So, basically....
...this article is slamming Rails for being vulnerable, even though the issue itself was patched (rightly) months ago.
I'd prefer a much more open attitude to the article acknowledging that there are many other web frameworks/languages with KNOWN vulnerabilities, which have gone unpatched for far longer than 6 months. For example - how many insecure PHP servers are there out there which have already been subsumed into a botnet? Attacking Rails, and Ruby by extension, for this is plain wrong.