[Chugalug] CLI analysis of hacked php.net

Mike Harrison cluon at geeklabs.com
Tue Oct 29 02:49:36 UTC 2013

On Oct 28, 2013, at 10:14 PM, James Nylen <jnylen at gmail.com> wrote:

> Yay PHP!  I'll just leave this here:
> http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/

Yeah, PHP sucks.. ABC-Pro++ or whatever is obviously much better.

This rant is from a very talented programmer that started somewhere else and has very specific expectations for behavior. 
Alex is a Python purest and looks at the world throughout those glasses. 

I love/hate PHP and do things on a scale, depth and breadth in it few comprehend..  sometimes even me. 
It's a useful tool. Learn how it works, respect some of the historical oddities and go forward. 

Like many programmers, Alex is interested in polishing his tools, not building things. 

I've seen real talent build web browsers in database languages, embedded systems in line numbered basic, 
email servers in a Macro Language (M4 was originally a text parsing macro language and become: sendmail )

Today I fixed and wrote code in PHP, Perl, Expect, Java (AAaaack!) Bash and JavaScript.. 

As for the exploit of php.net: I did not find a clear example of the initial exploit. 
http://barracudalabs.com/2013/10/php-net-compromise/ says it is still unclear. 
But it was an interesting, short and incomplete article. 

Old programmers never die, their code just gets commented out.. PHP's been around for a while, and will be. 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 671 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://chugalug.org/pipermail/chugalug/attachments/20131028/d1b88794/attachment.pgp>

More information about the Chugalug mailing list