If you’re like me, you’ve often found yourself needing to change a setting, or view some information, buried deep inside a .ear or .war or .sar file. Well, you probably know that emacs can handle looking inside and editing files within a .tar or .jar file. Since .ear and .war files are just […]
I worry that ATG has mis-focused it’s energy.
In the last few years, ATG has introduced (or purchased) a number of new products which sit on the existing stack. Ticketing Features, Search, Merchandising, Campaign Optimizer, Knowledge, Self Service, Response Management, Commerce Service Center, Outreach, and Customer Intelligence). I haven’t had a chance to play with all of them yet. I’m sure they’re all very neat. I’m more sure that they help sell license dollars to marketing and business people.
I’m not trying to undercut the value in that. I see it. I totally think ATG should be expanding their offering, meeting customer needs, making money, etc… What bothers me is that if you look at the same time period which all of those new product were introduced, you’d see almost no changes or enhancements to the underlying product stack, what they now call the ATG Adaptive Scenario Engine (or ASE) which consists of DAS (ATG Dynamo Application Server) or DAF (Dynamo Application Framework), DPS (Dynamo Personalization Server), and DSS (Dynamo Scenario Server). Sure, there are some bug fixes, a little feature here and there (like adding forgot password support in 2006.3). But nothing significant. The programmers guides for ATG 7.0, 7.1, 2006.3, and 2007.1 look REALLY similar.
I run Debian on my server, and I often find that my server is being attacked by other computers. Brute force SSH attacks, viruses scanning for the ability to spread, things like that. I’ll go into the SSH brute force defenses in a later post, but for now I’ll cover how to easily […]
World-facing websites always have to be written carefully in order to prevent malicious attacks. There are tons of additional vulnerabilities and attack vectors which need to be addressed as well, but in this post I’m going to talk about the two most common: Cross Site Scripting (XSS) and SQL Injection.
If you already know what these are, feel free to skip down a bit to the section where I talk about where ATG Dynamo helps and where there are still some gaps.
It is an attack against your users, not your servers.