in reply to
FWIW I don't think there is any bad knowledge and I like these posts because I'm curious about the topic and it's difficult to explore on your (well, my) own. I think this sort of thing is more helpful to devs like me, curious and without much understanding of the security issues, than to would be crackers, script-kiddies, etc. The really bad guys already know what they're doing. The good guys can always use more resources and reminders of how important it is to cover all their bases.