This month I have so many security news that I could create a whole newsletter with that topic. And that is not good. Facebook is the latest big one with issues, following the British Airways that is still getting some space. There is also a lot of Gutenberg, of course, but I have condensed all the links on one area (with a WordPress section now), so you can read about other topics too.
And I have also a request for you, my readers. I need your help. If you appreciate the newsletter and the content, please share the website with your friends, people at work, social network, everywhere! I know you are busy (and that is why you like to read this of course) but it will be a huge difference for me and the future of this project. Thank you!
EU approves controversial Copyright Directive
Another of those Directive made from people that do not understand at all how Internet works. Bad news for everyone, even for them.
Pirate Forms Is Now WPForms
Pirate Forms has been acquired by WPForms. Another big purchase from the WPForms team (they purchased the email SMTP plugin not that long ago). Here they are taking some competitors.
themeisle.com
Inbox, Google´s playground for email innovation, is going bye-bye
Four years ago, Google took a fresh look at email. With Gmail looking more and more like Inbox, it seems that Inbox will disappear soon.
www.fastcompany.com
Because It Can: Cloudflare´s Mission
Cloudflare has made another huge move on the Internet market. They have announced CloudFlare Registar. They are offering domains at cost price. No direct benefit from them they said and you get them integrated with the whole Cloudflare technology really easy. It is a great move. I am not sure I would like to have everything on the same place, but the savings are going to be important if you have a lot of domains.
shift.newco.co
Selective DeGutenberging
As always these days, there are so many links about Gutenberg that I need to put them together in one big text area. The next version was going to be 4.9.9, with updates for php7.3 and Gutenberg. And I say it was because they have changed their mind and there won´t be a 4.9.9. Next one will be 5.0. We have read this month some people talking about how Gutenberg is failing, but soon the message has changed and now you can read more about “this is happening, better get ready for it”. You can use this code to select where to use Gutenberg. Yoast launched a new version ready for Gutenberg, Genesis wrote about it on their blog, WordPress.com starts to roll out Gutenberg to their users too, ACF released their Gutenberg updated version. And today, before I was able to close this post, they put some dates on the official blog: 22 of November or 22 of January 2019. So be ready! Gutenberg is coming!
wptavern.com
RevAMP
Google´s Accelerated Mobile Project (AMP) has announced it´s moving to a more open governance model, (on their wordpress.com blog). Ethan talks about this on a great post. We know AMP is not the best solution, there are some people that hate it, and they have their reasons, also you can read on how Google Cheats with AMP performance, but it is also true that some people love it and that they are getting traffic from it.
ethanmarcotte.com
A new CSS-based web attack will crash and restart your iPhone
A security researcher has found a new way to crash and restart any iPhone with just a few lines of code. Sabri Haddouche tweeted a proof-of-concept webpage with just 15 lines of code which, if visited, will crash and restart an iPhone or iPad. Nothing really important but interesting to see.
social.techcrunch.com
The British Airways Breach: How Magecart Claimed 380,000 Victims
RiskIQ data shows Magecart was behind the British Airways mobile skimming breach by compromising javascript on the airline´s website with an extremely targeted attack.
Why you don’t need an RFID blocking wallet
A interesting point of view on the RFID wallets and the risks. I must say that last week I saw a guy paying double on the bus because he put his back (with the wallet) too close to the ticket validation machine. I can imagine someone doing the same with a portable device, but this post gives you another perspective on why this is not happening.
www.csoonline.com
How I used a simple Google query to mine passwords from dozens of public Trello boards
Most of the times, humans are the most dangerous thing on your company, and you cannot upgrade them (yet;). This post explains how to get credentials from individuals and company with Google and Trello. Personal note: Please do not use public places to share credentials and install a Password Manager today!
Reminder: Popular Browsers To Distrust Symantec SSL/TLS Certificates Starting In October
It is happening now. A lot of old certificates are not valid now. Make sure you check your website and update your certificate.
www.wordfence.com
Outdated Duplicator Plugin RCE Abused
The WordPress Duplicator Plugin had a vulnerability that has been used this month to hack a lot of sites. If you have used this plugin, please read the post and update the plugin asap.
blog.sucuri.net
Facebook says nearly 50m users compromised in huge security breach
Attack gave hackers ability to take over accounts in what is believed to be largest breach in Facebook´s history. Just the news here.
Mac Mojave Zero-Day Allows Malicious Apps to Access Sensitive Info
Update your Macs as soon as you can. Do not wait until tomorrow.
threatpost.com
Is WordPress Secure? Here’s What the Data Says
Is WordPress secure? Read this post for a data-backed look at how WordPress sites get hacked, and whether or not WordPress is actually secure.
kinsta.com
Revealed: Human Error, Not Hackers, to Blame for Vast Majority of Data Breaches
Nothing new. The human error is the most common problem. They made an study to discover this, so I linked it here, but I am sure you are not surprised.
www.cbronline.com
How much time do you spend updating your WordPress?
Sure that not enough, because it is not your job to do that. You have better things to do for your businesses, but a website needs to be updated and supported. So you could try WPHercules: a maintenance service for WordPress businesses. Service WordPress
wpherc.com
Is the lean startup dead?
Nice post from Steve Blank. I do not agree at 100% with it or with his conclusions, but it is an interesting point of view about how the Startup World has changed over the past few years.
We Spent $3.3M Buying Out Investors: Why and How We Did It
Last month, Buffer spent $3.3 million to buy out our main venture capital (VC) investors. On the August Issue I shared another similar story where founders use their money to buy their freedom. I love to hear more and more about this. A really interesting post that explains why and how they did it.
open.buffer.com
So, I Hired my Mum
Stacey hired her mum to work with her on their SEO. I am not sure that would be the right move for everyone…
www.staceymacnaught.co.uk
How to Impress and Score Your Next Freelance Writing Client
Nice write up with some good advice on how to reach more clients and get the contract at the end.
www.copyblogger.com
Create your design system, part 6: Buttons
A series of post (6) that guide you through the process of creating a design system for yourself, your business, or maybe a client. Part 1 about Typography is here.
Flexbox: How Big Is That Flexible Box?
A post explaining the often confusing issue of sizing in Flexbox. How does Flexbox decide how big things should be?
www.smashingmagazine.com
Take A New Look At CSS Shapes
CSS shapes are amazing. For me, not a designer, is like magic. 🙂 For any designer out there, this is a nice post that explains how to create non-rectangular shapes using images, gradients, and basic shapes.
www.smashingmagazine.com
What is Modular CSS?
“Modular CSS is a collection of principles for writing code that is “performant” and maintainable at scale.” His words. Click to learn more about it.
spaceninja.com
The Font Loading Checklist
A great checklist valid for both developers, designers and anyone that is interested on using the nice fonts available without compromising the performance of the whole website because of it.
www.zachleat.com
What´s New in PHP 7.3 (Coming Soon)
PHP 7.3 is coming soon (December maybe?). Good in-depth overview of features, deprecations and bug fixes that come with it.
kinsta.com
The definitive Node.js handbook
Learning Node.js. Then this is something you need to read and bookmark for sure. Note from the author: you can get a PDF, ePub, or Mobi version of this handbook for easier reference, or for reading on your Kindle or tablet.
WordPress Coding Standards 1.1.0 Released
The WordPress Coding Standards version 1.1.0 has been released on GitHub. This release includes more stringent function call formatting checks which are explained in the handbook.
wptavern.com
Tech notes: Parsing dates in JavaScript – Oikos
If you have tried to develop and work with dates, databases, and any kind of javascript interaction, I am sure that you have been frustrated a lot during the process. Browser support for dates is horribly inconsistent. If you have a MySQL-formatted date, JS may not like it in some browsers. You might find handy this link (also on the post) that show the Browser compatibility and behaviour. Also you can read this other post on how to store the data on your DB.
oikos.digital
Startup Logo Builder – Launchaco
Launchaco is an online tool that helps you to create a basic logo so you can start easy and cheap. This is of course not a solution for a proper business, but it is great to validate an idea and have something to use as soon as possible.
launchaco.com
Gallery of free HTML/CSS landing pages for startups
This guy is building pure html/css landing pages for startups. For now you have 4 and they look nice, but he is planning to add 30.
www.indiehackers.com
If Not Now…When?
Great local blog post. Rhys explains how he had made the decision to jump and decided to start his Freelance live. It is a short but great reading and maybe you can be inspired…
www.rhyswynne.co.uk
The Icebox is where stories go to die
“The Icebox is the backlog of things that you aren’t going to work on any time soon but you don’t want to get rid of because you’re afraid you might want them in future…”
robots.thoughtbot.com
What comics can teach us about ourselves
“To read a comic is to engage in play, problem solving and self discovery.”
theconversation.com
The Deaf World May Await, But It’s Not Silent | By Ahmed Khalifa
When the life you are used to is changing, but you don’t know where it’s going, it doesn’t mean that you have to be quiet about it.
heropress.com
600+ Startups hiring Remotely in 2018 – by Remotive.io
This month we do not have any sponsored jobs, so I am posting this link instead. This is, like the title says, a list of startups that are hiring Remotely in 2018. Found it on Twitter and I think it will be useful to have.
by Remotive.io
HTTP what? : I drew what HTTP is & how HTTP1.x and HTTP2 are different✨
(tweetzine, drawsplainer, codedoodles…I don't know what to call it) pic.twitter.com/NEhqlT9rdR
— Mariko Kosaka (@kosamari) May 4, 2017
