Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic

Re: Re: Re: Use placeholders. For SECURITY!

by hardburn (Abbot)
on Nov 14, 2003 at 16:12 UTC ( #307085=note: print w/replies, xml ) Need Help??

in reply to Re: Re: Use placeholders. For SECURITY!
in thread Use placeholders. For SECURITY!

My point was that you characterized the act of stealing them as waiting for a good exploit to come along and then finding a poorly secured box that you can target. Which says that for most developers, worrying about it is Someone Else's Problem. It also comforts a lot of people that they are OK because they have a firewall in place.

Ahh, I see what you're saying now. Certainly, just because you have a firewall in front of your database doesn't make you secure. I pointed it out only because an awful lot of places don't have a firewall in place, and often store cleartext CC nums, and there is nothing SSL or anything else client-side can do to change that fact.

SSL doesn't solve your basic problems, but it is an easy thing to do that does solve some that come up.

Agreed. SSL is out there, it works, and it's reasonably easy to set up. I only wanted to point out that well-meaning people have taught Aunt Nellie that if that little padlock shows up at the bottom of the browser, her CC num is secure, when it often isn't. As long as the Internet community already went to all the trouble to get SSL working, we might as well use it. However, it's by far not the weakest link in the chain.

I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
-- Schemer

: () { :|:& };:

Note: All code is untested, unless otherwise stated

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://307085]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (2)
As of 2018-04-22 07:17 GMT
Find Nodes?
    Voting Booth?