendor-sec" and Bugtraq, as well as public forums and IRC channels.
As recently as 2009, attacks against security communities such as Astalavista[1] and milw0rm,[2] as well as the popular image-host ImageShack[3][4] have given the movement worldwide media attention.

The fact is that transparency and a full understanding of what attacks our machines is vital to hardcore developers behind the scenes. That full disclosure needs to be available in the public domain. If not, I'm a hacker too, just for knowing how to stop a hacker, which is not fair. Besides, I wouldn't KNOW how to stop them if the information was not in the public domain.

Anti-sec are taking an extreme point of view. It's better to have a balanced picture. Yes there are unscrupulous tech firms, but there is also a basic right, a freedom, for all of us to KNOW how people are hacking us.

I'm not sure why they are trying to break into my machines because I have not published any information about anti-hacking. Not recently. I guess in the past I had information up. But that was on different machines.

If software vulnerabilities are not published, even MORE people will succumb to having their machines turned into zombie spam vessels or worse, credit card capturing sites, or worse, sites whose credit card data is stolen.

Anti-sec are not thinking about society as a whole and what happens if all our lives, all our information and that of our families, is made "insecure", the way their project ultimately sets out to do. Then again how do we know anti-sec hasn't been planted by the security industry to scare us?!! Ha ha. After all, that is the effect they create, on purpose... "insecurity".

If you're arguing that using a SQL database isn't a very good approach to implementing a search engine you're absolutely right. I think you'll also find that they're not particularly useful for mowing your lawn.

None of this explains why someone should not use a relational db and nothing you've described seems to be a replacement for one.

Quote:

PHP is a language which makes it easy to leave security holes and most people DO leave them

I'm not buying it. Can you show me an example of an application that is inherently insecure because it is written in PHP and not because of a design flaw or an oversight that could just as easily occurred with another language.

Quote:

Besides, php gives you zero grounding for commandline and server admin skills, and anyone who wants to go around building cms systems ought to take THAT road

PHP allows you execute commands an run external programs just fine:
http://us3.php.net/manual/en/ref.exec.php

Of course doing so in any language will kill the portability of your application.

Quote:

I'm ready to believe Google does not use much php. Does it use ANY?

I have no idea to what extent Google uses PHP for their applications. If they aren't using it it doesn't mean PHP is bad. It just means they aren't using it. PHP seems to be working for Facebook.

I disagree. My problems with facebook are all because of its slow interface. Most sites I use are at least 50% faster than facebook, on XP, on a chrome browser, with a fat connection. They just have too many layers. It feels like (when you lose connection and post something) they store posts in cookies, too, to help carry them through situations like the one I mention. Surely that's information which could be stolen more easily than just through a web form, I mean cookies sit around on browsers. There's probably a reason not many people before facebook have done that sort of thing and I'd say it'd be because I'm not wrong to think it's a security leak.

I think diversity is good. PHP is a very useful tool. I'm glad it exists. It's a tad overused though, you've got to admit. You can't move for php. But who am I to complain? As long as it's au fait, most crackers attack php and sql which makes my job much easier. ;-)

btw it's not inherently insecure, and I'd buy php too, if certain expert PHP programmers I know wrote it, and I'd still check it as I'm anal, but the point is that statistically speaking it's holier. Ha ha. Get that? Holier.

okay, with the sql debate... more sensitive info from my labour camps. i've had to build a system where people record what they eat. most people would store that in sql databases. i've followed a model which is an evolved version of what i use for the search engines. this has resulted in my being able to handle millions of people's editing of their matter without any problems, simultaneously, without using systems which provide protection against the problems that causes at the cost of what I think I've started to generically call "clunk", in all its many unholy manifestations.

how do you know sql won't become obsolete?

Quote:

I'm not sure why they are trying to break into my machines because I have not published any information about anti-hacking. Not recently. I guess in the past I had information up. But that was on different machines.

Because it's there, is about all the motivation they need.

Quote:

Originally Posted by Aunt5ally

btw it's not inherently insecure, and I'd buy php too, if certain expert PHP programmers I know wrote it, and I'd still check it as I'm anal, but the point is that statistically speaking it's holier.

So then you concede my point. It all depends on the developer. PHP gets a bad wrap because it attracts a lot of beginners but there is nothing insecure about the language itself.

Quote:

Originally Posted by Aunt5ally

okay, with the sql debate... more sensitive info from my labour camps. i've had to build a system where people record what they eat. most people would store that in sql databases. i've followed a model which is an evolved version of what i use for the search engines. this has resulted in my being able to handle millions of people's editing of their matter without any problems, simultaneously, without using systems which provide protection against the problems that causes at the cost of what I think I've started to generically call "clunk", in all its many unholy manifestations.

So you're saying that you've come up with some search-engine-like database that is, superior to a more traditional relational database (at least for that particular application) and based on this you are advising people to stop using SQL databases? Do you have any details as to how to pull this off? How are you structuring your data?

Quote:

Originally Posted by Aunt5ally

how do you know sql won't become obsolete?

I never said it wouldn't. The relational model works for a wide variety of applications. Some services like twitter and netflix rely on non-relational dbs because those databases are better suited to their unique situation, but that by no means makes relational databases obsolete.

I'll probably have to answer your questions more precisely in a less exhausted state, but something quite cool became clear to me as the end of one phase of data engineering ended, when I was just poking around in the data and thinking:

I have these random character chains, as many people do, generated on the fly to create user identities which cannot clash with existing chains. And I realised that in one of my constructs the way these are created, deeper and deeper into hierarchies, I have inadvertently created, in that one 'place' in the structure, a very definite mandelbrot.

It gets infinitely more complicated in any place you go deeper into. It's beautiful. I guess one thing I have to say I couldn't live without is a coding style and approach which leads, inadvertently, into such beautiful electronic landscapes. Indeed it has made it clear to me what I would do if I wanted right now to come up with a mandelbrot drawing script. As I have installed on my linux server some environments which enable graphic production via a number of animated file-types I could really do some fierce stuff with this new discovery.

And it also illustrates a key point: what is the best platform for visual development? I mean do you want things like java, animated gifs (gd is a great module on cpan), swfs/flvs, or do you want a world of javascript pyramids? I go with the former three, not the javascript, as the former three are clearly more solid, structurally safe and sound. The javascript dream will end in tears, mark my words. They're getting too crazy with it these days. I blame "Ajax".

Anyway, will look back over what you said later and answer the questions you asked, but I had to share this little mandelbrot discovery. I can't wait to actually try it out and draw some mandelbrots. What fun. To be able to conjure up code for doing that by yourself without reference to anything else, other than discoveries you have made yourself, by accident, and again without reference to anything else. I guess that is a bit analogous to how mandelbrots work anyway.

I must be getting really old.

Quote:

So you're saying that you've come up with some search-engine-like database that is, superior to a more traditional relational database

A relational model/schema would be a fairly poor choice for search orientated (yes that is the correct word and spelling, it's the American "oriented" that is incorrect ) data storage that needs to deal with text document search.

An earlier thread in a similar vein is this one

Inverted index structures are simple enough to understand, provided of course you have a good grasp of mathematics as it is all about "sets" and "intersects", though more venn diagram than mandelbrot.

Yep, that was me a few years ago, grasping inverted text. This time I have hit the development of this stuff with a tonne more experience. The latest skill I've been able to apply to building something googlous is having figured out how to take a phrase and pump it for possible lexical matches. Inverting the data is all very well but the first time I did it, years ago, I never slowed down enough to make the data the absolute best data in the first place, before inversion. The numbers work out like this... about 3700 phrases have yielded 2.7 million lexical patterns of 1 to 5 words. Even without that degree of thoroughness an inverted database, because it's so fast, when finished and accessed sensibly, is already pretty impressive. So with my newfound exhaustive phrase-finding tools I'm looking forward to some exciting but very drawn-out search tool development! It took 3 weeks to analyse the 3700 and now I am about to complete the job by pressing 2.7 million search results to barrels or whatever one wants to call em.

I was thinking about my idea to try and make a mandelbrot (without looking up any help) and frankly I think I shall file it under Frivolous and leave it for the time being since I have more work to do than 17 clones of myself could handle. Nay 47 ginger-headed clones (all called Jones - ie 47 ginger-headed clones called Jones).

I also created a cms use cakephp, it is Cakeui cms, but i prefer drupal CMS. it is good. take it and Enjoy

The best way to write CMS is to write functions by yourself.
Why? You must think about page generation speed.

May I ask about this LINUX thing. What about BSD? Is it much slower than both Windows and LINUX. Am I'm correct to think that the FreeBSD kernel interpret each running process like JAVA, interpreting every call. I read that when you write a program for BSD you should use buffers and if you use registers BSD it may not return results in eax as expected. What is it doing? Taking it time deciding on how to handle your information.

I'm asking because I been planning to use freeBSD for my million-user web-site (thinking big and out-side the box or just simply writing for the maximum possibility shouldn't U and if so tell me why?) but now I wonder about its raw processing power, not just its great network-stack.

I read that LINUX use registers just like Windows. Am I right to think that LINUX processing power would be equal/near to Windows. I'm talking about pure processing power (I/O) and nothing desktop related. The only thing I know for sure is BSD/UNIX is more secure than them all. That's all I read for near two years... nothing speed related other than the darn hard-drive, ZFS etc. Who is worried about the HDD when we now write to RAM-DISK, TempFS, etc. I'm no expert but I plan to be if I can ever get to the truth about a few things like most of us.. Nine out of ten nobody got a clue ... for sure google don't. I search weekly.

Quote:

Originally Posted by max21b

May I ask about this LINUX thing. What about BSD? Is it much slower than both Windows and LINUX. Am I'm correct to think that the FreeBSD kernel interpret each running process like JAVA, interpreting every call. I read that when you write a program for BSD you should use buffers and if you use registers BSD it may not return results in eax as expected. What is it doing? Taking it time deciding on how to handle your information.

I'm asking because I been planning to use freeBSD for my million-user web-site (thinking big and out-side the box or just simply writing for the maximum possibility shouldn't U and if so tell me why?) but now I wonder about its raw processing power, not just its great network-stack.

I read that LINUX use registers just like Windows. Am I right to think that LINUX processing power would be equal/near to Windows. I'm talking about pure processing power (I/O) and nothing desktop related. The only thing I know for sure is BSD/UNIX is more secure than them all. That's all I read for near two years... nothing speed related other than the darn hard-drive, ZFS etc. Who is worried about the HDD when we now write to RAM-DISK, TempFS, etc. I'm no expert but I plan to be if I can ever get to the truth about a few things like most of us.. Nine out of ten nobody got a clue ... for sure google don't. I search weekly.

And ........ ?????

Or are you posting in wrong thread???

I don't think the OP wants to use a pre-made solution. To me, it sounds like he is offering websites to his clients, and wants an easy way to edit it. While you could do this with Wordpress, Joomla, Drupal, etc. it's not necessarily the best way.

I'd suggest looking up PHP and MySQL relationships, and flat file manipulation when you're getting into writing CMSs. CMSs don't need to be huge, 3 MB frameworks, they can be as small as merely editing content from inside the website instead of logging into PHPMyAdmin and doing it from there.

theres a lot going on in this thread. im still watching it and gathering all the information you are all providing

thanks