No DNS poisoning at Google (in case of trouble, blame the DNS)

• Previous message (by thread): No DNS poisoning at Google (in case of trouble, blame the DNS)
• Next message (by thread): No DNS poisoning at Google (in case of trouble, blame the DNS)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 28 Jun 2012, at 08:05, Tei wrote:

> On 27 June 2012 09:50, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
>> (<troll>specially for a Web site written in
>> PHP</troll>)?
>> 
> 
> We software makers have a problem,  when a customer ask for a
> application, often theres a wen project that already do it ( for the
> most part is a round peg on a round hole). So a natural solution is to
> install this project and customize it to his needs (theme, perhaps
> some programming).  The other option is to create a code from scratch
> (perhaps using a framework).
> 
> If you create the code from scratch, it will be safe.  

	I would challenge this. This is not true unless you follow very strict rules to make your code safe, and even then, you are not completely safe.

> A tree cant get
> a human virus, and a human can't get a tree virus. You are not
> unhackable,  bad practices will byte you on the long term, but you
> don't see exploits made specifically for this custom made code  daily.

	Think about sql injection, they are not only to specific platforms but to general bad programming practices.

<snip the rest, it just … sucks   >

=)

Regards,
as

• Previous message (by thread): No DNS poisoning at Google (in case of trouble, blame the DNS)
• Next message (by thread): No DNS poisoning at Google (in case of trouble, blame the DNS)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]