Weekly review: Security, synchronisation and standards

The early portion of last week was dominated by DSL troubles, and therefore general lack of net access. Just exactly the right time to hear of a security hole that requires a response from you.

Although I stopped maintaining the PHP XML-RPC code a good while ago, it still has my name all over it and so I had a part to play in organising a response to the discovery of the security hole in it. Proof that in open source, you can never really be free of code you've once published. Anyway, credit to all involved for a swift response and follow-up with affected parties.

37signals released an update to Basecamp last week, and I'm impressed at the complete lack of interruption or inconvenience to me as a customer. At work, people are gradually getting the hang of Basecamp, and finding it very useful. One common feature request seems to be synchronisation to PDA devices and Microsoft Outlook. I love Basecamp's iCal integration with Evolution, but I'd like to see things progress further.

Synchronisation's always been one of my big wishlist items, but by its nature few people are willing to step up to implement it. Apple realised this with iSync: that somebody needs to take responsibility. There've been one or two open source attempts, but mostly they move slowly or not at all. Factor in the vast number of devices out there and the poor design of standards like SyncML, and you can understand the reluctance.

Speaking of markup design, It's not been the world's best week for the promulgation of quality XML formats. I wrote already about some doubts I had about Apple's iTunes RSS extensions. Elsewhere, Uche Ogbuji was utterly astounded by the parlous state of XML formats for outlines. When it comes to this topic, I find it difficult to see why XHTML shouldn't really be the basis of an XML outliner format.

A couple of pleasant discoveries. Sean McGrath has made the switch to Ubuntu. Packt Publishing is a new technical publisher, emerged from the ashes of Wrox. They've been going for over a year, but seem to have a different business model than most publishers, focusing on direct sales.

