Since the beginning of our small hacking competition, the http://hackme.compojoom.com page got around 200 comments all trying to inject malicious code and eventually win some cash and one of the 5 salvusalerting subscriptions that we are offering. Unfortunately 6 of the comments made what they intended - they managed to exploit several XSS holes and found a LFI vulnerability. Those problems were all found from Jeff Channell and right now here is going to get 200€ and 1 salvus subscription :).

The JomSocial plugin for CompojoomComment was updated to version 1.0.4. If you encounter problems with JomSocial 1.8 as described here please upgrade.

The idea

Last week I had a client that had his site hacked. The usual story – outdated Joomla version and outdated extensions… The work that I invested on that website fixing the damage that the cracker did was tough. It made me realize that I prefer to prevent possible cracker attacks, than to spend hours repairing the broken pieces left.

Security is important

At Compojoom we invest a lot of time writing secure software, but we also are well aware of the fact that we don’t know everything. We want to make sure that CompojoomComment is as secure as possible, that is why we are starting this small hacking competition. pus

We were working for a customer that has a highly visited website (50 000+ users/day). As you can imagine the joomla cache is your friend in such situations. However if you are using a template that generates a different view for users coming from a mobile device, then your worst dream may come true :). We were faced with a situation where a desktop user gets the mobile version of the page and the mobile user gets the desktop version. Why does this happen?

Actually I was not planing to implement this in the upcoming release, but hell yea I did it :) Here you can see 2 screenshots:

As you most probably know we took over the Hotspots component. It is true that we are putting a lot of work into it, but be assured that we are not neglecting CompojoomComment! In this blog post I would like to show some of the things we are working on right now.

Have you ever heard of Hotspots? It's an awesome google maps marker manager for Joomla. This extension was developed by Yves Hoppe from lunajoom.de . Unfortunately as it happens with a lot of extensions out there the developer doesn't have to time to develop and support the extension.

There it is! The new stable version of compojoomComment.

I know that some of you are waiting impatiently for it. Why? Well, because it doesn't only bring the option to use jomSocial's avatars, but also jomSocial's User Point and Activity stream. Did I say, that with this version you are now going to be able to use compojoomComment as a wall application in your profile?

It is a sad day for Germany (we lost again Serbia at the World cup today), but it should be a happy day for some of you :). I just finished integrating our beloved CompojoomComment with JomSocial.

Despite the minor change in the release number (from 4.1.2 to 4.1.3) this update has a lot of bugfixes and updates.