[ale] Seven Deadly Sins

ChangingLINKS.com x3 at ChangingLINKS.com
Fri Jun 13 01:19:32 EDT 2003


> Too late.  The PHP genie is out of the bottle.  It's FAST, it's EASY,
> and it's suprisingly powerful.  

I agree. With that said, we need to start working on securing PHP (the 
program) instead of scraping it.

I encrypt my data. Is that enough to keep it secure (by itself)?
Probably not. We all know that there are ways to get past encryption.
Bob's logic seems to support simply not writing the data to begin with.
It seems like the majority of hosting companies have PHP running.

Perhaps it is time to have security experts spend more time helping 
programmers correct security flaws. Can I purchase a copy of Bob's book 
(assuming it gives solutions rather than simply pointing out flaws) and send 
it to someone who could use the information to start fixing PHP?
Who would that be? Do they already know the issues? 
Perhaps we could fund some fixes?
-- 
Wishing you Happiness, Joy and Laughter,
Drew Brown
http://www.ChangingLINKS.com
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list