First up this week, a white paper or report or ... I have no idea what these things should be called any more ... maybe a "glorified press release"? Whatever. Let's call it "a study" from Checkmarx, a company that specializes in automated security code review, titled "The Security State of WordPress' top 50 Plugins."
Yep, Checkmarx's conclusions are as depressing as you might have guessed: "20% of the 50 most popular WordPress plugins and 7 out of the top 10 most popular e-commerce plugins are vulnerable to common Web attacks. This amounts to nearly 8 million downloads of vulnerable plugins. Namely, these plugins are vulnerable to: SQL Injection (SQLi), Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and Path Traversal (PT)."
So, the bottom line of the study: Be very careful of your WordPress plugins ... oh, and use Checkmarx to check your code.
While we're talking about protection, how about protection from the dangers of cellphone radiation? I recently talked to a company named Bodywell that sells a product called the Bodywell Chip which, they claim:
"... is a revolutionary new approach to reducing exposure to cell phone radiation. Place the chip anywhere on your phone to lower radiation exposure without interfering with your cell phone's signal."
[ SPEAKING OF CELLPHONE RADIATION:Why you shouldn't hold a pickle to your ear either]
Bodywell's PR people (who shall remain nameless) waxed lyrical in their pitch: "The culprit. Our body cells use carefully balanced frequencies to store and transfer the information needed to function. These fields are easily disrupted by information from sources such as cellphones with incorrect or harmful frequency oscillations ... We discovered that certain minerals and metals contain natural frequencies that can be calibrated to 'counter' the cellphone's frequencies, lowering the radiation absorption for users ..."
The chip is not really a "chip," as such, but rather a plastic patch with what appears to be some embedded circuitry.
I've run the concept past several electrical engineers and physicists and, to a wo/man, they all snickered and, to cut to the chase, declared that the product sounded like nonsense.
Said one physicist: "Frequencies of what? Vibration? Rotation? Blood circulation? Oh ... you mean EM radiation frequencies? Great! Which exact frequencies does our body use? Describe how you 'balance' more than one frequency. Hell ... describe how you balance one frequency. Are there more frequencies than angels which can dance on the head of a pin?"
Another techie friend commented, "Ask them if it will also stop or reduce the CIA signals that control the voices in my head. I'm having a hard time with my tin foil headdress as the days grow warmer."
Even so, Bodywell spins a good yarn and it's true that there are concerns about cellphone radiation. As the Environmental Working Group explains:
"Studies conducted by numerous scientific teams in several nations have raised troubling questions about possible associations between heavy cell phone use and serious health dangers. The World Health Organization has declared that cell phone radiation may be linked to brain cancer. Ten studies connect cell phone radiation to diminished sperm count and sperm damage. Others raise health concerns such as altered brain metabolism, sleep disturbance and behavioral changes in children."
The article continues:
"These studies are not definitive. Much more research is needed. But they raise serious questions that cast doubt on the adequacy of the FCC rules to safeguard public health. The FCC emissions cap allows 20 times more radiation to reach the head than the body as a whole, does not account for risks to children's developing brains and smaller bodies and considers only short-term cell phone use, not frequent calling patterns over decades."
When I talked with the spokesman for Bodywell he couldn't explain what was meant by the PR verbiage and argued that the shielding effect isn't understood scientifically, only technologically. He also claimed the measurements conducted by their lab (the results can be found on http://www.bodywellchip.com/research-resources) are real and reproducible. So, if any of you are experts in the world of RF, have the right test gear, and want to take shot at seeing whether the Bodywell chip (priced at $29.99) does what it claims, please get in touch.
Addendum: I just received another similar product, the R2L (Radiation to Light) ... "As seen on TV" (for only $19.99), billed as "a new gadget that uses technology to convert cell phone radiation into harmless light."
The pitch continued: "The R2L is a microprocessor that reduces cell phone and smart phone radiation by converting it into electricity, then discharging the electricity as light. You are exposed to less cell phone radiation, and you can see the light that discharged."
Hummm. "By attaching an R2L to the back of your cell phone, smartphone or case, you can reduce your exposure to radiation by as much as 70% without holding the phone away from your ear as directed in most cell phone manuals ... The R2L was tested in accordance with FCC approved SAR, Specific Absorption of Radiation, testing methods and does not affect call quality or clarity."
I got my sweaty hands on a sample and stuck it, as suggested, on the back of my iPhone 4 where the R2L's glue-laden back attached itself like a limpet from hell. So far, I have seen no light discharges. I leave conclusions about the efficacy of the R2L as an exercise for the reader.
Gibbs has been tested in Ventura, Calif. Your conclusions to firstname.lastname@example.org and follow him on Twitter and App.net (@quistuipater) and on Facebook (quistuipater).
Read more about anti-malware in Network World's Anti-malware section.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.