Security Is Hard Not Easy - Re: •web site design, or lack thereofby metadoktor (Hermit)
|on Apr 07, 2002 at 23:45 UTC||Need Help??|
I'm shocked. Is this typical? Are people developing "web applications" without paying attention to Bugtraq and CERT notices, or even noticing that something they might be doing might be compromising their customer's security?
I wouldn't be surprised if it was typical. Heck even Microsoft only recently took a month's vacation from writing code to beef up software security.
My view is that security really is a full-time position. There are just too many exploits going on for the average person to keep track of. No wonder people ignore security concerns or are ignorant of them.
Here are some computer security links:
Neohapsis Security Archives (Mirrors Bugtraq and others)
Wietse Venema's Web Site
The Hacker's Choice
"The doktor is in."