|I'm shocked. Is this typical? Are people developing "web applications" without paying attention to Bugtraq and CERT notices, or even noticing that something they might be doing might be compromising their customer's security?
I wouldn't be surprised if it was typical. Heck even Microsoft only recently took a month's vacation from writing code to beef up software security.
My view is that security really is a full-time position. There are just too many exploits going on for the average person to keep track of. No wonder people ignore security concerns or are ignorant of them.
Here are some computer security links:
W3 Security FAQ by Lincoln Stein and John Stewart
Secure Programming Checklist by Simson Garfinkel and Gene Spafford
Perl CGI Problems in Phrack Magazine, Vol 9, Issue 55 by Rain Forest Puppy
Neohapsis Security Archives (Mirrors Bugtraq and others)
Provides extensive nearly real-time notifications about current and past exploits on many systems.
Provides notifications on current and past exploits on many systems.
Wietse Venema's Web Site
Contains many software programs like TCP Wrappers, Postfix, etc. and papers on computer security by this well known guru.
The Hacker's Choice
A German-based computer security site by hackers.
"The doktor is in."
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
Outside of code tags, you may need to use entities for some characters:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.
| & || & |
| < || < |
| > || > |
| [ || [ |
| ] || ] ||