Ruby on Rails          Innovation and SecurityTillmann Bielefeld   1
In 20012 Rails - Innovation and Security
"01a4" != "001a4"                    "01e4" == "001e4"I started hacking3 Rails - Innovation and Security
"01a4" != "001a4"                    "01e4" == "001e4"                "01e4" == "10000"I started hacking3 Rails - Innovati...
4 Rails - Innovation and Security
2006 - 20085 Rails - Innovation and Security
Too many...6 Rails - Innovation and Security
Layers7 Rails - Innovation and Security
Discussions8 Rails - Innovation and Security
Stack Traces9 Rails - Innovation and Security
!     at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:192) [jetty-server-8.1.5.v20120716.ja...
$ irb   > a   ruby-1.9.3-p0 :045 >   a   NameError: undefined local variable or method `a for main:Object   ruby-1.9.3-p0 ...
$ irb   > a   ruby-1.9.3-p0 :045 >   a   NameError: undefined local variable or method `a for main:Object   ruby-1.9.3-p0 ...
200411 Rails - Innovation and Security
page.replace_html(tasks,                     Task.completed_count)   page.visual_effect(:highlight,                      t...
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   	  	  has_and_belongs_to_many	  :clients   end   cla...
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   	  	  has_and_belongs_to_many	  :clients   end   cla...
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   	  	  has_and_belongs_to_many	  :clients   end   cla...
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   	  	  has_and_belongs_to_many	  :clients   endMetapr...
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   	  	  has_and_belongs_to_many	  :clients   end   Rol...
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   	  	  has_and_belongs_to_many	  :clients   end   Rol...
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   	  	  has_and_belongs_to_many	  :clients   end   Rol...
2008                                 , Kiel15 Rails - Innovation and Security
200916 Rails - Innovation and Security
201317 Rails - Innovation and Security
Innovation18 Rails - Innovation and Security
Packet Management19 Rails - Innovation and Security
$	  gem	  install	  rails              $	  rails	  server20 Rails - Innovation and Security
source	  "http://rubygems.org"                                gem	  "json"                                gem	  "rails" Ge...
en_EN.ymli18n22 Rails - Innovation and Security
launch.slogan1 en_EN.ymli18n22 Rails - Innovation and Security
i18n_viz Gem23 Rails - Innovation and Security
$	  cap	  deploy                                     <code>Capistrano Deployment24 Rails - Innovation and Security
$	  cap	  deploy                                     <code> $	  cap	  staging	  deploy                stagingCapistrano De...
$	  cap	  deploy                                     <code> $	  cap	  staging	  deploy                staging $	  cap	  pr...
$	  cap	  deploy:migrations                                     v1	  -­‐>	  v2Capistrano Deployment25 Rails - Innovation a...
$	  cap	  deploy:migrations                                                  v1	  -­‐>	  v2               current         ...
$	  cap	  deploy:migrations                                                         v1	  -­‐>	  v2                        ...
class	  User	  <	  ActiveRecord::Base	  	  	  	     	  	  devise	  :database_authenticatable,	     	  	  	  	  	  	  	  	 ...
<div	  id=content>   	  	  <div	  class=left	  column>   	  	  	  	  <h2>Welcome	  to	  our	  site!</h2>   	  	  	  	  <p>...
<div	  id=content>   	  	  <div	  class=left	  column>   	  	  	  	  <h2>Welcome	  to	  our	  site!</h2>   	  	  	  	  <p>...
link_to_remote	  "delete",   	  	  :confirm	  =>	  :true   	  	  :url	  =>	  delete_post(post.id)Ajax28 Rails - Innovation...
link_to_remote	  "delete",   	  	  :confirm	  =>	  :true   	  	  :url	  =>	  delete_post(post.id)   unobstrusive   <a	  hr...
Admin Interfaces29 Rails - Innovation and Security
def	  index	    	   fancygrid_for	  :users	  do	  |g|  	   	   g.attributes	  :id,	  :username,	  :email	    	   	   g.aja...
RESTful APIs31 Rails - Innovation and Security
Security32 Rails - Innovation and Security
SQL Injection?33 Rails - Innovation and Security
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   end   User.find_by_name(   	  	  	  	  "Robert);	  D...
class	  Role	  <	  ActiveRecord::Base   	  	  attr_accessor	  :name   end   User.find_by_name(   	  	  	  	  "Robert);	  D...
<script	  language="javascript">  document.write("<script	  src=malware.js></script>");  </script>Cross Site Scripting35 R...
Cross Site Request Forgery36 Rails - Innovation and Security
- RSpec   - Jenkins   - MinitestAutomated Tests37 Rails - Innovation and Security
Quality Assurance38 Rails - Innovation and Security
$	  cd	  my_rails_app   $	  gem	  install	  brakeman   $	  brakeman	  -­‐o	  report.htmlbrakeman39 Rails - Innovation and ...
Fast Patching40 Rails - Innovation and Security
User.find_by_id(   {:select	  =>"*	  from	  users	  limit	  1	  -­‐-­‐"})   SELECT	  *	  from	  users	  limit	  1	  -­‐-­‐...
Email from Heroku42 Rails - Innovation and Security
This	                                       Morning!Email from Heroku42 Rails - Innovation and Security
The Community43 Rails - Innovation and Security
Number               of       Developers                    Low              HighProgramming Experience44 Rails - Innovati...
Number        ofDevelopers             Low                     HighProgrammers45 Rails - Innovation and Security
Number        ofDevelopers             Low                     HighPHP46 Rails - Innovation and Security
Number        ofDevelopers                                     Entry Barriers?!             Low                           ...
• Strong communityAsking Developers48 Rails - Innovation and Security
• Strong community          • Simple magic          • Eats resources          • Enterprise ready          • Hosting is eit...
MIT	  LicenceOpenness + Connectivity49 Rails - Innovation and Security
•   Longest Stack Trace ever: https://gist.github.com/1078370          •   Burger Picture: Epic Mealtime          •   http...
Upcoming SlideShare
Loading in …5
×

Innovation and Security in Ruby on Rails

343 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
343
On SlideShare
0
From Embeds
0
Number of Embeds
97
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Innovation and Security in Ruby on Rails

  1. 1. Ruby on Rails Innovation and SecurityTillmann Bielefeld 1
  2. 2. In 20012 Rails - Innovation and Security
  3. 3. "01a4" != "001a4" "01e4" == "001e4"I started hacking3 Rails - Innovation and Security
  4. 4. "01a4" != "001a4" "01e4" == "001e4" "01e4" == "10000"I started hacking3 Rails - Innovation and Security
  5. 5. 4 Rails - Innovation and Security
  6. 6. 2006 - 20085 Rails - Innovation and Security
  7. 7. Too many...6 Rails - Innovation and Security
  8. 8. Layers7 Rails - Innovation and Security
  9. 9. Discussions8 Rails - Innovation and Security
  10. 10. Stack Traces9 Rails - Innovation and Security
  11. 11. ! at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:192) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1001) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:149) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:111) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.Server.handle(Server.java:360) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:454) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:890) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:944) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716! at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:630) [jetty-http-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:230) [jetty-http-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:77) [jetty-server-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:622) [jetty-io-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:46) [jetty-io-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:603) [jetty-util-8.1.5.v20120716.jar:8.1.5.v20120716]! at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:538) [jetty-util-8.1.5.v20120716.jar:8.1.5.v20120716]! at java.lang.Thread.run(Thread.java:680) [na:1.6.0_31]Caused by: org.springframework.dao.InvalidDataAccessApiUsageException: [Assertion failed] - this argument is required; it must not be null; nested exception is java.lanfailed] - this argument is required; it must not be null! at org.springframework.orm.jpa.EntityManagerFactoryUtils.convertJpaAccessExceptionIfPossible(EntityManagerFactoryUtils.java:301) ~[spring-orm-3.1.2.RELEASE.jar:3.1! at org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:106) ~[spring-orm-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:58) ~[spring-tx-3.! at org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:213) ~[spring-tx-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:163) ~[spring-tx-3.1.2.RELEASE! at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) ~[spring-aop-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.data.jpa.repository.support.LockModeRepositoryPostProcessor$LockModePopulatingMethodIntercceptor.invoke(LockModeRepositoryPostProcessor.javajpa-1.2.0.M1.jar:na]! at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) ~[spring-aop-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:90) ~[spring-aop-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) ~[spring-aop-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) ~[spring-aop-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at $Proxy44.findByNameStartsWith(Unknown Source) ~[na:na]! ... 46 common frames omittedCaused by: java.lang.IllegalArgumentException: [Assertion failed] - this argument is required; it must not be null! at org.springframework.util.Assert.notNull(Assert.java:112) ~[spring-core-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.util.Assert.notNull(Assert.java:123) ~[spring-core-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.data.jpa.repository.query.ParameterMetadataProvider$ParameterMetadata.prepare(ParameterMetadataProvider.java:156) ~[spring-data-jpa-1.2.0.M1! at org.springframework.data.jpa.repository.query.CriteriaQueryParameterBinder.bind(CriteriaQueryParameterBinder.java:68) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.ParameterBinder.bind(ParameterBinder.java:108) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.PartTreeJpaQuery$CountQueryPreparer.invokeBinding(PartTreeJpaQuery.java:196) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.PartTreeJpaQuery$QueryPreparer.createQuery(PartTreeJpaQuery.java:121) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.PartTreeJpaQuery.doCreateCountQuery(PartTreeJpaQuery.java:82) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.AbstractJpaQuery.createCountQuery(AbstractJpaQuery.java:148) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.JpaQueryExecution$PagedExecution.doExecute(JpaQueryExecution.java:99) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.JpaQueryExecution.execute(JpaQueryExecution.java:55) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.AbstractJpaQuery.doExecute(AbstractJpaQuery.java:95) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.jpa.repository.query.AbstractJpaQuery.execute(AbstractJpaQuery.java:85) ~[spring-data-jpa-1.2.0.M1.jar:na]! at org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.invoke(RepositoryFactorySupport.java:313) ~[spring-data! at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) ~[spring-aop-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110) ~[spring-tx-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) ~[spring-aop-3.1.2.RELEASE.jar:3.1.2.RELEASE]! at org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:155) ~[spring-tx-3.1.2.RELEASEStack Traces! ... 53 common frames omitted 9 Rails - Innovation and Security
  12. 12. $ irb > a ruby-1.9.3-p0 :045 > a NameError: undefined local variable or method `a for main:Object ruby-1.9.3-p0 :046 > b NameError: undefined local variable or method `b for main:Object ruby-1.9.3-p0 :047 > a = b NameError: undefined local variable or method `b for main:Object ruby-1.9.3-p0 :048 > a = a ... ?200410 Rails - Innovation and Security
  13. 13. $ irb > a ruby-1.9.3-p0 :045 > a NameError: undefined local variable or method `a for main:Object ruby-1.9.3-p0 :046 > b NameError: undefined local variable or method `b for main:Object ruby-1.9.3-p0 :047 > a = b NameError: undefined local variable or method `b for main:Object ruby-1.9.3-p0 :048 > a = a ... ? => nil200410 Rails - Innovation and Security
  14. 14. 200411 Rails - Innovation and Security
  15. 15. page.replace_html(tasks, Task.completed_count) page.visual_effect(:highlight, tasks, :duration => 1.0) .rjsRemote Javascript12 Rails - Innovation and Security
  16. 16. class  Role  <  ActiveRecord::Base    attr_accessor  :name    has_and_belongs_to_many  :clients end class  Client  <  ActiveRecord::Base    has_and_belongs_to_many  :roles endActive Record13 Rails - Innovation and Security
  17. 17. class  Role  <  ActiveRecord::Base    attr_accessor  :name    has_and_belongs_to_many  :clients end class  Client  <  ActiveRecord::Base    has_and_belongs_to_many  :roles end client_roles 1 0..* client_id 0..* 1 Client role_id Role nameActive Record13 Rails - Innovation and Security
  18. 18. class  Role  <  ActiveRecord::Base    attr_accessor  :name    has_and_belongs_to_many  :clients end class  Client  <  ActiveRecord::Base    has_and_belongs_to_many  :roles end client_roles 1 0..* client_id 0..* 1 Client role_id Role Magic! nameActive Record13 Rails - Innovation and Security
  19. 19. class  Role  <  ActiveRecord::Base    attr_accessor  :name    has_and_belongs_to_many  :clients endMetaprogramming14 Rails - Innovation and Security
  20. 20. class  Role  <  ActiveRecord::Base    attr_accessor  :name    has_and_belongs_to_many  :clients end Role.find_or_create_by_name("admin")Metaprogramming14 Rails - Innovation and Security
  21. 21. class  Role  <  ActiveRecord::Base    attr_accessor  :name    has_and_belongs_to_many  :clients end Role.find_or_create_by_name("admin") def  method_missing(m,  *args,  &block)      #  magic end  Metaprogramming14 Rails - Innovation and Security
  22. 22. class  Role  <  ActiveRecord::Base    attr_accessor  :name    has_and_belongs_to_many  :clients end Role.find_or_create_by_name("admin") def  method_missing(m,  *args,  &block)      #  magic end   Magic!Metaprogramming14 Rails - Innovation and Security
  23. 23. 2008 , Kiel15 Rails - Innovation and Security
  24. 24. 200916 Rails - Innovation and Security
  25. 25. 201317 Rails - Innovation and Security
  26. 26. Innovation18 Rails - Innovation and Security
  27. 27. Packet Management19 Rails - Innovation and Security
  28. 28. $  gem  install  rails $  rails  server20 Rails - Innovation and Security
  29. 29. source  "http://rubygems.org" gem  "json" gem  "rails" Gemfile gem  "empuxa-­‐deploy" $  bundle  install $  bundle  exec  script/railsDependency Management21 Rails - Innovation and Security
  30. 30. en_EN.ymli18n22 Rails - Innovation and Security
  31. 31. launch.slogan1 en_EN.ymli18n22 Rails - Innovation and Security
  32. 32. i18n_viz Gem23 Rails - Innovation and Security
  33. 33. $  cap  deploy <code>Capistrano Deployment24 Rails - Innovation and Security
  34. 34. $  cap  deploy <code> $  cap  staging  deploy stagingCapistrano Deployment24 Rails - Innovation and Security
  35. 35. $  cap  deploy <code> $  cap  staging  deploy staging $  cap  production  deploy productionCapistrano Deployment24 Rails - Innovation and Security
  36. 36. $  cap  deploy:migrations v1  -­‐>  v2Capistrano Deployment25 Rails - Innovation and Security
  37. 37. $  cap  deploy:migrations v1  -­‐>  v2 current shared releases    20130128231601    20130129231801    20130129161601 currentCapistrano Deployment25 Rails - Innovation and Security
  38. 38. $  cap  deploy:migrations v1  -­‐>  v2 $  cap  deploy  rollback current shared releases    20130128231601    20130129231801 current    20130129161601 currentCapistrano Deployment25 Rails - Innovation and Security
  39. 39. class  User  <  ActiveRecord::Base            devise  :database_authenticatable,                    :registerable,  :recoverable,                    :rememberable,  :trackable,  :validatable endDevise26 Rails - Innovation and Security
  40. 40. <div  id=content>    <div  class=left  column>        <h2>Welcome  to  our  site!</h2>        <p><%=  print_information  %></p>    </div>    <div  class="right  column">Right</div> </div>HAML Views27 Rails - Innovation and Security
  41. 41. <div  id=content>    <div  class=left  column>        <h2>Welcome  to  our  site!</h2>        <p><%=  print_information  %></p>    </div>    <div  class="right  column">Right</div> </div> #content    .left.column        %h2  Welcome  to  our  site!        %p=  print_information    .right.column        RightHAML Views27 Rails - Innovation and Security
  42. 42. link_to_remote  "delete",    :confirm  =>  :true    :url  =>  delete_post(post.id)Ajax28 Rails - Innovation and Security
  43. 43. link_to_remote  "delete",    :confirm  =>  :true    :url  =>  delete_post(post.id) unobstrusive <a  href="/posts/2"  class="delete_post"  data-­‐ confirm="Are  you  sure?"  data-­‐ method="delete"  data-­‐ remote="true"  rel="nofollow">Delete</a>    Ajax28 Rails - Innovation and Security
  44. 44. Admin Interfaces29 Rails - Innovation and Security
  45. 45. def  index     fancygrid_for  :users  do  |g|     g.attributes  :id,  :username,  :email       g.ajax_url  =  users_path     g.find     end   endFrontend Ajax Tables30 Rails - Innovation and Security
  46. 46. RESTful APIs31 Rails - Innovation and Security
  47. 47. Security32 Rails - Innovation and Security
  48. 48. SQL Injection?33 Rails - Innovation and Security
  49. 49. class  Role  <  ActiveRecord::Base    attr_accessor  :name end User.find_by_name(        "Robert);  DROP  TABLE  Students;  -­‐-­‐")SQL Injection. Solved.34 Rails - Innovation and Security
  50. 50. class  Role  <  ActiveRecord::Base    attr_accessor  :name end User.find_by_name(        "Robert);  DROP  TABLE  Students;  -­‐-­‐")SQL Injection. Solved.34 Rails - Innovation and Security
  51. 51. <script  language="javascript"> document.write("<script  src=malware.js></script>"); </script>Cross Site Scripting35 Rails - Innovation and Security
  52. 52. Cross Site Request Forgery36 Rails - Innovation and Security
  53. 53. - RSpec - Jenkins - MinitestAutomated Tests37 Rails - Innovation and Security
  54. 54. Quality Assurance38 Rails - Innovation and Security
  55. 55. $  cd  my_rails_app $  gem  install  brakeman $  brakeman  -­‐o  report.htmlbrakeman39 Rails - Innovation and Security
  56. 56. Fast Patching40 Rails - Innovation and Security
  57. 57. User.find_by_id( {:select  =>"*  from  users  limit  1  -­‐-­‐"}) SELECT  *  from  users  limit  1  -­‐-­‐  FROM  "users"  WHERE   "users"."id"  IS  NULL  LIMIT  1  =>  #<User  id:  1,  all  other  attributesSecurity Leak, Jan 3rd41 Rails - Innovation and Security
  58. 58. Email from Heroku42 Rails - Innovation and Security
  59. 59. This   Morning!Email from Heroku42 Rails - Innovation and Security
  60. 60. The Community43 Rails - Innovation and Security
  61. 61. Number of Developers Low HighProgramming Experience44 Rails - Innovation and Security
  62. 62. Number ofDevelopers Low HighProgrammers45 Rails - Innovation and Security
  63. 63. Number ofDevelopers Low HighPHP46 Rails - Innovation and Security
  64. 64. Number ofDevelopers Entry Barriers?! Low HighRuby47 Rails - Innovation and Security
  65. 65. • Strong communityAsking Developers48 Rails - Innovation and Security
  66. 66. • Strong community • Simple magic • Eats resources • Enterprise ready • Hosting is either hard or expensive • Open + Innovative + SecureAsking Developers48 Rails - Innovation and Security
  67. 67. MIT  LicenceOpenness + Connectivity49 Rails - Innovation and Security
  68. 68. • Longest Stack Trace ever: https://gist.github.com/1078370 • Burger Picture: Epic Mealtime • http://brakemanscanner.org/ • http://www.railshosting.org/ • capistrano.org • http://www.globalnerdy.com/2012/01/28/wat-a-funny- look-at-ruby-and-javascript-oddities/ • http://www.optimum7.com/internet-marketingReferences50 Rails - Innovation and Security

×