[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Seven Deadly Sins

Subject: [ale] Seven Deadly Sins
From: x3 at ChangingLINKS.com (ChangingLINKS.com)
Date: Fri, 13 Jun 2003 00:19:32 -0500

> Too late.  The PHP genie is out of the bottle.  It's FAST, it's EASY,
> and it's suprisingly powerful.  

I agree. With that said, we need to start working on securing PHP (the 
program) instead of scraping it.

I encrypt my data. Is that enough to keep it secure (by itself)?
Probably not. We all know that there are ways to get past encryption.
Bob's logic seems to support simply not writing the data to begin with.
It seems like the majority of hosting companies have PHP running.

Perhaps it is time to have security experts spend more time helping 
programmers correct security flaws. Can I purchase a copy of Bob's book 
(assuming it gives solutions rather than simply pointing out flaws) and send 
it to someone who could use the information to start fixing PHP?
Who would that be? Do they already know the issues? 
Perhaps we could fund some fixes?
-- 
Wishing you Happiness, Joy and Laughter,
Drew Brown
http://www.ChangingLINKS.com
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

Prev by Date: [ale] Sound Volume Depending on Time of Day?
Next by Date: [ale] Seven Deadly Sins
Previous by thread: [ale] Seven Deadly Sins
Next by thread: [ale] Seven Deadly Sins
Index(es):
- Date
- Thread