5:33 Play Subscribe with or Intro song by Falseta

Episode #280 - June 12th, 2012

2df14bd29ca441a9d4656f0abae2e0ab.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Gregg Pollack 9c5541e591a62dd93a2fd2d45b5732dd.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Olivier Lacan

Don't get LeakedIn, secure your routes, use your Savon, catch a Tokaido, put your models in a Display Case, and join the Ruby Study Hall.

Subscribe to our mailing list!

This episode is sponsored by Code School. Learn by doing with our interactive Courses and weekly CodeTV screencasts for just $25/month.

  • Code School
  • Insecure Passwords
  • Rails Security
  • Savon 1.0
  • Tokaido Update
  • Display Case
  • Ruby Study Hall
  • Ruby5

Insecure Passwords Jump to Story

It’s been a bad week for passwords. LinkedIn, eHarmony, and a bunch of other major sites have been caught with their pants down over the last few months by hackers who exploited some rookie mistakes Many of these breaches were due to password either stored in plain text or not salted when they were hashed. Richard Schneeman from Heroku goes over the basic solutions to increase password security in a Rails app in a great blog post he published a few days ago. He shows how a simple solution like Devise can allow you to turn a database full of unhashed & unsalted passwords into a secure one gradually and without asking users to reset them. Instead of forcing users to change their passwords all at once, he simply waits until a user signs in, checks if they have a legacy insecure password and proceeds to convert their password to the new secure storage offered by Devise.

September 16th, 2014

This episode covers an open source admin framework, the Rails protect from forgery method, fast testing, and a new reactive framework.

September 12th, 2014

@rubystrings, Global Day of Coderetreat 2014, Asynchronous Integration Tests With Capybara, nice rake tasks, and module prepend in rails 5

September 9th, 2014

This episode covers RSpec 3.1, unifying multiple analytics services with Rack::Tracker, new features in Rails 4.2, the Fearless Rails Deployment book, a spike for thoughts about Rack 2.0 with The_Metal and RubyConf Portugal.

September 5th, 2014

Reading Rails talks TimeWithZone, descriptive_statistics, new gems in Rails 4.2, Paperdragon, and using Ruby's English operators all in this episode of the Ruby5 podcast!