Security is an onion. The more layers the better the protection. This blog post talks about the layer that deals with inspecting and filtering user input and disengaging harmful html output. Of course there are many other layers like secure transport (https), secure passwords, securing the web server, the database server, the PHP runtime, the file system and the operating system.

As iPhone apps push out their updates to be compatible with the new iOS 4, most are focusing on adding simple fast app switching capabilities. Many are also giving their apps a quick new coat of polish to make them look a bit nicer on the new Retina display found on the iPhone 4. The location-based service Gowalla is focusing heavily on the latter.

Version 2.2 of Gowalla, which just went live in the App Store, is the first version of the app that is iOS 4 and iPhone 4-compatible. In the update notes, Gowalla, which has always been more design-oriented compared to its competitors, remarks on their excitement for the new Retina display:

The beautiful Gowalla experience you’ve come to love has been pixel-polished for the iPhone 4′s new (unbelievable) Retina Display. This is just the first step, though. We’ll be updating Stamps, Pins, and items regularly behind-the-scenes until every bit of Gowalla truly shines. If you’re using the iPhone 4, we think you’ll be amazed. If you are using a previous iPhone or iPod Touch, though, you’ll still see the same lovely Gowalla you expect.

There is no question that Gowalla’s iPhone app continues to look much nicer than the one made by main rival Foursquare. With the Retina display, Gowalla is clearly going to try to widen that gap, hoping it will help differentiate their app. But so far, the beauty advantage hasn’t helped much. After their showdown at SXSW in March (which was a pretty even fight), Foursquare appears to be growing more quickly (they did a million check-ins on July 3) and now has more funding ($21 million versus just over $10 million for Gowalla).

Something else interesting in the notes of the new Gowalla app is that they say they’ve “made improvements to how Gowalla handles location.” This doesn’t appear to have anything to do with background location (at least not in the same way that Loopt is currently using it), but we’ve reached out to Gowalla to try to clarify that.

One thing definitely fixed is the location issues Gowalla was having with users who updated to iOS 4. Gowalla apologized for those issues, which, in some cases, forced users to open the Maps app before Gowalla to make sure location was working).

This latest version also makes it easier for new users to sign up for Gowalla right from the app. Notably, you can now pre-populate much of the data to need to fill out by selecting your entry card in your iPhone address book — it’s a nice, simple touch.

You can find version 2.2 of Gowalla here. It’s a free download.

Why do people complaining that they can’t do agile development with 50 crap developers not see that the problem is in the second part of that statement, not the first? I got an e-mail last week that shows the point perfectly: "We discussed whether an agile approach is right, and I concluded that not everyone can work that way. " Quite true. I find it self-evident that not everyone can do software development, agile or any other way.

We've gathered up 10 awesome CSS3 techniques, elements and demos that you'll want to start using, and can start using today.

Slides and source code from my Gradle talk, Javarsovia 2010. Enjoy!

A directory of open source and commercial functional software testing tools with additional reviews and resources.

I [Søren Glasius] have started to experiment with GAELYK, and since I'm using IntelliJ IDEA as my development tool, I have spend some time getting it running here.

Finding a cab, especially during peak travel times or in less-traveled areas, can be an incredibly frustrating task. But car services are often much more expensive than the average cab ride. Enter UberCab, a new service that offers an on-demand car service via an iPhone app or SMS.

After signing up for an UberCab account and downloading the free iPhone app, can then you can then set your location and request a car service from the application. The app will determine your location and you can set your exact pickup location. UberCab will then send your request to their network of drivers who happen to be in the area.

The driver will accept your request and you can then input your end location. The driver will alert you when arriving, and once you entire the car, you hit begin trip on your app to begin your fare. The driver also has a connecting app, which he will use to input the end of the trip. At the end of the trip, your pre-set credit card that you input when you set up your account will be charged and you won’t have to dole out any cash.

Of course, convenience has a price. You may pay any where from one and a half to two times the price of a cab fare (but two times less than a traditional car service fee). But you are receiving better service, a nice black limo and an on-demand solution.

UberCab calculates the cost of your trip based on milage and time in the car, similar to the way other limo companies calculate fares. However, the startup says you are able to get better fares because its drivers perceive these on-demand trips as extra money in addition to their regular full-priced trips to and from the airport. Interestingly, UberCab asks that both passengers and drivers rate each other, Yelp-style. This helps UberCab ensure that passengers and driver are using the system properly.

Unfortunately, UberCab is only available in San Francisco (although UberCab’s site says it will also be beta tested in Chicago). That being said, if UberCab were in the city that I live in, Id probably use it. I’d definitely be willing to pay a little extra to ride in a nice car with the convenience of door to door service. And initial reviews from local San Francisco users on Twitter seem fairly positive.

UberCab as a technology will compete with Cabulous, which displays cabs in your area, tracking them in real time, and TaxiMagic.

UberCab Demo from UberCab on Vimeo.

It’s been a busy week for the GWT team. We released an updated GWT Gadgets library, GWT 2.0.4, and to cap things off pushed the second milestone release of GWT 2.1 today. In this milestone we simplified the process of configuring a RequestFactory, made record creation within a RequestFactory more extensible, and properly moved ourselves out of bikeshed. A full list of features and fixes can be found here.

Somewhere in between full blogging platforms like WordPress and the 140-character limit of Twitter, true microblogging sites like Tumblr and Posterous are taking off. I call these true microblogging sites because they are designed for quick hits but can support photos, themes, and other more blog-like features. Tumblr has been around longer and is getting quite big (23 million monthly unique global visitors, according to Quantcast) , but the younger Posterous is also seeing some decent growth.

According to Quantcast, Posterous has 5.3 million monthly unique global visitors, with 2.2 million in the U.S. (Both Posterous and Tumblr are directly measured by Quantcast). If you look at the Quantcast chart above, you can see the different growth spurts Posterous has gone through. The first year after its launch in June, 2008, it’s growth was pretty gradual. But then, almost a year ago, it introduced an iPhone app which allows users to post their photos and thoughts directly to their Posterous blogs. One of the main uses of Posterous is to share photos with some commentary.

Then earlier this year it started integrating more tightly with Twitter through its Post.ly service, and kept steadily adding new features throughout the year.

Currently the company is trying to fuel growth through a switching campaign targeted at 15 competing services such as Ning and Twitpic, which is getting it in some hot water.

Even taking the more conservative estimates from comScore, which shows Posterous with only 2.5 million worldwide unique visitors in May, 2010, the site is up 700 percent since comScore started collecting data 11 months prior. It is safe to assume that the annual growth is north of 700 percent. Tumblr, by comparison, is up 174 percent during the same period (off a much larger base of users, which comScore estimates 10.7 million worldwide unques in May, 2010). Both are growing spectacularly because when you lower the barriers to publishing, the posts (and audience) will follow.

Yesterday, users and developers started complaining of missing @replies in Twitter streams. At first Twitter infrastructure engineer John Kalucki wrote in the forum that the mentions timelines were updating with additional latency but the issue should be fixed. However, developers and users continued to not see missing @replies on the network.

Twitter just confirmed that @ replies have disappeared from some timelines for no apparent reason and are currently working on a fix for the problem. According to the recent post: Some users are experiencing an issue in which they’re not receiving all of their @ replies; we’re working on a fix.

It’s unclear what the cause of the issue is but Twitter has been experiencing major downtime due to increased traffic from The World Cup. However, it seems that @replies started to go missing yesterday, a day which didn’t include any major World Cup games. Last week, the network even slashed its API rate, taking the default limit from 350 and cutting it to 175 for third party developers. And the network just rescheduled its ‘oAuthcalypse’ thanks to the downtime.

Note: A reader sent us this interesting take on Steam and DRM, but requested to stay anonymous due to the nature of the article. We of course obliged.

Up until a few weeks ago, the last PC game I purchased and didn’t pirate was Team Fortress 2 via the digital download service, Steam. The last PC game I purchased in a retail box was Half Life 2. Yet like many, I’ve still managed to play every PC hit over the last decade. I simply couldn’t justify spending $50 on a game when pirating offers so many real benefits verses owning a legit copy.

Part of my motivation was that it’s just so damn easy to pirate a game. It’s like three clicks of the mouse to download a torrent and even less on Usernet. The files download as fast as my cable modem allows and I have the full game with simple cracking instructions a few minutes later. Why in the world would I want to drive to a store and give them $50 for the same thing?

Firefox is one of the most popular browsers in the world. The secret behind this popularity is thousands of small apps available with firefox which is also free. In this article you will see the best addons for SEO professionals, Web developers and Web masters.

This post describes my opinion about Wicket framework. .... It’s not that I hate Wicket, but there are some features that I don’t like:

This is the second part in a series of blog posts (read part I) giving some practical examples of lambdas, how functional programming in Java could look like and how lambdas could affect some of the well known libraries in Java land. This part focusses on general functional programming techniques, which will be available through the addition of lambdas. Functional programming (although I still wouldn't consider Java a functional programming language) will make Java code more concise, more expressive and more readable in certain kinds of problem situations.

When Opera Software last week released the final version of its Opera browser (version 10.60), it titled its press release ‘What is faster than the fastest?’.

The company touts other features, like built-in geolocation and webM support, as well but not nearly as much as it boasts about its browser’s speed. By doing so, the software maker aims to challenge claims that Google’s Chrome browser is, in fact, speedier than Opera and other popular browsers such as Firefox, Safari and IE.

In the midst of the browser wars, an Opera-employed copywriter has now turned to one of the most over-used but still amusing Internet memes, and has come up with some custom subtitles for the famous Hitler outburst scene from the film ‘Der Untergang’ (via Download Squad).

Some choice – fake – quotes:

“You idiot! Nobody uses developer builds!”

“You call yourself developers because you spent years in university, where you only learned to make Youtube (sic) videos and Pac Man (sic) games!”

“We have 20,000 employees and run half the Internet and we’ve made a browser that looks like a Fisher-Price toy!”

For the record, Lifehacker ran some speed tests on both the Windows and Mac platforms, and concluded that Chrome and Safari still beat Opera’s latest on the latter OS, while the latest stable version of Chrome also beat Opera 10.60 on Windows.

Furthermore, DailyTech tested Opera 10.6 against the upcoming Internet Explorer 9, and while they concluded that the browser outranked it in all 3 benchmarks, the Opera browser only came out on top in one of them, with Chrome beating them in the two other ones.

Ah well, as long as they all keep getting faster and we get to have some laughs from time to time, all is well in the world despite all this virtual warfare.

I guess it was only a matter of time before this happened. Earlier today, 4Chan, everybody’s favorite community of e-degenerates, broke into YouTube using a vulnerability in the website’s commenting system that allowed hackers to execute HTML code through comments, something that was supposed to be restricted.

Pimentel did a great job introducing the coaching concepts and its essence. He started his presentation with a little joke, asking people to close their eyes and try thinking positively to make a paper in their laps levitate. Nothing happened. Why? Because of the lack of action, he explained. The message here, is that the same happens with us in real life, when we want something to happen, but do not take action to make it actually happen. The essence of coaching according to him is to help people discover the right actions to take and then act in order to achieve their goals...

There are some times when I feel that GWT’s programming style is too verbose to be really productive. Read on to see how you can stop writing certain categories of boilerplate code involved in GWT projects.

Java remains the most popular programming language. At least that's the case if you follow the latest TIOBE index results which show Java remaining at the top spot. The latest chart is a big indication of the popularity of mobile app development, and the trends that have surrounded this branch of software over the last few months.