- TalkBack 6 of 8:
- Next »
- « Previous
- Thread View
- Flat View
- Oh my...
-
I for one do not commend anyone for doing a good job when they fix XSS vulnerabilities. One should get a good smack for leaving them.
There is not a lot to learn from this. If you ever tampered with XSS and/or SQL-injections you would know just how easy they are to find and fix. Leaving either one is a shame (at least for PHP coders who have a nice set of APIs to prevent them).
I have not touched ASP in a while but I am pretty sure there was no ASP equivalents to addslashes(), htmlspecialchars() and the MySQL APIs from PHP which, contributes to more vulnerable sites that use ASP or at least complicates securing them.
In fact, last Sunday I came across a webdesign company (whose name I am not going to mention) that acted all professional and did not comply with webstandards, was preeching how it is focused on developing websites with Microsoft technologies. I checked out most of the sites they designed and in under 24 hours I have spotted a dozen or so sites that were vulnerable either to SQL injection or cross-site scripting attacks. Other sites could be knocked offline by requests from just a few machines. Only a bank, a telephone company and some other firm did not have vulnerabilities as far as I looked.
C# only addresses htmlspecialchars() with some hugeass-all-important-fancy-looking classes and calls. Microsoft allows incompetent retards to act smart in the market and I guess it makes some people feel important. - Posted by: tty0 Posted on: 05/25/05 You are currently: a Guest | Members login | Terms of Use
Microsoft plugs phishing hole in Xbox site
Loverock Davidson | 05/25/05
|
as they say lovey
Monkey_MCSE | 05/25/05
|
|
Wala
Jeff Spicoli | 05/25/05
|
Too Early
nucrash | 05/26/05
|
|
Yep..
widge_z | 05/25/05
|
|
Oh my...
tty0 | 05/25/05
|
|
You all know what is coming next... TwoCare!
Xunil_Sierutuf | 05/25/05
|
XCare!
Jeff Spicoli | 05/25/05
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
- Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
- Building the Virtualized Enterprise with VMware Infrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Reduce risk. Reduce complexity. Increase reliability.
-
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
- Learn more >>
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- Can your business work smarter? Learn more about Lotus Symphony
- Learn how to work smarter and optimize cost using the IBM Smart SOA approach Download the eBook
- Smarter ways to make smarter products Read the brief from IBM
