Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Re: (OT) Security Rant

by PixelRat (Sexton)
on Dec 05, 2001 at 17:34 UTC ( #129592=note: print w/replies, xml ) Need Help??

in reply to (OT) Security Rant

The fun part of the Crack-my-box-and-win-lots-of-money contests is that often company X just released product Y and then decided to put a contest online. Since Y hasnīt been available before itīs pretty hard to know how the program works. The solution is just to sit back and wait for Y to be available for the public and work with it. This is when the real contest begins ...

Replies are listed 'Best First'.
Re: Re: (OT) Security Rant
by strfry() (Monk) on Dec 05, 2001 at 19:11 UTC

    yes, that's when exploits Z,A,B,C, and D come out, along with CERT advisory E and denial of backdoors in their software (usually referred to as 'F-U'). it's my opinion that the concept is a good one - how better to find security holes in software than hold a contest, and reward the guy (or gal!) who manages to find one (or more)? so maybe if we rant about this flaw in enough places, enough times, something will be done... but i doubt it. ):

    i've said this before (in a joking manner), but seriously i think we really do need a semi-universally accepted FAQ or RFC on security in applications and their enviroment. maybe it wouldn't be the end-all Quick Fix that we'd like to have, but it'd give beginning software developers a common place to look for advice in these matters. as Ovid explained, you can't really be certain that something is completely be secure (well, i know i can't), but you most certainly can do your best and take every measure to ensure that it's as secure as you can possibly get it. this is comparable to locking your door, even though you know someone can break a window - or take a sledgehammer to a wall for that matter (:

    note: if anyone does have a faq or rfc etc like i mentioned above, please send it to the email address shown by this code (this'll get those spam collectors! (: ): perl -e 'print pack("H*", "73747266727940343133303334393732"), "\x0a";' - thanks!


Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://129592]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (5)
As of 2018-06-18 04:34 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (107 votes). Check out past polls.