US Department of Homeland Security Wants You To Update WindowsAugust 10th, 2006 I have never seen them so concerned about computer vulnerability from Microsoft Windows software. Everyone knows Windows OS is vulnerable by default.
Ruby on Rails Releases Yet Another Emergency Security Upgrade - 1.1.6August 11th, 2006 Rails has taken the right route and went for full disclosure unlike for example the WordPress team, who still believes in the flawed concept of security by obscurity. After a full assessment of the security vulnerability (details below) Rails team decided they needed yet another emergency patch to fully close the hole.
Free Sun Security Administrator Certification ExaminationJune 26th, 2006 Sun Certified Security Administrator for Solaris 10 OS (311-303)
If you are an expert security administrator, this is your golden opportunity to get certified for free by taking Solaris 10 Sun Certified Security Administrator exam. Sun beta exams count towards official Security Certification.
Oh No! Yet Another WordPress Fix to a Fix to a Fix to a FixMay 28th, 2005 WordPress team has come up with yet another security fix (1.5.1.2), which fixes the fix (1.5.1.1), which fixes the fix (1.5.1), which is a fix for undisclosed security defects in WordPress 1.5. Update: Now it should read: WordPress team has come up with yet another security fix (1.5.1.3) which fixes the (yet another undisclosed security risk) fix(1.5.1.2), which fixes the fix (1.5.1.1), which fixes the fix (1.5.1), which is a fix for undisclosed security defects in WordPress 1.5.
Ubuntu Releases Thunderbird Patch for Highly Critical VulnerabilitiesMay 3rd, 2006 The security vulnerabilities addressed are: Security Bypass, Cross Site Scripting, Exposure of system information, Exposure of sensitive information and Denial of Service. Ubuntu has issued an update for thunderbird.
Serious Security Hole in Ruby on RailsAugust 10th, 2006 A serious security concern in Ruby on Rails has forced the Rails team to come up with release 1.1.5, without waiting for the scheduled release of 1.2. David from Ruby on Rails team says:
This is a MANDATORY upgrade for anyone not running on a very recent edge (which isn’t affected by this).
WordPress 2.0.2 - Time To Upgrade?March 10th, 2006 WordPress released yet another security release 2.0.2 fixing (yet again) unannounced XSS security bugs. I have not upgraded any of my blogs to 2.x release.
WordPress Patch Update From 1.5.1.2 to 1.5.1.3 Now AvailableJune 30th, 2005 WordPress developers have posted yet another "security" update. Again, as always, you have to delete everything (except wp-content/ and config.php) and re-install from scratch.
If you are using IE, A hacker can take control of your machine: MicrosoftJuly 6th, 2009 SAN JOSE, Calif. — Microsoft Corp.
Microsoft Releases Patch To Fix ActiveX, Media File Flaws And MoreAugust 12th, 2009 Microsoft has released nine patches to fix 19 security vulnerabilities affecting multiple Windows systems. The patches would address multiple critical ActiveX and Windows Media File loop holes that could invite hackers malicious attacks.
Serious Security Vulnerabilities of WordPress 1.5.1.2 and belowJuly 5th, 2005 WordPress is a very popular personal publishing platform aka blogging platform (with a primitive CMS) in use all over the web. There are a number of serious security vulnerabilities in WordPress that may allow an attacker to ultimately run arbitrary code on the vulnerable system.
98.1% Windows PC is Vulnerable According to Latest ResearchDecember 4th, 2008 When every one is progressing towards a better and a secure cyber atmosphere, Windows astoundingly continues their trend and lags behind. If we remember last January's assessments, at least 5% of the PCs were safe from any vulnerabilities.
Apple releases Mac patch for major java vulnerability, fixes 32 issuesJune 17th, 2009 Contrary to the usual beliefs that my Mac is fully secure, we have reported again and again that it isn't exactly the same unless you are one of those self -assured types with eyes closed. The reason Mac community hasn't been affected is because of the strange aloofness of Black Hat groupies to exploit its vulnerabilities rather than pampering it.
mod_rewrite Not Working in .htaccess - SolutionJuly 10th, 2006 I faced a hair-tearing problem. mod_rewrite was loaded and yet it was not working in .htaccess files (and httpd.conf initially).
Fighting With Linux Server SetupJuly 7th, 2006 Finally my (unmanaged dedicated) server has been deployed (under 48 hours). Now my actual work begins.
Comment Below | 
Email this Article
Loading ...
March 29th, 2009 at 2:46 am
They’re basically the same thing. They provide a considerable level of protection against various kinds of attacks, buffer overflow attacks being on top of the list.
Beyond the default protection measures, it also enables you to easily block custom functions, which you see exploitable, via its configuration file.
As I’ve read lately, it also offers some level of protection for SQL functions (which is experimental at the point), but I’m not quite familiar with that aspect.
The main difference between the Hardened-PHP and Suhosin is that Suhosin is binary compaible with the default PHP executable.
So, as long as you go with Suhosin instead of Hardened-PHP (which may cause problems in some cases, like when you use a PHP accelerator, due to its incompatibility in binary level) you probably won’t even notice any difference.
By the way, if you work on a GNU/Linux distro like Debian or Ubuntu, you probably already have the Suhosin patch installed by default. In that case, all you need to do is to install the extension that enables the extra security measures, which by the way enable you to tweak with the specific security measures beyond the default protection.