Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...)

• Previous message (by thread): Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...)
• Next message (by thread): Security reporting response handling [was: Suggestions for the future on your web site]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This article may be of interest:

> http://arstechnica.com/security/2013/01/canadian-student-expelled-for-playing-security-white-hat/

Basically, a Montreal student, developping mobile software to interface
with schools system found a bug. Reported it. And when he tested to see
if the bug had been fixed, got caugh and was expelled.

I the context of this thread, they found a vulnerability in the web
site's archutecture that allowed the to access any student's records.

This is the perfect type of incident you can bring to your boss to
justify proper architecture/security for your web site. "How would you
react if it was your company's name in the headline ?"

• Previous message (by thread): Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...)
• Next message (by thread): Security reporting response handling [was: Suggestions for the future on your web site]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]