No DNS poisoning at Google (in case of trouble, blame the DNS)

Ken A ka at pacific.net
Thu Jun 28 15:21:26 UTC 2012



On 6/28/2012 6:05 AM, Tei wrote:

> If you use these project that already do 99% of what the customer
> need, plus a 120% the customer not need (and perhaps don't want). The
> code quality will be normally be good, with **horrible** exceptions.
> But sooner or later, (weeks) there will be exploits for this codebase,
> to hack the site in horrible ways.  If the customer don't pay
> maintenance and dont do the maintenance himself  the code will turn
> comically outdated. Hacking the site will be easy for childrens age 5
> and high. Maintenance suck.  This option suck.
>
> All options suck.

That's why there are things like mod_security and other application 
level firewalls. After exploits have CVE numbers, so do the fixes to the 
firewalls. And, due to the cost of custom software, and ease of use of 
push button install Wordpress, this isn't likely to change soon.
It would be nice if WP/Joomla/etc force auto-updated by default, at 
least for sec fixes..
Ken
Pacific.Net




More information about the NANOG mailing list