Monthly Archives: September 2014

New study shows that a hamburger menu icon has no different user behavior than the text “menu”

Don’t be afraid to use the hamburger menu icon. Here is more proof that it is universally understood these days

 

Would you like fries with that?

The Hamburger Icon – it’s everywhere. All around you. In web apps, mobile sites, desktop sites, and computer software. The ubiquitous three-line icon is now so common it feels as if it is universally understood to mean “Navigation Menu.” But is it?

Read about the study at booking.com

Shellshock: a severity 10/10 Bash bug that allows attackers to execute arbitrary commands on web servers

You thought the heartbleed bug was bad? Today’s Bash vulnerability is much much worse

 

Concern over Bash vulnerability grows as exploit reported “in the wild”

“Shellshock” bug in common GNU shell could be “worm-able,” used to launch kernel exploits.

The vulnerability reported in the GNU Bourne Again Shell (Bash) yesterday, dubbed “Shellshock,” may already have been exploited in the wild to take over Web servers as part of a botnet. More security experts are now weighing in on the severity of the bug, expressing fears that it could be used for an Internet “worm” to exploit large numbers of public Web servers. And the initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry. A second vulnerability in Bash allows for an attacker to overwrite files on the targeted system.

Read the full article at Ars Technica

OS X Yosemite introduces ability to write automation scripts in JavaScript instead of AppleScript

There is a bright future for JavaScript on OS X: write automation scripts in JavaScript to improve your workflow

 

Michael Crump gives several examples including:

– Sending an email message through Mail

– Displaying dialogs

– Use text to speech

– Launch and manipulate Safari

Read more from the source: Telerik Developer Network

npm@2.0.0 released – The npm Blog

npm 2.0.0 is a major version change but don’t be afraid, your code probably won’t break

 

npm maintainer Forrest Norvell (@othiym23) introduces npm 2.0.0:

“Last week, I released npm@2.0.0. If you’ve been using npm@1.4, it’s a substantial update, but that’s not why it’s 2.0.0. npm@1.0.1 was released on April 30th, 2011 – three and a half years ago.”

Notable changes include:

– Ability to pass arguments into scripts

– Scoped packages

– Bearer token auth

– Node 0.8+ is required

– Numerous bugfixes

Read more from the source: npmjs.org

CloudFlare is a free global CDN and DNS provider that can speed up and protect any site online

We’ve been using CloudFlare for a few weeks and am very impressed. Every web app should use CloudFlare

 

CloudFlare provides a reverse-proxy service that protects your site from DDoS attacks, caches assets into it’s robust CDN, delivers your content via SPDY and has dozens of other protections and optimization.

Features they list include:

– Distribute your content around the world so it’s closer to your visitors (speeding up your site).

– Web pages with ad servers and third party widgets load snappy on both mobile and computers.

– Protect your website from a range of online threats from spammers to SQL injection to DDOS.

– Get insight into all of your website’s traffic including threats and search engine crawlers.

Watch the video or read more at cloudflare.com