On the PHP Security blog today, Stefan Esser points out one of the latest episodes of the Pro::PHP Podcast in which Ed Finkler got to talk a little bit about PHP security (seeing as how he's involved with the PHPSecInfo project). One of the things he (Ed) specifically mentions in the interview is the Month of PHP Bugs that Stefan recently wrapped up.
Today I learned about a podcast interview of Ed Finkler one of the members of the PHP Security Consortium. I heard through the first 30 minutes and was kinda bored because it was not really about PHP Security but about educating PHP developers, which is a subtopic of PHP Application Security which itself is a subtopic of PHP Security. I already wanted to switch it off when at around 34:32 they started talking about the Month of PHP Bugs.
Stefan also notes that Ed didn't mention that several of the MoPB issues had already been released to the PHP group but had yet to of been corrected. Be sure to check out the podcast for yourself, though and see what you think of Ed's comments about PHP security and the MoPB initiative.
Oh well, Stefan's rant made me go back to listen to the entire podcast. I nodded off there at the end when you guys were talking about PHP IDEs. *snore* ;-)
I obviously have an opinion (lots of them and very strong ones), but instead, I recommend readers of that blog entry take the last piece of advice and listen to the podcast with an open mind before they judge. Why? Because this highlights a great thing about podcasts that's missing in normal blogstorm dialog: you can hear the full context in which words have been said and, in addition, the tone of those words can convey much more than the words themselves…like the desire to be civil.
Big minus: You guys bleeped out parts. Man when someone says that WordPress sucks ass, I don't want it bleeped out! What would have happened to my podcast had the censors gotten to it? Don't they cuss up there in Canada, eh? :-D